Insider Brief
- The 2025 Thales Data Threat Report warns that quantum and AI technologies are reshaping enterprise security risks, with quantum decryption and AI-driven data integrity threats emerging as top concerns.
- A 5,000-qubit quantum computer was used to break 50-bit RSA encryption, signaling real-world progress toward the potential compromise of classical cryptographic systems.
- Nearly 70% of surveyed organizations cited the fast-moving generative AI ecosystem as their top security risk, yet few report implementing significantly improved safeguards.
Last year, a 5,000-qubit quantum computer has successfully attacked a 50-bit RSA encryption key and while that doesn’t make quantum an immediate threat, experts say it demonstrates the theoretical threat of quantum decryption is moving closer to reality.
That is one of several stark warnings from the 2025 Thales Data Threat Report, which places quantum computing risks at the heart of future data protection strategies. As encryption standards face unprecedented challenges from emerging quantum processors and quantum-enabled algorithms, enterprises are under increasing pressure to prepare for what some call “Q-Day” — the point when quantum computers will be capable of breaking widely used classical encryption systems.
The study, based on a global survey of more than 3,100 security and IT professionals across 20 countries, identifies three key quantum threats: eventual decryption of currently protected data, the risk of encryption algorithm compromise, and secure key distribution. Nearly two-thirds of respondents flagged each as high-priority concerns.
While current RSA encryption remains safe from today’s quantum machines, the trajectory is becoming more clear. Shor’s algorithm — a quantum method for factoring large numbers exponentially faster than classical computers — has moved from theory to small-scale demonstrations. In 2024, researchers simulated and validated quantum circuits for such attacks using generative AI transformer models, highlighting the growing interplay between quantum hardware and AI systems.
Most Organizations Are Readying to Withstand Quantum Attacks
In response, the shift toward post-quantum cryptography (PQC) is underway. Three in five respondents said their organizations are prototyping or evaluating new cryptographic algorithms designed to withstand quantum attacks. However, only about one-third expressed confidence in relying on third-party cloud and telecom providers to lead that transition, underscoring a preference for direct control and in-house readiness.
The Thales report also notes that infrastructure changes needed for PQC — from upgraded libraries to new cryptographic hardware — remain a significant operational challenge. Standards bodies are pushing forward: the U.S. National Institute of Standards and Technology (NIST) published a transition guide in late 2024, recommending the deprecation of RSA and ECC encryption by 2030.
AI Is Reshaping Operations Today
As quantum computing looms on the horizon, artificial intelligence — especially generative AI — is already reshaping enterprise operations and security postures. According to the report, one-third of businesses are now in either the “integration” or “transformation” phase of generative AI adoption. Yet the rush to deploy AI tools is creating a parallel set of risks.
Nearly 70% of respondents cited the fast-moving AI ecosystem as the top security risk related to generative AI, according to the Thales report. The concern is not just about data leaks but also about threats to data integrity and trust. AI models, especially large language models, are vulnerable to adversarial attacks that poison training data, embed bias, or manipulate output. These risks are compounded by unclear data provenance and the complexity of hybrid cloud architectures that serve as AI backbones.
Despite the risks, security practices among AI adopters show little divergence from earlier stages of implementation. The report found no significant improvement in data classification, encryption, or compliance metrics among organizations already using AI tools. The urgency to deploy AI solutions appears to be outpacing investments in securing them.
Security tools specific to AI ranked second only to cloud security in terms of spending priority, but only 14% of respondents rated AI-specific tools as effective — a gap that suggests uncertainty about how to address AI risks in practice. Many organizations continue to rely on fragmented systems, with nearly two-thirds using five or more tools for data discovery and more than half managing multiple key encryption platforms.
Thales experts conclude that enterprises are heading into an era where data protection must evolve across both quantum and AI frontiers.
As the report warns, ignoring these parallel transformations — one slow-burning, the other explosively fast — may leave businesses exposed to vulnerabilities they don’t yet fully understand. The call is clear: organizations must unify their security strategies before the future catches up.
