Quantum computing threat demands urgent action in Asia Pacific

The advent of quantum computing is poised to upend cybersecurity practices across ANZ & the wider Asia Pacific. This Thursday is World Quantum Readiness Day bringing the issues into centre stage.

Industry experts this warn that current encryption methods, which form the bedrock of data security, are set to become obsolete as quantum computers gain the capability to rapidly decrypt information that modern cybersystems have long relied upon to remain secure. This looming threat combines with the growing complexity of digital supply chains in Asian economies, creating a perfect storm for cyber risk.

Sunny Rao, Senior Vice President of APAC at JFrog, highlights the pace at which Asia’s digital economies are advancing. He points to the proliferation of super apps, fintech solutions, and intelligent manufacturing, all of which rest on increasingly intricate software supply chains.

“Broader attack surfaces and dependency sprawl amplify exposure to package-ecosystem threats, such as the recent worm-style ‘Shai Hulud’ campaign, where we identified an additional 63 malicious packages with our scanners, and the ‘GhostAction’ incident that stole thousands of tokens across GitHub, including PyPI and npm credentials,” Rao explained. These examples underscore how quickly vulnerabilities can propagate through interconnected systems.

In this context, Rao stresses that “artifact integrity is everything.” Organisations need reliable, verifiable assurance that software components remain authentic and unaltered throughout the development and deployment process. “Teams need verifiable proof that what they build and ship is authentic and untampered, policy-driven gates that safely manage progression from build to test to release, and end-to-end visibility across the software supply chain,” he said. Building a unified and trusted certifying infrastructure is seen as essential for scaling digital initiatives securely and remaining prepared for the transformative impact of quantum computing.

The sense of urgency is echoed by Chris Arrasmith, Chief Operating Officer at Unisys, who points to research showing that only 15% of businesses in Australia and New Zealand feel confident in their ability to support the demands of post-quantum cryptography. “The quantum era is rapidly approaching, creating new security threats for Australian businesses. Current cyber encryption relies on mathematical problems that classical computers cannot solve – but quantum computers can crack them in seconds… Cybercriminals are already laying the groundwork to take advantage of this, stealing and storing sensitive data now to decrypt later,” Arrasmith said.

This “store now, decrypt later” strategy by cybercriminals poses a threat to critical institutions, with the risk escalating as quantum computing advances. The research further found that 90% of organisations in Australia and New Zealand take a reactive approach to security rather than proactively adapting to emerging threats. Arrasmith believes that “the convergence of quantum computing, AI and inadequate post-quantum cryptography solutions creates a serious problem for organizations worldwide.” However, he also sees an opportunity for businesses that invest in readiness, pilot new projects, and build strategic capabilities, stressing that time is of the essence.

The effort to address quantum-related cyber threats is as much about organisational strategy as it is about technology. Kevin Bocek, Senior Vice President of Innovation at CyberArk, said, “World Quantum Readiness Day serves as a stark reminder that the future isn’t as far off as we think. We’re in the midst of a once-in-a-generation change that no one can escape: the move to post-quantum cryptography.” Bocek highlights that the transition will particularly impact “machine identities” – the digital certificates and keys underpinning the digital economy. “Machine identities… will inevitably need to be replaced when quantum arrives, and securing these identities will be the linchpin for navigating this transition successfully,” he added.

This transition, Bocek continued, will require organisations to gain visibility into their digital certificate landscape and implement governance and automated lifecycle management. “These investments won’t just prepare organisations for the quantum future; they’ll also strengthen resilience against immediate threats, such as outages and breaches,” he noted.

The consensus among industry experts is clear: the era of quantum computing is set to reshape the cybersecurity landscape. For economies and organisations across Asia Pacific, the challenge is not just technological but strategic – demanding immediate action to secure digital infrastructure and build resilience for an uncertain future.