The Quantum Clock is Ticking

There is a moment coming that the intelligence community has quietly named Q-Day — the day a quantum computer becomes powerful enough to break the encryption protecting virtually everything we do online. Financial transactions. Government communications. Corporate intellectual property. Military command and control. All of it secured using cryptographic standards that quantum computing will render obsolete.

Most security leaders are aware of Q-Day in the abstract. Very few are acting on it with the urgency it demands. And almost none are grappling with the concept I want to introduce in this series - one I believe is more immediately dangerous than Q-Day itself.

I call it C-Day.

C-Day is the capture day - the moment adversaries shift from opportunistic data theft to strategic, quantum-anticipatory collection. The deliberate, systematic harvest of encrypted data today, stored with patience, waiting for the quantum capability that will eventually decrypt it.

Here is the critical point: C-Day is not a future event. For sophisticated nation-state actors, C-Day has already happened. The breach is silent. The damage is invisible. And the detonator is set.

This is the first in a series of articles I'm writing on quantum computing and its implications for cybersecurity over the next 25 years. My goal is straightforward - to provide a fact-based, analytically grounded perspective on how quantum will reshape the threat landscape, with specific, dated projections I am willing to stand behind. Not hedged speculation. Not vendor positioning. A practitioner's forward-looking assessment, informed by decades in national security, cybersecurity operations, and executive leadership.

Let me start with the foundation.

What Quantum Computing Actually Is

Classical computers - every laptop, server, and smartphone on the planet - process information in binary: ones and zeros, on or off. Every calculation is a sequence of bits in one of two states. A classical bit has no states beyond that binary limit, it must be either a zero or a one. Quantum computers operate on fundamentally different physics by introducing the quantum bit, or qubit, which can exist in a superposition of multiple states simultaneously. Two entangled qubits  (quantum-linked particles that influence each other) can represent four states simultaneously. Four qubits can therefore represent 16 states simultaneously.The processing power scales exponentially with each additional qubit.

For most computational tasks that we perform today, this distinction is academic. Quantum computers are not universally faster than classical machines - they are specifically advantaged for certain categories of problems. One of those categories happens to be the mathematical problems that underpin modern encryption.  We will expand on this in more detail in this series on Quantum.

RSA encryption - the standard protecting the majority of internet communications - derives its security from the computational difficulty of factoring very large numbers. A classical computer factoring a 2048-bit RSA key would require longer than the age of the universe. A sufficiently advanced quantum computer running an algorithm developed by mathematician Peter Shor in 1994 (which has already been proven on smaller calculations) could accomplish it in hours. Possibly minutes, at sufficient scale.

That is Q-Day.

Where We Are on the Timeline

The honest answer is that we do not know precisely when Q-Day arrives - and anyone claiming certainty in either direction is not being straight with you.

What we know with confidence: IBM has deployed processors exceeding 1,000 qubits. Google has demonstrated quantum supremacy for specific computational tasks. IonQ is pursuing commercial quantum computing on a roadmap measured in years, not decades. China's national quantum program - including the Jiuzhang photonic quantum computer - represents a state-level investment that is not constrained by commercial timelines or shareholder expectations.

The standard industry projection puts the timeline for the development of cryptographically relevant quantum capabilities (i.e. a machine capable of breaking RSA-2048 at operational scale)  at somewhere between 7 and 15 years from now. That range comes from credible researchers and institutions resulting in NIST actions to finalize post-quantum cryptographic standards in 2024 and the National Security Agency took it seriously enough to mandate migration timelines for national security systems to adopt the Commercial National Security Algorithm (CNSA) 2.0.

But that 7–15 year estimate was derived largely without accounting for one variable that has changed dramatically in the past three years: artificial intelligence.

AI Is Compressing the Timeline

The hardest unsolved problems in quantum engineering are not theoretical. They are engineering problems like qubit error correction, logic gate fidelity, and qubit stability at scale. These are precisely the categories where the application of AI and machine learning is demonstrating accelerating capability.

Google DeepMind's AlphaQubit model, published in 2024, achieved state-of-the-art quantum error correction through machine learning - outperforming the best human-designed algorithms. This is not an isolated result. AI is being applied across the quantum development stack: optimizing circuit design, accelerating materials discovery for more stable qubit architectures, improving calibration systems that currently require significant manual engineering effort, and more.

The compounding effect of AI-accelerated quantum development is not yet reflected in most public timeline projections. My assessment: the 7–15 year window is an optimistic estimate built on yesterday's assumptions. Organizations and analysts treating 2035 as a safe planning horizon are making a material error. The timeline is moving, and it is not moving in our favor.

C-Day: The Threat Already in Motion

Here is where I want to introduce the framework that will run through this entire series.

The quantum threat is typically framed as a future event - something to prepare for before Q-Day arrives. That framing is dangerously incomplete and ignores the strategic behavior of the adversaries who have the most to gain from quantum capability.

Nation-state actors - particularly China's Ministry of State Security and affiliated advanced persistent threat groups - operate on planning horizons that make most corporate strategic plans look myopic. They do not need quantum capability today to benefit from it. They need collection infrastructure today, and patience.

