Quantum security has gone from being a theoretical idea filed away for some unknown future date to an urgent requirement driven by quantum computing advances and government and industry guidance. The thought of nation-state adversaries with a quantum computer that can conduct harvest-now-decrypt later attacks and forge digital signatures makes the threat more real than ever to executives, who have started to ask security leaders, “Are we quantum safe?”
With Q-day estimates now within 10 years and moving ever closer — and with NIST deprecating existing asymmetric algorithm support in 2030 (and disallowing it entirely by 2035), as well as the increasing nation-state threat — what should security leaders be doing now?
Sandy Carielli, VP, Principal Analyst at Forrester Research, joins Business Security Weekly to discuss why technology leaders must work together to prepare for Q-Day. Addressing quantum security requirements is not just a job for the security team. Security, infrastructure, development, emerging tech, risk, and procurement have roles to play in executing a holistic quantum security strategy. Sandy will cover their report, which security leaders should use, to gain executive buy-in and build and execute a quantum security migration plan with stakeholders across the organization.
Segment Resources: https://www.forrester.com/report/technology-leaders-must-work-together-to-prepare-for-q-day/RES191420 https://www.forrester.com/blogs/create-a-cross-functional-q-day-team-or-suffer-a-hard-days-night/
In the leadership and communications segment, The Cybersecurity Reckoning: How CISOs Are Preparing for an Era of AI-Driven Threats and Quantum Disruption, Should I stay or should I go?, Are Legacy Metrics Derailing Your Transformation?, and more!
Sandy advises security and risk professionals on application and product security, with a particular emphasis on the collaboration among security and risk, product management, application development, operations, and business teams. Her research covers topics such as proactive security design, protecting modern and emerging application architectures, protection of applications in production environments, and embedding security throughout the product lifecycle.
Security Weekly listeners save $100 on their RSAC 2026 All Access Pass! RSAC 2026 Conference will take place March 23rd to March 26th in San Francisco. To register using our discount code, please visit securityweekly.com/rsac26 and use the code 56U5SECWEEKLY! We hope to see you there!
Most security conferences talk about threats. Zero Trust World lets you attack them. From March 4th to 6th, 2026 in Orlando, Florida, this hands-on cybersecurity event features live hacking labs where you’ll break real environments, think like an adversary, and learn how attacks really work. You’ll also get expert sessions, real-world case studies, CPE credits, and networking with top practitioners. And yes — the Security Weekly team will be there too. Don’t miss it! Register today at securityweekly.com/ZTW.
Matt Alderman
- The Cybersecurity Reckoning: How CISOs Are Preparing for an Era of AI-Driven Threats and Quantum Disruption
Chief Information Security Officers are preparing for an unprecedented convergence of threats in 2026, including AI-powered attacks, quantum computing risks, and systematic targeting of small businesses. These challenges are forcing fundamental changes in how organizations approach cybersecurity.
- Quantum Computing and Cybersecurity: The Way Forward for a Quantum-Safe Future
The quantum computing ecosystem is evolving rapidly from experimental labs to commercial pathways. Recognizing its transformative potential, governments and major organizations are making significant investments in this emerging sector. In fact, investments in quantum technology grew by 50 percent in 2024 to an all-time high of nearly $2 billion. The sector endeavors to evolve beyond the current Noisy Intermediate-Scale Quantum (NISQ) era to an age of fault-tolerant systems, ultimately reaching the Quantum Advantage — when quantum machines easily outperform classical machines.
- Should I stay or should I go?
Regardless of their experience, cybersecurity leaders may at one point realize they tried it all and the organization is not ready to get in line, so how do you know when it is time to quit?
- How to bake cyber resilience into your startup culture
In their new book, “Unlikely Entrepreneurs: Wins, Losses, and Crucial Lessons on Building Great Companies,” Harvard Business School’s Lou Shipley and MIT Sloan’s Patricia Favreau make the case that founders must assume the role of chief security officer for their startups from day 1.
- Cybersecurity Leadership Development: Building Future Leaders
As cybersecurity becomes a strategic priority for organisations, there is an increasing need for professionals who can lead teams, manage risks, and align security with business objectives. Cybersecurity leadership development prepares individuals for managerial, advisory, and board-level roles.
Leadership in cybersecurity is not limited to technical skills — professionals from non-technical backgrounds, including governance, risk, and compliance (GRC), can rise to leadership positions by developing strategic, managerial, and soft skills. This guide explains the path to cybersecurity leadership, essential skills, and how to grow into a successful leader.
- Are Legacy Metrics Derailing Your Transformation?
As organizations strive to measure the progress of their transformation initiatives, many continue to use the legacy metrics that have served them well in the past—operational KPIs such as utilization, throughput, and quarterly margins. This is a mistake; they should instead be measuring what will make them successful in the future. Project-driven organizations are using new metrics designed to better track value creation in fast-moving environments. These metrics can be made visible in a project-driven dashboard, a live operating system that tracks the real-time health, velocity, and strategic alignment of a transformation portfolio. When performance is measured through project-driven KPIs such as value, alignment, velocity, and team health, leaders gain confidence, trust in the transformation grows, and results follow.
