GSK CISO says quantum threat is already here for enterprise security

By AI, Created 4:58 PM UTC, May 18, 2026, /AGP/ – GSK’s global chief information security officer is warning that enterprises need to start post-quantum cryptography migration now, not later, as “harvest now, decrypt later” attacks and advancing quantum capabilities raise the risk to long-lived sensitive data. The message will be a major theme at Quantum.Tech World 2026 in June, where leaders from IBM, AT&T, NIST and others will discuss practical migration strategies.

Why it matters: - Quantum computing could eventually break widely used encryption that protects enterprise, healthcare and government data today. - Sensitive information with long shelf lives, including intellectual property, clinical trial records and patient data, faces the biggest risk. - Delayed migration to post-quantum cryptography could leave organizations exposed for years.

What happened: - Michael Elmore, SVP and Global Chief Information Security Officer at GlaxoSmithKline, said organizations that wait to act on quantum threats risk falling behind as the technology advances. - Elmore said post-quantum security is now a resilience challenge, not a future issue vendors can solve for enterprises. - His warning will be a focus at Quantum.Tech World, which takes place June 25-26.

The details: - Adversaries are already using “harvest now, decrypt later” tactics, collecting encrypted data now and planning to decrypt it later. - Elmore said a practical enterprise roadmap should start with cryptographic inventories to show where encryption is used. - He said organizations need crypto-agile systems that can adapt to new standards without major disruption. - He said firms should prioritize the protection of high-risk, long-life data. - He also called for phased, scalable migration strategies. - The GSK CISO said industries such as healthcare and pharmaceuticals cannot afford to wait because their data must stay protected for decades. - The release says global encryption standards are approaching obsolescence. - The release says post-quantum migration will take years and must begin immediately.

Between the lines: - The message is broader than one company’s security roadmap. - The source positions quantum risk as an industry-wide shift already affecting enterprise planning, standards work and infrastructure design. - The emphasis on crypto agility suggests organizations will need to treat encryption as a living system, not a one-time upgrade.

What’s next: - Elmore is expected to outline a roadmap for enterprise readiness at Quantum.Tech World 2026. - IBM’s Jai Arun will discuss quantum-safe security and crypto-agility in enterprise systems. - AT&T’s Rich Baich will address quantum networks and secure next-generation communications. - NIST’s Lily Chen will lead discussions on post-quantum cryptography standards and migration strategies. - Rajesh Patil and Steven Menges from enQase will join those discussions on moving organizations to quantum-safe systems. - Quantum.Tech World 2026 will also bring together leaders from IBM, AT&T, GSK, Mastercard, ExxonMobil, BMO, Boeing, Lockheed Martin, Verizon, Roche, AbbVie, Moderna and others, plus government agencies, national laboratories and research institutions. - The event says it will convene 1,000+ senior decision-makers, 150+ speakers and all 17 U.S. Department of Energy National Laboratories. - Attendees are expected to focus on post-quantum migration, crypto-agility, remaining vulnerabilities and the convergence of quantum, AI and high-performance computing.

The bottom line: - Enterprises that treat quantum security as a future problem risk being late to a migration that already needs to start now.