As artificial intelligence dominates the headlines, quantum computing is nearing a critical milestone — promising breakthroughs while accelerating the need for quantum-safe security.

Enterprises are moving toward a multi-modal compute spectrum where traditional CPUs, GPUs and quantum processors work in conjunction to solve previously “impossible” problems. While mainstream utility is projected for the 2029-2030 window, the catalyst for executive action is the vulnerability of asymmetric encryption to Shor’s algorithm, according to Mark Hughes (pictured), global managing partner of cybersecurity services at IBM Corp. At its core, quantum computing represents a fundamentally different model of computation.

“Quantum computing is all about how compute is now going to work — not in a binary way, but in a way in which we embrace quantum mechanics to be able to compute in multiple dimensions at once,” Hughes said. “It opens up incredible opportunities.”

Hughes spoke with Dave Vellante at MWC Barcelona, during an exclusive broadcast on theCUBE, SiliconANGLE Media’s livestreaming studio. They discussed the timeline for quantum readiness, quantum-safe “ambient AI” and how IBM is helping enterprises consolidate tools into a unified platform approach. (* Disclosure below.)

Discovery as the first step toward a quantum-safe architecture

For technology leaders, the fear of “store now, decrypt later” attacks is driving a push toward quantum-resistant architectures. But because much of an organization’s encryption is hidden within hardware and deep software stacks, the path to protection begins with a comprehensive discovery phase to identify where vulnerable algorithms reside, Hughes explained.

“The first thing to do is establish, as an executive, what cryptography you actually have running in your organization,” Hughes said. “You have to go through the environment and understand where it is, whether it’s embedded in hardware or software. The initial phase, fairly straightforward, is just a straight discovery exercise.”

Once that discovery is complete, the quantum-safe focus shifts to a strategy of migration and encapsulation. This involves replacing traditional public key infrastructure with the four quantum-resistant algorithms already developed and available today. For deep-stack encryption that cannot be easily replaced, “quantum-resistant shells” can be used to wrap existing services, Hughes noted. This evolution is happening alongside a broader trend of platformization, as enterprises move away from managing dozens of point-solutions from various providers such as Microsoft Corp. to embrace a more cohesive security fabric.

“We recently talked to over 1,000 of our clients, and on average they’re running 80 tools from 34 different vendors,” Hughes noted. “In a world where you have to speed up and become more accurate because the attackers now have the AI and they’re using it to speed up themselves, that complexity just drives slowness and slowness of response.”

From agentic AI to ambient security

While quantum poses a future threat, AI is the current battleground for defenders. The emergence of agentic AI allows security operations centers to move beyond manual intervention for every alert, according to Hughes. By deploying “reflective agents” that monitor the behavior and authority of other autonomous agents, organizations can maintain a zero-trust environment even as machine-to-machine communication scales, he added. But when agents start invoking other agents across systems, organizations must carefully manage the authority and access those systems have.

“With that agency, how do you ensure that you have the right consideration around what levels of access they have and what levels of authority they have to be able to then call on other agents beyond the way in which we just make a simple API call,” Hughes noted. “That becomes much more sophisticated.”

The next phase of this evolution, which Hughes describes as “ambient AI,” focuses on broader orchestration across the enterprise. By ingesting data from large repositories such as Sentinel Lake and applying context-aware agents, organizations can coordinate security outcomes across the entire information technology estate rather than just within the security silo, he noted. As the attack surface expands through new compute modalities, this approach helps ensure defenses remain integrated, adaptive and aligned with emerging quantum-safe security requirements.

“What you’re going to see, at IBM, is we’re going to be launching the next generation of our AI approach to cybersecurity and how we now can really orchestrate outcomes across an enterprise environment,” Hughes explained. “As opposed to making security better, we’re now looking at how we can make that application across the whole estate much better.”

Here’s the complete video interview, part of SiliconANGLE’s and theCUBE’s coverage of MWC Barcelona:

(* Disclosure: IBM sponsored this segment of theCUBE. Neither IBM nor other sponsors have editorial control over content on theCUBE or SiliconANGLE.)

Photo: SiliconANGLE