Remember Y2K? The widespread panic and people asking, “How do I prepare for it?” From a cybersecurity perspective it was messy, but at least businesses had a defined deadline – midnight, January 1, 2000.

Today, organisations face another potential (and not entirely well-understood) threat: Q-Day. This is the day quantum computers will theoretically become powerful enough to break today’s cryptographic methods, rendering many existing encryption methods obsolete. Or at least, that’s the idea.

Unlike Y2K, Q-Day, whenever and should it ever arrive, has no clear timeline (save some recent predictions made by the UK NCSC), making preparation significantly trickier.

Getting Q-Day ‘just right’

In the famous children’s tale, Goldilocks only achieved her goals when conditions were ‘just right’. The same applies to Q-Day. Preparing too early means adopting immature technologies and standards, potentially increasing vulnerabilities. And waiting too long may leave critical systems exposed to catastrophic breaches.

The key is finding the timing that’s just right. According to the National Cyber Security Centre (NCSC) the timeline for migrating to post-quantum cryptography (PQC) to protect against future threats from quantum computers, has three phases: discovery and planning by 2028, early migration by 2031, and full migration by 2035.

That gives businesses a maximum of six years to plan and prepare to migrate their critical assets, but even with this estimated timeline, the reality is that most businesses are not ready.

So, how do they get there?

PQC or QKD: choosing the practical path to ‘just right’ preparation

A crucial element in planning for organisations is choosing the right cryptographic approach.

Today’s encryption algorithms like RSA and elliptic curve cryptography are not resistant to attacks from quantum computers. They provide security against classical computers but remain vulnerable to quantum algorithms like Shor’s Algorithm, which can be used to quickly break public-key encryption, and Grover’s Algorithm, which accelerates brute-force key searches, effectively halving the security of symmetric encryption methods (though in practice, this is still lots of security).

When it comes to quantum readiness, businesses currently have two options: Quantum key distribution (QKD) and post quantum cryptography (PQC). Of these, PQC reigns supreme. Here’s why.

On the one hand, you have QKD which leverages principles of quantum physics, such as superposition, to securely distribute encryption keys. Although great in theory, it needs extensive new infrastructure, including bespoke networks and highly specialised hardware. More importantly, it also lacks authentication capabilities, severely limiting its practical utility.

PQC, on the other hand, comprises classical cryptographic algorithms specifically designed to withstand quantum attacks. It can be integrated into existing digital infrastructures with minimal disruption.

Think of it as changing the tyres on your car instead of building a whole new motorway: it’s practical, scalable, and cost-effective.

Selecting the right cryptographic method is only one step though. The timing of its deployment is equally crucial.

The Goldilocks Theory: timing is key

Despite the urgency, prematurely deploying quantum-safe algorithms can create significant risk. The National Institute of Standards and Technology (NIST) has published four standards – one for key encapsulation and three for signatures – but these are just for algorithms and primitives. How they should be implemented is also still being defined by bodies like the IETF.

Imagine installing new quantum-safe algorithms prematurely, only to discover later they’re vulnerable, incompatible with emerging standards, or impractical at scale. This could have the opposite effect and could inadvertently increase attack surface and bring severe operational headaches, ironically becoming less secure.

But delaying migration for too long also poses serious risks. Malicious actors could be already harvesting encrypted data, planning to decrypt it when quantum technology matures – so businesses protecting sensitive data such as financial records, personal details, intellectual property cannot afford indefinite delays.

Finding this careful balance – neither too early nor too late – is the essence of the Goldilocks Theory. A calm and measured approach is key to avoiding both panic-driven and complacent reactions.

Why calm matters

In cybersecurity circles, the best ways to prep for Q-Day can seem confusing and can prompt anxiety. Part of making the Goldilocks Theory work is cutting through any hype, confusion or fearmongering.

Much of what is discussed around quantum computing and cryptography can be alarmist, driving premature or misinformed decisions. The truth is that organisations can’t afford to act rashly based on exaggerated threats. Instead, they should separate genuine threats from speculative ones and prioritise actions accordingly.

Quantum threats can sometimes be presented as almost mythical, conjuring images of shadowy supercomputers cracking codes overnight. While dramatic, such portrayals obscure the more measured and practical approach businesses should take.

Understanding the real and practical implications of quantum technology helps organisations maintain a clear, rational perspective and avoid costly knee-jerk reactions. Of course, the threat is there. But it is not imminent. Rationality and informed decision-making should drive preparations.

Preparing today for quantum tomorrow

So how exactly can businesses approach quantum readiness practically?

First, thoroughly audit your IT estate. Identify data and assets vulnerable to quantum threats, especially those reliant on public-key cryptography. Data needing confidentiality long term, like over decades or critical cryptographic signatures requiring long-term validation, must be prioritised.

Second, proactively track emerging PQC standards from authoritative bodies like NIST, which has standardised algorithms such as CRYSTALS-Kyber and CRYSTALS-Dilithium, and ETSI’s Quantum Safe Cryptography Working Group, which focuses on the practical implementation of quantum safe primitives.

Staying up to date ensures readiness at the right moment. Organisations should also watch closely for updates on algorithms that NIST has classified for further research, such as BIKE and Classic McEliece, to stay informed on potential future standards.

And finally, adopt robust cryptographic hygiene today, consider ephemeral per-connection keys, which will limit the exposure to post-quantum threat. 

Calm, clear, and quantum-ready

Ultimately, tackling the quantum threat requires neither fear nor complacency, but proactive calm and clarity.

Like with Y2K, panic doesn’t solve complex challenges – preparation does. Methodically identifying vulnerabilities, tracking standards, and planning strategically ensures businesses aren’t caught unaware or tangled by premature decisions.

Getting the timing right to achieve the perfect balance between action and patience is essential.

Embrace the Goldilocks Theory. It will guide your organisation toward quantum resilience, ensuring you’re ready to face Q-Day calmly, clearly, and confidently.

Kirsty Paine is field CTO and strategic advisor at Splunk.

Read more

The future of quantum computing – what you need to know – Nick Martindale explores the future of quantum computing: how it works, the benefits and the risks that you need to be aware of