up:: The Threat MOC

Quantum Risk Beyond Cryptography

Quantum risk beyond cryptography is the collection of non-cryptographic risks that quantum technology creates, mainly quantum sensing, quantum communications and networking, quantum-enabled analytics, and the strategic race between nations for quantum capability. These matter for national security, defense planning, and long-run economic competition, and for almost every enterprise security team they sit on a much longer horizon than the one concrete quantum risk that’s already live: a future quantum computer running Shor’s algorithm that breaks the public-key cryptography holding the internet together. This note widens the lens to the rest of the picture, honestly, while keeping first things first.

The short version:

  • The urgent, concrete, actionable quantum risk for a security team is the cryptographic one. A capable quantum computer breaks RSA and elliptic-curve public-key cryptography, and the fix is a real migration to post-quantum cryptography with deadlines already on the calendar.
  • The other quantum risks are genuine, but they’re longer-horizon, mostly military or strategic, and in the case of analytics still largely speculative. None of them is a reason to widen a cryptographic migration program.
  • Quantum sensing is the most tangible of the non-crypto categories. It improves detection, navigation, and timing, and its real weight lands on militaries and national security, through submarine detection and GPS-denied navigation, rather than on enterprise networks.
  • Quantum communications and networking is a capability race and a research frontier. The defensive tool it’s best known for, QKD, is one the major Western agencies steer buyers away from in favor of PQC.
  • Quantum-enabled analytics, meaning a quantum computer giving an adversary a decisive advantage in optimization or machine learning, remains unproven and is not a near-term security threat.

Picture the quantum transition as a coastline. The cryptographic risk is the tide already coming in on your own beach, with a posted schedule and a seawall you have to build in time. The other risks are weather systems far out over the ocean: real, worth tracking, some of them powerful, and none of them a reason to stop building the seawall in front of you. Confusing the far-off weather with the incoming tide is how a program loses focus.

What is quantum risk beyond cryptography?

Quantum risk beyond cryptography is every way quantum technology creates risk that isn’t the breaking of today’s encryption. Quantum information science splits into three technology families, and the U.S. national strategy names them directly: quantum computing, quantum sensing, and quantum networking.

Source: National Quantum Initiative, “National Quantum Strategy” and the strategic documents “Bringing Quantum Sensors to Fruition” (2022) and “A Coordinated Approach to Quantum Networking” (2021), quantum.gov.

The cryptographic threat lives inside the computing family: it’s the one specific consequence of a large quantum computer running Shor’s algorithm. The rest of what quantum technology can do sorts into four categories that this note treats one by one:

  1. Quantum sensing uses quantum states to measure physical quantities like magnetic fields, gravity, acceleration, and time far more precisely than classical instruments. Its risk is a defense and intelligence risk.
  2. Quantum communications and networking covers quantum-native key exchange and the longer-term idea of a quantum internet that links quantum processors. Its risk is a strategic-capability risk, and its most-hyped defensive product carries real limits.
  3. Quantum-enabled analytics is the idea that a quantum computer could give an adversary a decisive edge in optimization, simulation, or machine learning. Its risk is, for now, speculative.
  4. The systemic and strategic dimension is the geopolitical race for quantum capability, treated by governments as a national-security priority in its own right.

The honest framing that holds this whole note together is one of proportion. The cryptographic risk is a scheduled, board-level problem with a defined fix. Everything in this note is a wider-context risk that a well-run security team should understand and keep in perspective, and it changes nothing about the urgency or the shape of a PQC migration.

Why is the cryptographic risk still the one your security team acts on?

The cryptographic risk is the one to act on because it’s the only quantum risk that’s concrete, dated, and already exposing data today. Three things make it different in kind from the rest of the list.

