From Q-Day To AI Risks: The Cybersecurity Wake-Up Call For Leaders

image

Last year, a article claimed that Chinese scientists used a quantum computer to compromise password-based security systems. This claim was but it served as a wake-up call: Cybersecurity threats, including the coming era of quantum computing, can’t be ignored.

—the leap in quantum computing that will severely weaken much of the world’s current cybersecurity systems—will come eventually. No one knows for sure when Q-Day will occur. It could be five to 10 years away (or further). What we do know, however, is that it will have major implications for security and privacy, causing businesses to need a new cybersecurity approach to keep data secure.

Leaders need to not only begin preparing for future quantum threats now but also ensure their current cybersecurity systems provide adequate protection against equally insidious threats looming large in 2025.

What Are The Big Cybersecurity Threats of 2025?

Although Q-Day isn’t here yet, there are several current cybersecurity concerns leaders need to be aware of this year.

For instance, voice and video manipulation advanced rapidly last year. Cyber criminals can use these powerful forms of social engineering to clone someone’s voice and image, enabling them to solicit sensitive information.

If you’re skeptical, check out ElevenLabs, an AI audio research and deployment company, which can clone a voice with only a few minutes of audio. This of course has many legitimate practical applications, and ElevenLabs has in place, but it’s easy to imagine how voice cloning technology in general can lead to nefarious activity.

Think for a minute of all the work conversations occurring over voice and video. Prior to recent times, if a colleague you knew and trusted asked you to do something over the phone or a video call, you wouldn’t think twice about whether the request really came from that person. Those days are over. We’re used to being suspicious about emails and text messages, but soon face-to-face interactions will be the only wholly trustworthy mode of communication. This is an especially interesting problem for a remote organization like the one I founded 25 years ago.

Cybersecurity experts at my company, Centric Consulting, suggest a layer of non-digital identity verification, such as a verbal password, as remediation against social engineering via voice and video manipulation. It will become increasingly important to verify your identity even in video calls where you can “see” the person you’re talking to.

Another big concern for 2025 is controlling data, security and privacy with the use of AI. Even companies that are attempting (key word, “attempting”) to ban AI at work are exposed to this risk. It’s well documented that employees are going rogue and using AI tools not mandated by their organization. When this happens, companies are at increased risk for having sensitive information input into the AI tool and accessible to a larger audience.

Do I Really Need To Worry About Q-Day Now?

Q-Day isn’t an imminent threat, but leaders can begin preparing for the coming sea of changes in cybersecurity. At a minimum, leaders need to begin paying attention to quantum computing news so they can jump into action at the sign of significant developments. Additional proactive steps to protect organizations against future quantum threats include:

Assess current cybersecurity protocols and risks. To plan for future quantum risks, it’s important to first understand the organization’s existing cybersecurity landscape.

What are the current cryptographic infrastructure and encryption protocols? Where does the critical data live? Are there legacy systems in use that need upgrades or need to be retired? Any system that is no longer being patched or supported needs to be replaced as soon as possible.

Establish a Q-Day steering committee. This steering committee can help your organization stay on top of new developments and perform an audit of sensitive data that Q-Day will impact. The committee should also consider how cybersecurity needs to evolve against quantum computing threats, how to train staff on quantum threat awareness and how to evaluate vendors to ensure data remains secure in a post-Q-Day world.

Keep watch for guidelines from cybersecurity experts. Major cybersecurity organizations such as NIST are already working on publishing guidance and . Review these for useful knowledge for how organizations can remain secure in the event of Q-Day.

Put bluntly, organizations need to take care of security basics and foundations first before worrying about Q-Day. If a company is running outdated, unpatched systems, has failed to keep up with regular penetration testing or doesn’t have a handle on , network assets and data, not only is the organization incredibly vulnerable to current threats, but there’s also no hope for protecting against future quantum threats.

You Need To Strengthen Cybersecurity in 2025

Regardless of when Q-Day occurs, it’s clear that leaders need to prioritize cybersecurity now and into the future. While cybersecurity has always been critical, the stakes are higher than ever. Patching, identity and access management and defenses against social engineering are critical protections against modern and evolving cybersecurity threats.

With AI, organizations have a to protect. AI is also giving cyber criminals more tools to gain trust and access that data. And when Q-Day does arrive, leaders don’t want to discover their organizations have failed to prepare for the next generation of threats.

The best defense against cybersecurity threats is taking action to ensure your organization has strong cybersecurity protocols that follow industry best practices. If cybersecurity protocols are outdated now, they’re only going to get more behind in coming years, and organizations that fail to prioritize cybersecurity in the present will be the most vulnerable once Q-Day occurs.

By shoring up defenses against current threats and planning for Q-Day and beyond, leaders can protect their organizations and stay ahead of emerging issues.

Leave a Comment