Hybrid Cloud
Cyber Security & NaaS
AI & Data
IoT & Connectivity
Business Applications
Intelligent Workplace
Consulting & Professional Services
Small Medium Enterprise
Health and Social Care
Industry
Retail
Tourism and Leisure
Transport & Logistics
Energy & Utilities
Banking and Finance
Sports
Smart Cities
Quantum-resistant and resilient cryptography: challenges and strategies for the quantum era
How to prepare for quantum threats and adopt Post-Quantum Cryptography (PQC) technologies in line with current standards
Quantum technologies are advancing at an unprecedented pace, bringing with them new and complex challenges for information security and cyber security. Traditional cryptographic algorithms such as Elliptic Curve Cryptography (ECC) and RSA, widely used to protect sensitive data, could become vulnerable to cyberattacks powered by advanced quantum capabilities.
■ The emergence of quantum technologies not only threatens the mathematical foundations of current cryptographic systems, but also exposes the fragility of entire sociotechnical infrastructures whose security relied on the illusion of computational intractability.
In this context, concepts like Quantum Resistant, Quantum Resilient (cryptography that is resistant and resilient to quantum computing), and Post-Quantum Cryptography (PQC) have become strategic pillars for companies, organizations, governments, and critical industries.
Quantum Resistant: proactive defence strategies against quantum computing
Quantum Resistant refers to algorithms, protocols, or systems specifically designed to withstand cyberattacks leveraging quantum computing. This is a purely technical approach aimed at protecting information even when adversaries deploy algorithms such as:
- Shor’s algorithm, which efficiently factors large integers, breaking RSA and ECC.
- Grover’s algorithm, which accelerates brute-force search attacks, reducing the effective strength of symmetric key algorithms like AES.
Post-Quantum Cryptography: the new standard for data protection
The standardisation and transition to Post-Quantum Cryptography (PQC) involves the deployment of quantum-resistant algorithms that are standardised for practical adoption and implementation.
The goal is to ensure that organisations can migrate from classical cryptography to quantum-secure mechanisms without disrupting operational continuity.
- Provides quantum-secure public-key encryption, digital signatures, and hash-based constructions.
- Maintains compatibility with existing infrastructure, enabling a gradual integration process.
- Aligned with NIST PQC standards, which define evaluation criteria, security levels, and interoperability requirements.
■ In a world where the ability to decrypt state secrets, financial transactions, or critical infrastructure commands could collapse in seconds under quantum algorithms, the distinction between resistance, resilience, and strategic transition is no longer semantic — it’s existential.
Quantum Resilient: beyond resistance, the ability to adapt and recover
While Quantum Resistant focuses on protecting technical capabilities, Quantum Resilient takes a more systemic and organisational view. It means ensuring that businesses can adapt, recover, and continue operating in the face of quantum threats or cyberattacks — even in the presence of unexpected vulnerabilities.
- Quantum risk management through asset classification, threat modelling, and vulnerability assessments specific to quantum threats.
- Strategic transition by planning phased PQC implementation while maintaining operational continuity.
- Continuity and recovery by ensuring mission-critical systems or those supporting essential services remain secure and functional throughout the algorithm migration process.
- Governance and capacity building through specialised workforce development, adoption and adjustment of governance practices and guidelines, and responsible implementation of emerging and disruptive innovation technologies.
■ Quantum security is no longer a technical footnote in cryptographic research — it is the defining frontier between companies that will adapt and thrive in the post-quantum era and those that will face systemic failure under the weight of inevitable technological disruption.
Comprehensive preparation is key to survival
The capabilities of quantum-enabled adversaries are not a distant or purely hypothetical threat — they represent a technological disruption that demands immediate and scalable preparation. Relying solely on quantum-resistant algorithms is not enough if organisations overlook the systemic implications of quantum risks.
Ultimately, the convergence and synergy of these pillars are essential to safeguarding critical infrastructure. Organisations that take action now by investing in PQC migration strategies, risk management, and resilience planning will not only mitigate vulnerabilities introduced by quantum technologies — they will also gain a competitive and strategic edge in terms of trust, reliability, and technological leadership in the digital economy.
Quantum security is critical to avoid systemic failures; relying solely on resistant algorithms is insufficient without addressing systemic risks — but doing so also provides competitive and strategic advantages.
At Telefónica Tech, we propose a strategic approach based on crypto-agility, enabling systems to adapt to new threats without compromising current operations.
■ We invite you to download our guide on Strategic Preparation for Post-Quantum Cryptography and begin the transition towards a resilient cryptographic infrastructure ready for the quantum era.
Photo: NASA / Unsplash.
