The rate of progress marks a steep acceleration. Since Peter Shor’s 1994 revelation that quantum computers could theoretically break RSA, resource estimates have plummeted—from one billion qubits in 2012 to just one million today.
Gartner VP Analyst Bart Willemsen warned that “quantum computing will weaken asymmetric cryptography by 2029.” Given that cryptographic upgrades often span multiple years, he urged organizations to begin strategic planning now, especially for infrastructure with hard-coded crypto dependencies. Many developers, he noted, lack deep familiarity with cryptographic libraries and hash functions, making early inventory, performance testing, and system mapping essential to any realistic PQC roadmap.
Enterprise security implications
For security leaders, the research highlights two immediate priorities. First, encrypted communications using RSA or similar algorithms face acute “store now, decrypt later” risks, where intercepted data could be decrypted once quantum computers achieve sufficient scale. Google has implemented NIST-approved ML-KEM across Chrome and internal systems, establishing a benchmark for securing web traffic, VPNs, and messaging platforms.