筑牢后量子时代未来：量子安全如何增强当下与未来网络韧性

How quantum safety strengthenscyber resilience for today and tomorrow How IBM can help IBM Quantum Safe™ delivers the technology, strategicguidance, and services required to enable end-to-endquantum-safe transformation. By combining advisory,system integration, and operational services, we helporganizations build lasting cryptographic agility andresilience. For more information visithttps://www.ibm.com/services/quantum-safe Contents Foreword. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .3 Introduction. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .4 Section 1The awareness-action disconnect. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10 Section 2Leading together: Governance, collaboration, and skills. . . . . . . . . . . . . .20 Section 3From risk to reward. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .28 Action guide. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .34 Keytakeaways 73% of organizations report thatbusiness and technology leadersare working closely on theirquantum-safe strategy. Quantum computing willfundamentally transform datasecurity, forcing businessesto reimagine their entireapproach to protecting systemsand information. But only 19% of organizations have near-termmaturity goals for their quantum-safe initiatives. The gap between awareness andaction is hampering quantum-safetransformation efforts—as is ascarcity of required skills. Still, readiness scores are higher overall than in 2023. The perspective that quantum safetyis a technology challenge and onethat can be outsourced can lead toa dangerous oversight in terms oforganizational preparedness. 62% of respondents believe vendors will handlequantum-safe transition requirements, while56% continue to view quantum safety as purelya technical issue. The quantum-safe landscape showsa paradox: organizations facingsimilar risks vary in preparedness,while equally responsive organizationsface different challenges. This highlights the need for tailored strategies thatalign organizational risk with response capacity. Foreword Quantum computing is moving from the realm of research into practical capability,with profound implications for the security of our digital world. The potential for thesesystems to break today’s widely used encryption methods is no longer hypothetical.Data of long-term value—secured today with traditional encryption—can alreadybe stolen and stored for future decryption once quantum capabilities mature. In time,virtually all sensitive data will face this risk. The Cloud Security Alliance (CSA) has long raised awareness about this risk,helping the cloud and cybersecurity communities recognize that quantum riskis both a present and future challenge. This is not merely a technical issue; it isa strategic concern for every organization that relies on digital trust to servecustomers, protect intellectual property, and meet regulatory obligations. Meeting this challenge demands more than new algorithms—it requires governance,clear ownership, and coordinated leadership to drive enterprise-wide action.Quantum-safe preparation should be viewed not just as insurance against a distantrisk, but as a capability that delivers business value and transformation—regardlessof when quantum computing matures. Done right, it strengthens data security,improves understanding of cryptographic risks, and builds the organizational muscleto manage complex technology transitions through rigorous governance programs.These benefits are immediate and measurable. This joint report from IBM and CSA examines global quantum-safe readiness andthe gap between awareness and execution. The time to act is now—organizationsembedding governance-driven, quantum-safe principles into their security,transformation, and innovation agendas will be best positioned to safeguard theirdigital foundations in the quantum era. Jim Reavis CEO, Cloud Security Alliance Mark Hughes Global Managing Partner, Cybersecurity Services, IBM Introduction Quantum computing will fundamentally transform data security,forcing businesses to reimagine their entire approach to protectingsystems and information. At the heart of this challenge is cryptography—the science of protecting informationthrough encryption, which ensures that sensitive data remains confidential andunaltered during storage or transmission. Current encryption methods, while robustagainst today’s risks, could be broken by sufficiently powerful quantum computers. Governments are already acting. In 2024, the US National Institute of Standards andTechnology (NIST) published three post-quantum cryptography (PQC) standardsdesigned to withstand quantum-enabled attacks.1These serve as globalbench