I was sitting across from a senior board member at a large enterprise. He is sharp, experienced with decades of business judgment. We were speaking about the quantum threat. He put down his coffee and asked me directly: “Esti, forget the hype for a moment. What should I actually be doing, right now, as a board member?”
It's the right question. The fact that he was asking it, rather than nodding politely and moving on, told me he was already ahead of most.
The quantum conversation has a problem. It oscillates between two extremes: breathless science-fiction on one end, and dense technical jargon on the other. Neither serves the people who need to act. Board members are not cryptographers. They don’t have to be. But they do need to understand enough to ask the right questions of management, and to know whether the answers they're getting are serious ones.
So let me start where most briefings skip: the terminology.
QKD and PQC - two words and two completely different ideas
When quantum security comes up in board presentations, you will almost inevitably hear two acronyms: QKD and PQC. They sound similar, but they are not.
Post-Quantum Cryptography (PQC) is the answer to a software problem. Today's most widely used encryption - the RSA and elliptic-curve algorithms that protect your internet traffic, banking transactions, and digital signatures - relies on mathematical problems that classical computers cannot solve in a reasonable time. A sufficiently powerful quantum computer could crack these problems. PQC replaces them with new mathematical algorithms, specifically designed to be hard for quantum computers to break. It’s important to understand that PQC runs on your existing hardware and existing networks. In 2024, the US National Institute of Standards and Technology (NIST) published the first three finalized PQC standards, after an eight-year global competition. The train has left the station.
Quantum Key Distribution (QKD) is a fundamentally different approach. It does not replace the math. It uses the laws of quantum physics to distribute the keys that lock and unlock encrypted data. QKD sends encryption keys encoded in individual photons. If anyone intercepts these photons, the quantum state changes, and the eavesdropping is detectable. It is a physics-based security guarantee and not a computational one. The catch is that QKD requires dedicated fiber infrastructure or satellite links, works over limited distances without repeaters, and is quite expensive to deploy at scale. It is not a drop-in replacement for how the internet works today.
Here is the practical takeaway for a board member. You can think of PQC as upgrading your locks to ones that a quantum-powered lockpick cannot open. Think of QKD as a physics-enforced courier service for the key itself. Both are important. For most enterprises, PQC is where you can start. It is deployable now, at scale, without new hardware. QKD is a longer-term consideration for the most sensitive, high-value communication links, such as inter-datacenter connections, government communications and critical infrastructures.
The key insight is that they are complementary, not competing. If a vendor tells you that QKD alone is your quantum security strategy, ask harder questions.
The threat is already here, and most boards don't know it
The standard assumption is that Q-Day - the moment a cryptographically relevant quantum computer will be able to break today's encryption - is still several years away. Time will tell. However, this misses the point entirely.
There are two distinct reasons why the time to act is now, and both deserve to be understood clearly by every board.
The first reason is “harvest now, decrypt later”. The bad guys, whom we refer to as adversaries, are already capturing encrypted data. Your company's communications, your intellectual property, your strategic plans, your sensitive contracts. They cannot read them today. They are storing them for the day when they will be able to do so.
If your organization handles data with a long shelf life, such as medical data, legal communications, defense contracts and proprietary research, some of that data may already be compromised in a way you won't know for years.
This threat is active today, regardless of when Q-Day arrives.
The second reason is the migration timeline. A PQC migration is not something you complete over a weekend. Replacing cryptographic infrastructure across an enterprise - across all your systems, vendors, cloud platforms, APIs, legacy middleware, industrial controllers - will take years of methodical work. Google and Cloudflare have both publicly committed to completing their PQC migrations by 2029.
The question every board should be asking management is: what is our timeline? The answer "we are monitoring the situation" is not a plan. It is a risk.
Read together, these two reasons form a single, urgent logic: the window of exposure is accumulating now, and the remedy requires years to deploy.
The board that waits for Q-Day to act will find that the clock had already run out.
What board members should be doing now
You do not need to understand lattice-based cryptography to exercise effective oversight and governance on this issue. Here is what you do need:
Commission a cryptographic inventory. Before your organization can migrate, it must know where its cryptographic exposure lies. This means mapping every system, application, and vendor relationship that relies on public-key cryptography. It is often called a Cryptographic Bill of Materials (CBOM). Without it, you are flying blind. Ask management whether this inventory exists and what it covers.
Demand a quantum readiness roadmap. Not a one-page slide. Ask for a dated, phased plan, identifying high-priority systems, setting migration milestones and assigning ownership. The US government has issued mandates for federal agencies and financial regulators are beginning to follow. Whether or not your regulator has acted yet, migration takes longer than the warning window.
Insist on crypto agility. One of the most important questions to ask your CISO is: can we swap cryptographic algorithms without rewriting our core systems? It matters not only for the transition to PQC today, but because the standards themselves will continue to evolve. This property - crypto agility - is not glamorous. However, it be the difference between an orderly transition and a crisis migration under pressure.
Ask your vendors. Your supply chain is part of your attack surface. If the software platforms, cloud providers, and hardware vendors your organization depends on are not on a PQC roadmap, their vulnerability will eventually become yours. Vendor quantum readiness should be a procurement criterion.
Put it on the agenda. Not as a technology briefing. Regularly, as a risk item. Quantum readiness sits at the intersection of cybersecurity, regulatory compliance, and long-term business continuity. It belongs in the same conversation as climate risk disclosure and AI governance.
Beyond security: quantum as a driver of competitive advantage
Most board-level quantum discussions focus exclusively on the risk. This is necessary, but it is only half the conversation. Quantum computing, as it matures, it is a capability to harness. The organizations that begin building literacy now will be positioned to capture that upside.
This is not a distant horizon. IBM, Google, and a range of well-funded startups are already offering early quantum computing access to enterprise clients. Governments are investing in quantum as strategic infrastructure, not basic research.
What this means for boards is a dual mandate. The defensive posture - PQC migration, crypto agility, vendor readiness - is urgent and non-negotiable. However, boards should also understand where quantum could disrupt your industry or create competitive advantage. The full question the board should ask is “are we protected and are we positioned?”
The Y2K parallel, and why it matters more this time
I have written before about the Y2K analogy, and I return to it because it is still the most instructive one. The reason Y2K did not cause the catastrophe many feared was because organizations took it seriously early enough to act. They inventoried their systems, patched old code, and treated the deadline as real.
The quantum transition is harder. The digital infrastructure we are protecting is vastly larger and more interdependent than what existed in 1999. The migration is more complex. The timeline is not as certain. The bad guys are actively collecting data.
My answer to that board member was: You do not need to understand the physics. You need to understand the urgency, ask the right questions, and refuse to accept “we're monitoring the situation” as a sufficient response.
Quantum readiness is a governance imperative. The boards that ask the right questions today will be the ones still trusted tomorrow.