The same cryptographic weaknesses that let AI-powered attackers slip through today will hand tomorrow's quantum computers the keys to everything. Organizations worldwide are exposed to both AI-enabled attacks and delayed cryptographic migration, creating a compounding cyber risk that demands immediate action. The convergence of these two threats means that data stolen today could be decrypted by quantum machines in the near future, a tactic known as 'harvest now, decrypt later.'
For years, cybersecurity experts have warned about the dual threat of artificial intelligence and quantum computing. AI attacks—like deepfake phishing and automated vulnerability scanning—are already exploiting outdated encryption. Meanwhile, quantum computers capable of breaking widely used public-key cryptography (RSA, ECC) are still years away, but the migration to post-quantum algorithms is painfully slow. The result: a widening window of vulnerability where attackers use AI to steal data that quantum computers will later unlock.
The article, published on Forbes Tech Council in June 2026, highlights that many organizations have not updated their cryptographic infrastructure despite clear guidance from the U.S. National Institute of Standards and Technology (NIST). NIST finalized its first set of post-quantum cryptography standards in 2024, yet enterprise adoption remains in single digits. Meanwhile, AI-powered cybercrime has surged. The FBI reported a 300% increase in deepfake-enabled business email compromise attacks in 2025 alone.
Key figures and organizations underscore the urgency. The World Economic Forum has identified quantum decryption as a top-10 global risk by 2030. IBM and Google have demonstrated quantum processors with over 1,000 qubits, and while fault-tolerant machines are not yet here, the trajectory is clear. Security firms like CrowdStrike and Mandiant have documented AI-driven attack tools that adapt in real time, bypassing traditional signature-based defenses. On the defensive side, companies like SandboxAQ and PQShield are offering cryptographic agility platforms, but adoption lags.
Analysis by industry observers suggests that the convergence of AI and quantum threats creates a unique inflection point. "The same weaknesses leave organizations exposed to both," the article notes. This is not just a technology problem—it is a governance and risk management failure. Boards that ignore cryptographic migration are effectively accepting a future data breach. The attack surface is expanding faster than defenses are being deployed, and the window for safe migration is closing.
Looking ahead, milestones to watch include the widespread adoption of NIST's ML-KEM and ML-DSA algorithms, expected to gain traction by 2028. Enterprises must start inventorying cryptographic assets and implementing crypto-agile systems now. Governments are also stepping in: the U.S. Quantum Computing Cybersecurity Preparedness Act and similar EU regulations will mandate post-quantum migration timelines. The message is clear: delay is no longer an option. The organizations that act today will be the ones that survive the quantum decade.
Cybersecurity
↓ Negative
How AI And Quantum Computing Are Rewriting Cyber Risk
The same weaknesses leave organizations exposed to both AI-enabled attacks and delayed cryptographic migration.
Will Conaway, Forbes Councils Member
Forbes
3 min read
8/10
Key Takeaways
- NIST finalized post-quantum cryptography standards (ML-KEM, ML-DSA) in 2024, but enterprise adoption remains below 5% as of mid-2026.
- The FBI reported a 300% increase in deepfake-enabled business email compromise attacks in 2025, exploiting weak cryptographic defenses.
- IBM and Google have quantum processors exceeding 1,000 qubits, with fault-tolerant systems expected by the early 2030s.
- The World Economic Forum lists quantum decryption as a top-10 global risk by 2030, with potential economic damages exceeding $1 trillion.
- Crypto-agile platforms from vendors like SandboxAQ and PQShield are available, yet fewer than 20% of Fortune 500 companies have begun cryptographic inventory.
Frequently Asked Questions
An AI-enabled cyber attack uses artificial intelligence to automate or enhance malicious activities, such as deepfake phishing, adaptive malware, or automated vulnerability scanning. These attacks can bypass traditional defenses by learning and evading detection in real time.
Quantum computers can run Shor's algorithm, which efficiently factors large integers and computes discrete logarithms. This breaks widely used public-key cryptosystems like RSA and ECC, which protect most internet communications today. Once fault-tolerant quantum machines arrive, current encryption will be obsolete.
Harvest now, decrypt later is a strategy where attackers steal encrypted data today and store it until quantum computers become powerful enough to decrypt it. This is a growing threat to long-term secrets like classified documents, health records, and financial data.
Organizations should begin migration immediately. NIST finalized post-quantum standards in 2024, but full migration can take years. Experts recommend starting with cryptographic inventory and adopting crypto-agile systems by 2028 to stay ahead of quantum threats.
NIST's post-quantum cryptography standards include ML-KEM (key encapsulation) and ML-DSA (digital signatures), finalized in 2024. They are designed to resist attacks from both classical and quantum computers, ensuring long-term security.
Companies should inventory all cryptographic assets, adopt crypto-agile systems that can switch algorithms quickly, train staff on AI-driven attack vectors, and implement zero-trust architectures. Regular risk assessments and staying updated on NIST guidelines are also critical.
Original source
www.forbes.com
Discussion
Join the discussion
Sign in to post a comment or reply.
No comments yet. Be the first to share your thoughts!