  1. The mechanism is proven. Shor’s algorithm has been published and understood since 1994, and it provably breaks the factoring and discrete-log problems behind RSA, ECC, and Diffie-Hellman. The only missing piece is hardware. Nothing in quantum sensing or quantum analytics has a comparable proven, decisive result against a security control.
  2. The exposure is live now. Through harvest-now-decrypt-later, an adversary can record encrypted traffic today and decrypt it once a machine exists. That makes the cryptographic clock start before the computer is built, which is the logic of Mosca’s theorem.
  3. It has deadlines and a defined fix. NIST IR 8547 deprecates RSA and elliptic-curve cryptography by 2030 and disallows them by 2035, CNSA 2.0 sets a parallel timeline for national-security systems, and the replacement algorithms are already standardized as ML-KEM, ML-DSA, and SLH-DSA.

Source: NIST, “Transition to Post-Quantum Cryptography Standards,” NIST IR 8547 (initial public draft), 2024, nvlpubs.nist.gov.

The rest of this note is context around that center. A security leader reads it to answer the quantum questions a board or a vendor will raise, and to keep the far-horizon items from pulling budget or attention away from the migration that has an actual due date.

What is quantum sensing, and who does it actually threaten?

Quantum sensing is the use of quantum states, such as cold atoms, trapped ions, photons, or nitrogen-vacancy centers in diamond, to measure physical quantities with precision beyond the best classical instruments. It’s the most mature of the non-cryptographic categories, and its consequences are concentrated in the military and intelligence world rather than in enterprise security.

The reason it matters strategically is that better measurement changes what can be hidden and what can navigate. A comprehensive review of quantum technology for military use groups the concrete applications into a few families.

Source: Michal Krelina, “Quantum technology for military applications,” EPJ Quantum Technology 8, 24, 2021, arXiv:2103.12548.

  1. Magnetometry for detection. Extremely sensitive quantum magnetometers can pick up the tiny magnetic disturbances of ferrous objects, which makes them relevant to detecting submarines and sea mines. Superconducting SQUID sensors already do this, and room-temperature atomic-vapor magnetometers are advancing toward field use.
  2. Gravimetry for subsurface imaging. Quantum gravimeters and gravity gradiometers measure tiny variations in gravity, which enables detecting tunnels, bunkers, and other underground structures that classical survey can miss.
  3. Inertial navigation and timing for GPS-denied operations. Cold-atom accelerometers, gyroscopes, and atomic clocks can hold an accurate position and time with very little drift and without any external reference, which matters for submarines, drones, and munitions operating where satellite navigation is jammed or unavailable.

A May 2025 assessment of quantum positioning, navigation, and timing concluded that quantum PNT for submarines, drones, and munitions is reachable within a small number of years rather than decades, which is why defense agencies fund it heavily.

Source: Center for a New American Security, “Atomic Advantage, Accelerating U.S. Quantum Sensing for Next-Generation PNT,” May 2025, cnas.org.

Sobriety cuts the other way on the most cinematic application. Quantum radar, often described in the press as a way to see stealth aircraft, is far weaker in reality than the coverage suggests. The same military review states plainly that long-range surveillance quantum radar is unlikely with existing quantum microwave technology, and that a long-range quantum surveillance radar would cost many orders of magnitude more than a classical one while still falling short.

Source: Michal Krelina, “Military and Security Dimensions of Quantum Technologies, A Primer,” SIPRI, July 2025, sipri.org; Krelina, EPJ Quantum Technology 8, 24, 2021, arXiv:2103.12548.

For a corporate security team, quantum sensing changes almost nothing about the near-term job. It’s a national-security and defense-planning concern, and it belongs in this note as context, not as a control to implement.

What is the quantum communications and networking risk?

Quantum communications and networking is the use of quantum states to move information between locations, and it splits into a defensive tool that exists today and a research frontier that mostly doesn’t. Neither is an attack surface bearing down on enterprises.

The tool that exists is quantum key distribution, which shares an encryption key over a dedicated optical link so that any eavesdropper disturbs the quantum states and gets noticed. It’s often marketed as the answer to the quantum threat, and the major Western security agencies disagree with that marketing in unusually direct language. The U.S. National Security Agency states that it does not recommend QKD for securing national-security systems and lists concrete limitations, including that QKD provides no authentication and requires special-purpose hardware.

