Information Security

Your Encryption Has an Expiry Date

Adversaries are copying encrypted data today to read it once quantum computers arrive. The US and Germany have set deadlines. What boards must do now.

By Leon Soliman · 2026-06-26 · 2 min read

The Breach That Has Not Finished Yet

Adversaries are intercepting and storing encrypted traffic and files now. They cannot read them yet. The plan does not require them to. When a cryptographically relevant quantum computer exists, the archive collected today is decrypted in retrospect, and the data never has to be stolen a second time. Western intelligence agencies have a name for this pattern: harvest now, decrypt later.

For most operating data, a breach that surfaces in eight years is a manageable problem. For a principal or a family office, the arithmetic is different. Ownership structures, succession plans, transaction terms, and legal positions stay confidential for decades. The shelf life of the secret is longer than the life of the encryption protecting it, and that gap is where the risk now lives.

Two Governments Just Set the Clock

On 22 June 2026 the United States signed Executive Order 14409, Securing the Nation Against Advanced Cryptographic Attacks. It requires federal systems and their contractors to move to post-quantum encryption by the end of 2030 and to post-quantum authentication by the end of 2031. That pulled the previous 2035 target forward by half a decade, which is an unusually direct statement of how short the runway is judged to be.

Germany did not wait for that signal. In February 2026 the BSI declared the end of classical RSA and elliptic-curve encryption, with the same end-2030 horizon for sensitive data. It stated plainly that the recommendation covers every organisation processing data worth protecting, not only public bodies and critical infrastructure. For an owner-led company, that is not a future obligation to monitor. It is current guidance from the national authority.

Crypto-Agility Is the Only Real Answer

The replacement standards already exist. NIST finalised them in 2024 as FIPS 203, 204 and 205, and the hybrid approach the BSI recommends runs them alongside today's encryption so nothing breaks during the change. The mathematics is solved. That is not the part that should worry a board.

The hard part is inventory. Most organisations cannot say where their encryption lives, which vendors control it, or how long a replacement would actually take. Published migration timelines run from several years for a small firm to well over a decade for a large one. A programme that begins after the quantum machine arrives has already failed, because the data it was meant to protect was collected years earlier.

Frequently asked questions

Do I need to act now if quantum computers do not exist yet?

Yes. The harvest-now-decrypt-later model means the risk begins the moment your data is intercepted, not when the quantum machine is switched on. Anything you need to keep confidential past 2030 is already exposed if it travels or is stored under today's encryption.

Is this only a concern for banks and governments?

No. Germany's BSI is explicit that the recommendation applies to any organisation holding data worth protecting. Family offices and owner-led companies often hold the longest-lived secrets of all, which makes them a priority target for data harvesting rather than an exception to it.

Quantum computing has not broken anything yet. The decision in front of you is whether your most durable secrets are guarded by encryption with a known expiry date, and whether you would even know where to begin replacing it.

Post-Quantum Encryption Cybersecurity Risk Management Data Protection