GSK CISO Warns Quantum Threat to Data Is Already Here

GlaxoSmithKline’s SVP and Global CISO, Michael Elmore, warns that the threat from quantum computing to encrypted data is not distant; adversaries are actively employing “harvest now, decrypt later” strategies to steal information for future exploitation. This poses an immediate risk to industries like healthcare and pharmaceuticals, where sensitive data requires decades of protection, making them prime targets for this evolving attack vector. “For industries like healthcare and pharmaceuticals, where sensitive data must remain protected for decades, waiting is not an option,” Elmore stated. The Quantum. Tech World event on June 25 & 26 will explore how some of the most valuable enterprise data may already be compromised, even if currently unreadable, underscoring the urgent need for a shift toward post-quantum cryptography.

“Harvest Now, Decrypt Later” Accelerates PQC Migration Urgency

This “harvest now, decrypt later” tactic represents a tangible and present threat, shifting the conversation from theoretical risk to immediate cybersecurity concern for organizations managing sensitive information. The Tech World event on June 25 & 26 will explore how valuable enterprise data is potentially already compromised, even if currently unreadable, highlighting the need for immediate action. Experts from organizations including IBM, AT&T, and the National Institute of Standards and Technology will address practical migration strategies and the development of crypto-agile systems capable of adapting to evolving cryptographic standards. Elmore advocates for a multi-year effort focused on cryptographic inventories, prioritizing the protection of high-risk, long-life data, and implementing scalable migration strategies. “Post-quantum security is no longer a future problem we can simply ignore or expect vendors to solve for the enterprise; it’s a resilience challenge that will require a new crypto agility approach for future-proofing your crypto resilience,” he stated, signaling a fundamental change in how organizations approach data security and long-term digital trust.

Michael Elmore, SVP and Global Chief Information Security Officer at GlaxoSmithKline, warns that adversaries are actively collecting encrypted data anticipating future decryption capabilities, a strategy particularly concerning for data with long-term confidentiality requirements. Establishing comprehensive cryptographic inventories is a key initial step, followed by building systems capable of seamlessly integrating evolving algorithms. Industry leaders will convene at Quantum.

Quantum.Tech World: Industry Leaders Align on Post-Quantum Strategy

He warns that organizations are already facing risks from “harvest now, decrypt later” strategies, where encrypted data is collected with the intention of cracking it once quantum computing power matures. This tactic presents a unique challenge for sectors like healthcare and pharmaceuticals, where long-term data confidentiality is paramount, and regulatory requirements demand decades of protection for sensitive information. The urgency of this situation will be a central focus at the Quantum event. Elmore anticipates outlining a practical, multi-year roadmap for enterprises to achieve quantum readiness, stressing the need for a new approach to cryptographic agility to future-proof resilience. The event, drawing over 1,000 senior decision-makers from organizations including IBM, Mastercard, and Boeing, aims to move the conversation beyond theoretical risk and into practical execution, identifying existing vulnerabilities and charting a course toward a quantum-safe future.