The doctrine is known in practitioner circles as harvest-now-decrypt-later. I call the moment it becomes systematic and strategic “C-Day” - the capture day. It is my original contribution to this framework, and I introduce it specifically because the existing terminology fails to communicate the strategic significance of the collection moment. Q-Day gets the attention. C-Day is where the actual damage happens and, in fact, may already be happening.

The evidence that C-Day has already occurred is not circumstantial. The Salt Typhoon operation - disclosed in 2024 - revealed Chinese state actors maintained persistent access inside U.S. telecommunications infrastructure for years, in some cases undetected. The 2015 US Office of Personnel Management breach exfiltrated 21.5 million personnel records, including detailed security clearance files with a shelf life measured in decades. The SolarWinds supply-chain attack compromised 18,000 organizations with dwell times measured in months. In each case, the full value of what was collected was not understood at the time of discovery - and in the quantum context, may not be fully understood for another decade.

Those are the known operations. The more significant threat is what I call C-Day Scenario 2: the persistent, low-and-slow collection operations that have never triggered a detection event, never surfaced in a forensic investigation, never appeared in a threat intelligence feed. Silent collection at scale. Patient adversaries building a library of encrypted data that becomes a strategic asset on Q-Day.

The C-Day → Silent Window → Q-Day construct is the framework I will use throughout this series. It is not hypothetical. The Silent Window is active right now. The question for every security leader reading this is not whether Q-Day is coming. It is what was collected on C-Day - and how much collection is still happening at this moment.

The 25-Year Arc

This series will track quantum's impact across a 25-year horizon, divided into five phases.

The Silent War (Now - 2028). C-Day operations active across multiple nation-state actors. AI compressing the quantum development timeline in ways not yet reflected in public consensus. Post-quantum cryptographic standards are available but enterprise adoption is still nascent. The breach is ongoing; but most organizations do not know it.

The Capability Threshold (2028 - 2033). First credible nation-state quantum capability sufficient for targeted attacks on high-value encrypted systems. Not public. Not commercial. But operationally real. Its existence will be inferred from behavior, not by announcement.

The Public Reckoning (2033 - 2038). Commercial quantum capability reaches the demonstration threshold. The C-Day collection operations of the 2020s become the enforcement cases, breach disclosures, and possible litigation of the 2030s.  Consequential exposure of regulated data, intellectual property, damaging information and more could become prevalent. Some of the data will be dated and useless, but often still regulated.  Regulatory frameworks scramble to catch up.

Quantum-Native Architecture (2038 - 2048). Security infrastructure is redesigned from the ground up. The quantum internet begins replacing classical secure communications for critical infrastructure. AI-native, quantum-enhanced detection and response becomes the baseline expectation.

The New Normal (2048+). Quantum capability commoditized. Classical encryption is legacy infrastructure. The threat landscape operates at a fundamentally higher order of complexity than today - with the same dynamic of continuous offense-defense evolution, scaled beyond current imagination.

Each phase carries specific implications for security leaders, boards, and the organizations they are responsible for protecting. I will address each in detail across this series.

The Howard Projection

I want to be direct about something. This series will include specific, dated predictions - not hedged observations, not ranges designed to be unfalsifiable. Predictions I am willing to stand behind and be held accountable to over time. That is the only kind of projection that carries analytical value, the only kind worth publishing.

For this first installment:

By 2027, post-quantum migration will be a federal contractor compliance requirement with enforcement teeth, cascading mandatory timelines into every organization operating within the defense industrial base. Organizations that have not begun will be scrambling to catch up under financial and regulatory pressure rather than strategic choice.

By 2028, at least one nation-state actor - most likely China - will achieve state-classified quantum capability sufficient for targeted attacks on legacy encrypted communications. This will not be publicly disclosed. Its existence will be inferred from how the intelligence community behaves: accelerated migration mandates, changes in classification practices, and the quiet urgency with which federal agencies begin treating post-quantum migration as a national security imperative rather than a compliance exercise.

By 2029, cyber insurance underwriters will begin requiring documented post-quantum cryptographic posture as a condition of coverage for organizations in high-risk sectors. The market will price quantum risk explicitly, and organizations without a documented migration program will feel it in their premiums before they feel it in a breach.

By 2045, classical public-key encryption will be effectively retired from critical infrastructure globally. The organizations that began post-quantum migration before 2030 will have done so on their own terms, with their own timelines, and at manageable cost. Those that waited will have done so under regulatory compulsion - or following a breach that made the decision for them.

The clock is running. C-Day, for many organizations, has already passed. The question now is what you do with the time remaining in the Silent Window.

In the next installment, I will go deep on C-Day - its three scenarios, the adversaries actively operating the doctrine, and why the most dangerous breach in your organization's history may be one you will never detect with classical security tools.

About the Author

Doug Howard is the CEO of Pondurance, an AI-powered managed detection and response firm providing MDR, digital forensics and incident response, and cyber advisory services. He previously served in the U.S. Air Force and held roles at the Pentagon. He writes on cybersecurity, artificial intelligence, and emerging threats at the intersection of national security and enterprise risk.