
Why telcos are viewing quantum safety as a question of trust and business resilience
If communications service providers (CSPs) are to protect their businesses from future quantum security threats, then they will have to identify and deal with data security vulnerabilities beyond their networks.
“We do not only need to look at our networks. We also need to look at all our administration and backend systems, the orchestration systems,” according to Frank de Jong, speaking during an RCR Wireless' Quantum Safe Networks Forum 2026.
“Because … with all the technology we [can] have very nice pipes. But if we make our management systems vulnerable to a quantum attack, then everything's still open. And I think that's one of the other elements that everybody needs to look at, but that the CSP really needs to look at,” emphasized De Jong.
Singtel's Chief Customer Officer, Enterprise, Keith Leong, also stressed the importance of examining the wider security risk of quantum computing in larger terms. “It really requires lots of coordination across network engineering, cyber security, the cloud, the product, the enterprise architecture.”
Quantum computers are a double-edged sword. They promise to solve in a few minutes an equation that would take a classical computer many thousands of years to crack. Within the telecoms sector this would make them useful for computationally intense applications such as as network optimisation.
The flip side is that the same computational power would allow malicious actors to decode the cryptography that protects today’s networks and IT systems, which gives hackers an incentive to “harvest now, decrypt later”.
As Orange Business’ de Jong points out, “the proper bad actors will not let you know that they are harvesting your data. In all reality, you should just assume it's happening, and it has already happened.”
For this reason, he urges that every enterprise “make sure that they have a complete and full understanding of what their data estate looks like. It's very important to know exactly what's your data, how is it stored, where is the stored. How is it encrypted. What are your crown jewels.”
No-one knows for certain when a cryptographically relevant quantum computer (CRQC) will become available. As France’s communications regulator, Arcep, details in a recent report on quantum computing, the development quantum computers still face considerable technical and financial barriers. A survey of 26 academic and industry experts in 2025 for the Global Risk Institute predicted that cryptographically relevant quantum computers (CRQC) are quite possible (28-49%) within the next 10 years, and likely (51-70%) in the next 15. However, there are now indications of accelerating timelines. Google, for example, is bringing forward to 2029 its adoption of quantum-safe cryptographic solutions as the Global Risk Institute notes in a paper published in June.
For now, de Jong advises CSPs and other enterprises to assume that time is not on their side. “You may have 15 years of work, but only three years to do it. So first protect your crown jewels. And if you know how to do it, great. If you do not know how to do it, get help.”
An important step in becoming quantum safe is to gain an understanding of cryptographic dependencies, according to Michael Michele Mosca, Co-Founder and CEO, evolutionQ, also speaking during the RCR Wireless webinar.
“You need to make cryptographic risk management part of enterprise risk management ,” said Mosca. “I really believe there's material risk that we don't migrate critical systems in time. Then it's a business continuity problem. Then it's a control of connected systems problem, an integrity of AI agents problem. Like it's an order of magnitude much bigger business and risk problem than just [harvest] now, decrypt later.”
Brian Daly, AVP Wireless Technology and Standards, AT&T, also framed investment in quantum safety as a “business risk, resilience, and long-term trust discussion, rather than just simply as a cybersecurity issue.”
He pointed out that U.S. government agencies, as well as financial services, healthcare and defense industries “are already asking organizations to demonstrate plans for transitioning to quantum-resistant or post-quantum cryptography encryption. It's no longer theoretical or purely academic concern. It is becoming a practical risk management compliance and resilience.”
Orange is moving as quickly as possible to make sure that all of its services are quantum safe, according to de Jong, and he believes it will become an essential business requirement.
“In a few years from now we will not sell any networks anymore that are not going to be quantum safe,” said de Jong. “More than about revenue, it’s … about making sure that you have a network that is state of the art.”