Skip to main content

Enterprises should consider these practical steps toward Quantum Cyber Readiness

The Quantum Readiness Toolkit, developed by the World Economic Forum in collaboration with Deloitte, provides business and government leaders with actionable guidance on how to kickstart their journey to become Quantum Cyber Ready

Besides their vast positive potential for advanced mathematical modeling and simulation, quantum computers are expected to be able to break data protection measures underpinning the digital economy. Leaders need to act, but often don’t know where to begin. The Quantum Readiness Toolkit, which is based on five key principles, provides practical steps to help them assess their organization’s Quantum Cyber Readiness and identify and prioritize future actions. Future-oriented leaders should be aware: the time to act on quantum risk is today.

Introducing the Quantum Readiness Toolkit

In the future, powerful quantum computers will be able to break some of the cryptographic algorithms used to protect vast amounts of data every day. Mitigating this ‘quantum risk’ will require organizations to implement quantum-secure technologies, a complex and daunting task. Leaders may feel they have time, but hackers may already be harvesting their data to decrypt in the future, and the transition to become Quantum Cyber Ready may take years. To help them with this major transition, Deloitte and the World Economic Forum worked with a global community of specialists to create the Quantum Readiness Toolkit – this Toolkit provides actions for organizations who are prepared to take the next step in Transitioning to a Quantum Secure Economy.

At the core of the Quantum Readiness Toolkit are five key principles. Leaders should keep these in mind as they embark on their quantum-security journey. They cover topics such as how to educate senior leaders and operational teams, how to incorporate quantum risk management in governance structures, and how to successfully select and implement technologies. For each of the principles, the Quantum Readiness Toolkit provides actionable practices and activities leaders can undertake today. Deloitte is already embracing these principles when helping our clients become Quantum Cyber Ready.

Quantum risk is only one of many risks leaders need to consider. Further exacerbating this is that no one knows exactly when quantum computers that can break today’s cryptography will be commercially viable. Consensus is clear, however, that nobody wants to be too late when they start to address it. An important conclusion from the Quantum Readiness Toolkit is therefore that leaders should embed quantum risk in their broader risk management approaches to help them achieve a future-oriented organization that is resilient to emerging risks.

Considerations for kickstarting your Quantum Cyber Readiness journey

To successfully create a Quantum Cyber Ready organization, leaders should consider several points, including:

  • Focus on creating awareness of the need to mitigate quantum risk now. Despite its technical connotation, making organizations Quantum Cyber Ready will remain a people-business. Leaders and teams need to be aware of how Quantum Cyber Readiness can enable an organization to thrive.
  • No single implemented technology can do the trick. Becoming Quantum Cyber Ready and becoming and remaining resilient to today’s and tomorrow’s cryptographic risks will require a cohesive transition leveraging changes in people, governance, and technology. 
  • Act now. Becoming Quantum Cyber Ready will be complex, and unexpected challenges lie ahead. Start now to experiment, learn, and get ahead of the curve when the quantum threat becomes imminent.

Read the full Quantum Readiness Toolkit here. You can also read our perspective on last year’s report Transitioning to a Quantum-Secure Economy here.

“As organizations around the globe formulate their plans to mitigate the cyber risk aspects of quantum computing, these five principles will allow them to chart a course that is in line with the real threat posed by the technology, and consistent with their more general cyber risk management practices.”

Colin Soutar, managing director, Deloitte US

Deloitte refers to one or more of Deloitte Touche Tohmatsu Limited (DTTL), its global network of member firms, and their related entities (collectively, the “Deloitte organization”). DTTL ( also referred to as “Deloitte Global”) and each of its member firms and related entities are legally separate and independent entities, which cannot obligate or bind each other in respect of third parties. DTTL and each DTTL member firm and related entity is liable only for its own acts and omissions, and not those of each other. DTTL does not provide services to clients. Please see to learn more.

This communication contains general information only, and none of Deloitte Touche Tohmatsu Limited (“DTTL”), its global network of member firms or their related entities (collectively, the “Deloitte organization”) is, by means of this communication, rendering professional advice or services. Before making any decision or taking any action that may affect your finances or your business, you should consult a qualified professional adviser. No representations, warranties or undertakings (express or implied) are given as to the accuracy or completeness of the information in this communication, and none of DTTL, its member firms, related entities, employees or agents shall be liable or responsible for any loss or damage whatsoever arising directly or indirectly in connection with any person relying on this communication. DTTL and each of its member firms, and their related entities, are legally separate and independent entities.

© 2023. For information, contact Deloitte Global.

Did you find this useful?

Thanks for your feedback

If you would like to help improve further, please complete a 3-minute survey