Source: NSA, “Quantum Key Distribution (QKD) and Quantum Cryptography (QC),” Cybersecurity guidance, nsa.gov.

The UK’s National Cyber Security Centre reaches the same conclusion and puts it in one sentence.

Source: NCSC, “Quantum security technologies,” 5 August 2025, ncsc.gov.uk.

The NCSC will not support the use of QKD for government or military applications. PQC is the best mitigation to the threat to cryptography from quantum computers.

The reasons are physical and hard to engineer away. QKD does no authentication, so it always needs a classical or PQC layer alongside it to prove who’s on the other end. It runs over dedicated fiber or line-of-sight optics, it caps out around 100 to a few hundred kilometers per link, and spanning longer distances today means chaining trusted relay nodes that hold the key in the clear at each junction. The Field Guide covers this defensive category in depth under quantum-native security.

The research frontier is the longer-term quantum internet, meaning networks that distribute entanglement to link quantum processors for distributed computation, blind computing, and networked sensing. U.S. strategy treats this as a coordinated national effort, which tells you it’s a capability race between nations rather than a product a security team buys.

Source: National Quantum Coordination Office, “A Coordinated Approach to Quantum Networking Research,” 2021, quantum.gov.

The honest read on this whole category is that quantum networking is a strategic and scientific frontier. For the quantum threat to your own cryptography, the consensus answer from NSA, NCSC, and their peers points back to standardized PQC.

Can quantum computers give an adversary an analytics advantage today?

No. The idea that a quantum computer could hand an adversary a decisive edge in optimization, simulation, or machine learning is real as a research direction and unproven as a near-term risk. This is the most speculative category in this note, and it deserves the plainest sobriety.

Start with the machine. The U.S. National Academies, in its 2019 technical assessment, put a hard finding on the record about the timeline for the one application that’s actually proven.

Source: National Academies of Sciences, Engineering, and Medicine, “Quantum Computing, Progress and Prospects,” 2019, nap.nationalacademies.org.

Given the current state of quantum computing and recent rates of progress, it is highly unexpected that a quantum computer that can compromise RSA 2048 or comparable discrete logarithm-based public key cryptosystems will be built within the next decade.

The same report found that for today’s noisy intermediate-scale machines, no known algorithm yet delivers a practical commercial advantage, which is why usable near-term applications remain an open research question rather than a fielded capability.

Machine learning is where the hype runs furthest ahead of the evidence. A quantum advantage for the machine-learning problems people actually care about has not been demonstrated. For classical data of the kind found in real business or intelligence settings there’s no known provable quantum speedup, and in several cases a claimed quantum advantage has been erased when researchers found an equally fast classical method, a result called dequantization.

Source: Maria Schuld and Nathan Killoran, “Is quantum advantage the right goal for quantum machine learning?” PRX Quantum 3, 030101, 2022, arXiv:2203.01340.

The likeliest first genuine payoff from quantum computing is in simulating quantum systems themselves, meaning chemistry and materials science, which is a scientific and economic upside rather than a threat to enterprise security. Treating quantum analytics as a live risk to defensive controls gets the maturity badly wrong. The proven, decisive quantum result against security is Shor’s against public-key cryptography, and that keeps the focus where it belongs.

What is the systemic and strategic dimension of quantum risk?

The systemic and strategic dimension is the geopolitical and economic race for quantum capability, and governments treat it as a national-security priority on its own terms. The risk here is a competitiveness and concentration risk rather than a security-control failure. Whoever reaches key quantum milestones first gains advantages in intelligence, defense, and industry, and that dynamic drives national strategy.

The United States codified this in the National Quantum Initiative Act of 2018, which calls for a coordinated federal program to accelerate quantum research for economic and national security, and it has repeatedly reaffirmed the priority since.

Source: National Quantum Initiative Act, Public Law 115-368 (2018), and the National Quantum Initiative program, quantum.gov.

