Lehi, Utah, May 08, 2025 (GLOBE NEWSWIRE) -- DigiCert, a leading global provider of digital trust, today released findings from a new survey that uncovers a significant gap between enterprise awareness of quantum computing threats and actual preparedness. The research shows that while 69% of organizations recognize the risk quantum computing poses to current encryption standards, only 5% have implemented quantum-safe encryption, and 46.4% report that substantial portions of their encrypted data could be compromised.

The findings highlight a critical inflection point: Enterprises know the quantum clock is ticking, yet few have taken meaningful steps to secure their digital future. With encryption underpinning everything from online banking and medical records to smart homes and cloud services, ensuring its strength and resilience is fundamental for protecting sensitive data.

“The quantum era presents both a significant risk and a transformative opportunity as we reach an inflection point for enterprise security,” said Kevin Hilscher, Senior Director of Product Management at DigiCert. “Organizations should already be into the early phases of their quantum readiness plan – starting with asset discovery and  risk assessment, with the ultimate goal of  crypto-agility. The groundwork being laid today will determine which organizations are positioned to maintain trust and resilience when quantum computing becomes a reality. DigiCert is supporting this journey with quantum-safe PKI solutions and frameworks that help enterprises manage complexity and take action with confidence.”

Despite a majority (69%) of organizations believing quantum computers will break current encryption within five years, preparedness remains low: only 38% feel “very prepared” for quantum threats, while 19.2% claim they are “extremely prepared.” 

This gap highlights a clear disconnect—enterprises recognize the threat but are slow to act due to perceived complexity, uncertainty, and believe that quantum computing is still a long way off.  With the largest stores of sensitive data, enterprises are also the most at risk. DigiCert’s research aims to bridge the gap between hype and action, providing clarity and strategy as cryptography evolves. It also points to a broader strategic opportunity: Enterprises can maximize return on investment in Public Key Infrastructure (PKI) by making quantum-readiness a key driver of their current security planning.

“The fact that only 5% of organizations have implemented quantum-safe encryption, despite widespread awareness of the threat, should be a wake-up call,” said Dr. Jim Goodman, CTO at Crypto4A.  “Migrating to post-quantum cryptography isn’t just a software patch—it’s a foundational shift that requires full visibility into your cryptographic environment, upgrades to hardware, migration to quantum-safe roots of trust, and cross-functional coordination. Those already underway are ahead of the curve and better equipped to handle what’s next.”
  

According to the 2025 edition of the book, “Post-Quantum Cryptography for Dummies,” DigiCert recommends four steps for organizations to transition to a quantum-safe security posture:

1. Inventory cryptographic assets. Organizations should first inventory their certificates, algorithms, and other cryptographic assets, prioritize them based on their level of criticality and decide what needs to be upgraded or replaced.
2. Prioritize replacing encryption algorithms for crypto that needs to be trusted for a long time. Examples include roots of trust, eSignatures and long-lived IoT devices.
3. Explore and test the ways your organization incorporates post-quantum cryptography (PQC) algorithms.  Begin testing upgrade paths and interoperability in non-production environments.
4. Become crypto-agile. After completing the inventory, achieving crypto-agility involves asset visibility, establishing methods for deploying encryption technologies and the ability to respond quickly when security issues arise.

By identifying and managing crypto assets now, organizations can position themselves defensively against the threat of post-quantum cyberattacks and lay the foundation for a secure and trusted digital future.

Research methodology
This research was commissioned by DigiCert and conducted independently by Los Angeles-based Propeller Insights, which surveyed 1,042 senior and C-level cybersecurity managers in the United States, the United Kingdom and Australia.

Resources:
Watch: the inaugural World Quantum Readiness Day virtual event
Read the e-Book: Post-Quantum Cryptography for Dummies, DigiCert Special Edition
  
About DigiCert
DigiCert is a leading global provider of digital trust, enabling individuals and businesses to engage online with the confidence that their footprint in the digital world is secure. DigiCert® ONE, the platform for digital trust, provides organizations with centralized visibility and control over a broad range of public and private trust needs, securing websites, enterprise access and communication, software, identity, content and devices. DigiCert pairs its award-winning software with its industry leadership in standards, support and operations, and is the digital trust provider of choice for leading companies around the world. For more information, visit www.digicert.com or follow @digicert.

Christina Knittel
DigiCert
775-209-2461
christina.knittel@digicert.com