← Back to Blog
Post-Quantum CryptographyBanking SecurityAgentic AICloud SecurityAWS

Post-Quantum Security Isn't a 'Someday' Topic for Banks - It's a Today Topic

Notes from a workshop on harvest-now-decrypt-later threats and what banks need to do now

Annie An Dongmei·May 2025·4 min read
No alternative text description for this image

🔐 Quantum computing isn't a 'someday' topic for banks. It's a today topic. Yesterday I spent the day on post-quantum security with a bank and Jonathan Jenkyn, and one idea reframed the room.

The Harvest-Now-Decrypt-Later Threat

⚠️ 'Harvest now, decrypt later' - attackers can capture your encrypted data today and crack it once quantum hardware matures.

For a bank, that means account records, transactions, and customer data that must stay private for decades. The data you're encrypting today might be vulnerable tomorrow - and adversaries are already collecting it.

Three Key Takeaways

Among all the learnings, three ideas stood out:

🔹 It's a today topic, not a 2030 one. Your longest-lived data is your most exposed - and that clock already started ticking. The data you encrypt now needs to stay secure for 20, 30, even 50 years. Quantum adversaries don't need to break it today; they just need to store it.

🔹 Your AI footprint just widened the surface. Every LLM and agentic AI workflow moves sensitive data across the wire - prompts, RAG pipelines, agents calling tools and APIs. Post-quantum readiness and your AI roadmap are woven into each other now. If you're building GenAI systems, you're expanding the attack surface that needs quantum-safe protection.

🔹 Know your shared responsibility. AWS uses ML-KEM (the new NIST standard) in a hybrid handshake - already live in KMS, ACM, and Secrets Manager. Some protections are automatic; others need you to update TLS clients and SDKs. Start with a crypto inventory - you can't migrate what you can't see.

The Planning Starts Today

🙏 Grateful to the bank's security and engineering team for the sharp questions and discussions. These conversations matter.

🚀 This is a multi-year journey - but the planning starts today. The teams starting now will be the calm ones when the timeline tightens.

Is post-quantum readiness on your 2026 security and AI roadmap yet? If you're building agentic AI systems or managing long-lived sensitive data, the time to act is now - not when quantum hardware catches up.

More on AWS's post-quantum approach: AWS Post-Quantum Cryptography Overview.

#AlwaysDay1 #PostQuantumCryptography #CyberSecurity #Banking #AgenticAI #AISecurity #CloudSecurity #AWS

The views and opinions expressed in this post are my own and do not necessarily reflect those of my employer or any organisation I am affiliated with.