In June 2026 the White House issued executive orders on quantum, one aimed at accelerating quantum innovation and one aimed at securing the nation against advanced cryptographic attacks, and directed an update to the National Quantum Strategy. The two orders together capture the shape of the whole field: an offensive-capability race running in parallel with the defensive cryptographic migration.

Source: The White House, “Ushering in the Next Frontier of Quantum Innovation,” presidential actions, June 2026, whitehouse.gov.

For a security leader, the strategic dimension shows up indirectly. It shapes export controls, supply-chain policy, research funding, and the threat environment that HNDL harvesting sits inside, because a well-resourced state adversary is exactly the actor with the patience to record traffic now and decrypt it later. It’s context for why the cryptographic deadlines exist, and it isn’t a separate control to implement.

A sober map of the four categories

Here’s the whole picture in one view, with each category placed against the only question a security team really needs answered about it.

CategoryThe quantum capabilityWho it primarily affectsMaturity and horizonDoes it change enterprise security posture today?
Cryptanalysis (the core threat, for contrast)Shor’s breaks RSA and ECC public-key cryptographyEvery organization using public-key cryptoMachine years away, but HNDL exposure is live nowYes, this is the scheduled, board-level migration
Quantum sensingUltra-precise measurement of magnetic fields, gravity, acceleration, and timeMilitaries and intelligence servicesSome applications reachable in a few years; PNT advancing fastestNo, it’s a defense and national-security matter
Quantum communications and networkingQuantum-native key exchange (QKD) and the longer-term quantum internetNation-states and specialized high-assurance linksQKD fielded but niche; quantum internet is early researchNo, agencies point buyers to PQC instead
Quantum-enabled analyticsClaimed advantage in optimization, simulation, and machine learningUncertain; science and economics firstSpeculative; no proven real-world advantage yetNo, it’s unproven and not a near-term risk
Systemic and strategicThe national race for quantum capabilityGovernments, industry, the broader economyOngoing, decade-scaleIndirectly, through policy and the threat environment

Sources: NIST IR 8547 (initial public draft), 2024, nvlpubs.nist.gov. Krelina, EPJ Quantum Technology 8, 24, 2021, arXiv:2103.12548; CNAS, “Atomic Advantage,” May 2025, cnas.org. NSA QKD guidance, nsa.gov; NCSC, “Quantum security technologies,” 2025, ncsc.gov.uk. National Academies, “Quantum Computing, Progress and Prospects,” 2019, nap.nationalacademies.org.

How should you weigh these against the cryptographic risk?

You weigh them by maturity and by whether the risk touches a control you actually operate. Run each category through two questions: is the capability proven and dated, and does it threaten something my organization defends? Only cryptanalysis answers yes to both.

That sorting keeps a program honest in two directions at once. It stops a security team from ignoring quantum entirely because “the computer isn’t here,” since the cryptographic exposure is already live through harvesting. And it stops the opposite error, where a vendor or a headline about quantum radar or a quantum internet gets used to inflate a migration’s scope or urgency past what the evidence supports. The categories in this note are worth understanding precisely so they can be held in proportion, which is the whole point of widening the lens without losing the center.

Has a capability scare outrun the evidence before?

Yes, and the clearest example sits in the intelligence history this field grew out of. In the late 1950s U.S. intelligence estimates warned of a “missile gap,” projecting that the Soviet Union would field on the order of 100 or more intercontinental ballistic missiles by the early 1960s and open a decisive lead. The estimate drove real budget and real strategy.

The evidence told a quieter story. U-2 reconnaissance flights from 1956 onward, and then CORONA satellite imagery, gave the Eisenhower administration increasingly hard proof that the Soviet force was tiny, and later declassified material showed the USSR had only a handful of operational ICBMs at the moment the gap was most loudly feared. The gap was largely illusory.

Source: U.S. National Intelligence Estimate 11-10-57 (December 1957) and subsequent estimates, declassified and released by the CIA (2011), CIA FOIA reading room, cia.gov.

