By: Sarah Graham
I’ve said it before, I’ll say it again. Quantum computing is coming much faster than the industry expects, and so are the cyber risks that come with it.
The smartest security teams are already planning for “Q-Day.” That’s the day quantum machines become powerful enough to break today’s encryption. It used to feel like a distant, theoretical concern. It is becoming more real, more quickly than most boardrooms are tracking.
And now, CNN is reporting on it.
Let’s celebrate that for a second. The importance of this conversation is finally breaking through to mainstream media!! That is a real moment for everyone working in cybersecurity, post-quantum cryptography, and the PR programs supporting both.
What CNN got right
The piece highlights how governments, researchers, and security leaders are accelerating work on post-quantum cryptography. The current encryption standards we rely on every day, like RSA and ECC, may not hold up in a quantum-enabled future. The urgency for organizations to start preparing now, rather than waiting for the technology to fully mature, is finally being recognized by the industry at large.
This is the kind of coverage PQC has needed for years. Not technical-press deep dives (those have been there). Not academic warnings (those have been there too). Mainstream consumer-facing coverage that puts the question in front of every CEO, CFO, board chair, and policy-maker who reads CNN over coffee.
Why this is an inflection point for cybersecurity companies and PR agencies
For cybersecurity companies, the CNN moment is a signal. The window where “we have a PQC strategy” is a differentiator is wider this week than it was last week. Buyers, regulators, and the broader public are now paying attention to a category that used to live in academic papers and government white papers.
For PR agencies, this moment opens up an imperative and timely conversation with our clients. The brands that get out in front of this story over the next twelve months will own a category that, right now, only a handful of players are publicly claiming.
Here are four takeaways I keep coming back to:
🔸 Post-quantum readiness is becoming a board-level conversation, not just a technical concern. When CNN runs a piece on Q-Day, the board members reading it are going to ask their CISO what the company’s plan is on Monday. Comms teams that can equip their CISO with a clear answer (or help build one) will look like heroes. Teams that get caught flat-footed will not.
🔸 Future-proof security messaging is gaining traction with CISOs and regulators. “Quantum-ready,” “crypto-agile,” and “PQC-compliant” are starting to land as positioning terms in a way they didn’t 18 months ago. NIST set the migration deadline at 2029. Regulators are watching. The brands that own this language now will be the ones quoted in coverage all the way through that deadline.
🔸 There is real value in joining the community helping businesses and people prepare for PQC now, versus waiting for the full quantum risk to arrive. “Harvest now, decrypt later” attacks are real today. Every encrypted record collected this year by a patient adversary is harvestable the moment quantum hits scale. Companies that are part of the conversation about preparation are the ones that will be trusted to lead it.
🔸 PR pros will play a critical role in translating quantum risk into immediate business impact. This is where we earn our spot. The science is complex. The business stakes are simple. The agencies that can take “RSA may not hold up post-quantum” and turn it into “your customer records, your IP, your financial transactions are on a clock” are the ones whose clients will be on the record.
What to do with this moment
The timeline for full quantum disruption remains uncertain. The preparation window has been open for years. The organizations investing early in quantum readiness, and helping their customers do the same, will be the ones that ultimately lead.
If you’re running comms at a cybersecurity company, three questions worth asking yourself this week:
- Does our CISO have a one-paragraph PQC POV ready to share with a reporter who calls? If not, draft one. The next CNN-style piece is coming.
- Have we mapped which of our customers are most quantum-exposed? Some industries (finance, defense, healthcare, critical infrastructure) will be in the first wave of board-level conversations. If we can speak credibly to them, we earn the seat.
- Are we joining the PQC conversation, or watching it? This is one of those categories where being early is durably valuable. Being late is going to be expensive.
The CNN moment is the starting gun. The brands that move now own this story.
Cybersecurity is one of the categories Kickstand has been deep in for years, and the post-quantum conversation is one I’ll keep writing about as it accelerates. Our content hub is the easiest place to follow along.