The lesson carries straight over. A capability can be strategically important, worth tracking, and still be years less advanced than the coverage claims. Quantum sensing, quantum networking, and quantum analytics each deserve attention on their merits, measured against the evidence rather than the hype, while the one quantum development with a proven mechanism and a posted deadline gets acted on first.

Common misconceptions

  • “Quantum threatens every layer of my security stack equally.” The proven, decisive quantum result against a security control is Shor’s algorithm against public-key cryptography. Quantum sensing, networking, and analytics are real technologies with real consequences, and none of them breaks an enterprise control the way Shor’s breaks RSA.
  • “Quantum sensing means adversaries can already see through everything.” Magnetometry and gravimetry are genuinely powerful for submarine and subsurface detection, yet the most cinematic claim, seeing stealth aircraft with quantum radar at long range, is judged unlikely with today’s technology and would be extraordinarily expensive.
  • “Quantum computers will soon out-think classical ones on ordinary data problems.” For the machine-learning and optimization problems businesses care about there’s no demonstrated quantum advantage, and several early claims collapsed under dequantization when a classical method matched them.
  • “QKD is the real answer to the quantum threat.” NSA and NCSC steer buyers away from QKD toward PQC for general use, because QKD provides no authentication, needs dedicated hardware, and doesn’t scale like software.
  • “The strategic quantum race is a government problem with no bearing on me.” It shapes export controls, funding, and the threat environment, and a patient state adversary is precisely the actor running harvest-now-decrypt-later collection against long-lived secrets.
  • “Because these other risks exist, my PQC migration should get bigger.” The non-cryptographic categories change nothing about migration scope. The migration is defined by where quantum-vulnerable algorithms live in your estate, and widening it on the strength of quantum sensing or a future quantum internet misreads the risk.

Questions people ask

Is quantum sensing a threat to my company’s data? Not in any direct way. Quantum sensing improves physical measurement for detection, navigation, and timing, and its weight lands on military and intelligence capability. It doesn’t attack encryption, networks, or data at rest, so it belongs in a security leader’s general awareness rather than in a control plan.

Should I deploy QKD to protect against quantum computers? For general enterprise use the guidance from NSA and the UK’s NCSC points the other way, toward standardized PQC. QKD provides no authentication on its own, needs dedicated optical hardware, is distance-limited, and relies on trusted relay nodes over longer spans, which is why the agencies reserve it for a few extreme-assurance settings.

Could a quantum computer break my security through machine learning instead of Shor’s algorithm? There’s no evidence for that today. Quantum machine learning has shown no proven real-world advantage on the data problems that matter, and the one proven, decisive quantum attack on a security control is Shor’s against public-key cryptography. Planning should track the proven mechanism.

How far off is quantum sensing compared to a code-breaking quantum computer? Some quantum sensing is closer to fielding than a cryptographically relevant quantum computer, with positioning and navigation assessed as reachable within a few years. That nearness is a defense matter, and it doesn’t move the cryptographic timeline, which runs on NIST IR 8547’s 2030 and 2035 dates.

Does the quantum internet change how I should secure my network? Not today. The quantum internet is early-stage research into linking quantum processors by distributing entanglement, and it isn’t a product or an attack surface for ordinary networks. The relevant guidance for securing your traffic against the quantum threat remains the PQC migration.

If these risks are longer-horizon, why learn about them at all? Because boards, vendors, and reporters raise them, and a security leader has to place them accurately. Understanding quantum sensing, networking, and analytics lets you keep them in proportion, which protects the credibility and the focus of the cryptographic migration that does have a deadline.

What’s the single most important quantum risk to act on? The cryptographic one. A future quantum computer breaks the public-key cryptography behind TLS, certificates, and secure key exchange, harvested data is exposed retroactively, and the migration to PQC takes years, so Mosca’s arithmetic can already be true for your most sensitive data.


Everything here is the map, given freely. When your team needs the quantum threat turned into a risk picture built for your own systems, data lifetimes, and deadline, that’s the work I do, and there’s an alignment briefing for it.

Last verified 2026-07-09 · Maintained by Addie LaMarr, LaMarr Labs.