Home/Learn/Quantum
Quantum

Harvest now, decrypt later: what the quantum threat means for Southwest Florida businesses

Attackers are collecting encrypted data today to decrypt once quantum computers mature. If your Naples firm holds records that must stay private for years, the clock is already running.

8 min read·Updated 2026-07-01·7 sources

What is harvest now, decrypt later?

Harvest now, decrypt later is an attack in which an adversary steals encrypted data today, stores it, and waits for a future quantum computer capable of breaking the encryption. The data does not need to be readable now. It only needs to still be sensitive when the decryption capability arrives.

This reframes a hard truth for any Southwest Florida business holding long-lived records. The confidentiality of data you encrypt in 2026 depends not only on today's cryptography but on how long that data must stay secret and when a quantum computer that can break RSA or elliptic-curve encryption actually arrives.

Already underway
US and allied intelligence agencies have publicly warned that nation-state actors are conducting harvest-now-decrypt-later collection against encrypted data today
Cloud Security Alliance, 2025 ↗

The threat is not science fiction and it is not only a government problem. Any organization whose data has a long secrecy shelf life is exposed, because the harvesting can happen years before the decryption. Learn how a verifiable AI and quantum security program maps this risk for your specific data.

Why does NIST post-quantum cryptography matter right now?

NIST post-quantum cryptography matters now because the defensive standards are finalized and deployable, while the offensive capability is still emerging. On August 13, 2024, NIST published its first three post-quantum standards. Waiting for a quantum computer to appear before you migrate means your already-harvested data is decrypted before you act.

August 13, 2024
NIST published FIPS 203, FIPS 204 and FIPS 205, its first finalized post-quantum cryptography standards
NIST / Federal Register, 2024 ↗

The three standards cover the two functions quantum computers threaten. FIPS 203 specifies ML-KEM, a module-lattice key-encapsulation mechanism for secure key exchange that replaces RSA and ECDH. FIPS 204 specifies ML-DSA, a lattice-based digital signature scheme. FIPS 205 specifies SLH-DSA, a stateless hash-based signature scheme whose security rests only on hash functions.

  • FIPS 203 (ML-KEM): quantum-resistant key exchange, based on CRYSTALS-Kyber, to replace RSA and elliptic-curve key agreement.
  • FIPS 204 (ML-DSA): the primary digital signature standard, based on CRYSTALS-Dilithium, for authentication and integrity.
  • FIPS 205 (SLH-DSA): a hash-based signature backup, based on SPHINCS+, that relies on different math for defense in depth.
The defensive standards are finished. The offensive capability is still coming. That gap is the window to act in.

These are not drafts or proposals. They are the algorithms federal systems and major vendors are already deploying. Our post-quantum migration approach is built on these finalized standards rather than experimental ciphers.

How soon could quantum computers break today's encryption?

No one can name the exact year a cryptographically relevant quantum computer arrives, and honest analysis avoids a fixed date. But you do not need a date to make a decision. The relevant question is whether your data will still be sensitive when that machine exists, and government timelines already assume it is close enough to plan around.

2030 to 2033
NSA's CNSA 2.0 timeline requires national security systems to complete their move to post-quantum algorithms, with new acquisitions using them by 2027
NSA / Entrust analysis, 2024 ↗

The NSA cited harvest now, decrypt later as a primary driver of urgency behind CNSA 2.0. If the US government treats 2030 to 2033 as its migration deadline, a private firm holding records that must stay confidential into the 2040s cannot reasonably assume it has more slack than the agencies do.

The practical test is Mosca's inequality, defined by cryptographer Michele Mosca in 2015. Add X, the number of years your data must stay secret, to Y, the years your migration will take. If X plus Y is greater than Z, the years until a quantum computer can break today's encryption, you are already exposed and should be migrating now.

X + Y > Z
Mosca's inequality: if data shelf life plus migration time exceeds the years until a capable quantum computer, you are already too late to protect that data
Michele Mosca, 2015 ↗

Which Southwest Florida businesses are most exposed?

The businesses most exposed are those whose data must stay confidential for years or decades. In Naples and Southwest Florida that means legal, medical, financial, and title firms. Their records combine high sensitivity with long mandated retention, which is exactly the profile harvest-now-decrypt-later attackers target.

5 to 7 years
Florida requires physicians to retain medical records for at least five years after last patient contact and hospitals for seven years, and much health data stays sensitive far longer
HIPAA Journal / state retention summary, 2026 ↗

Consider a title company or real estate closing firm along the Gulf coast. A 30-year mortgage file encrypted today with RSA-2048 stays sensitive for three decades. If a capable quantum computer arrives even around 2030, a file harvested this year still has more than two decades of exposed confidentiality left.

  • Law firms: privileged client files, litigation records, and estate documents that must stay confidential for years or permanently.
  • Medical and dental practices: protected health information with multi-year Florida retention requirements and lifelong patient sensitivity.
  • Financial advisors, wealth managers and banks: account records, tax data, and long-term financial plans.
  • Title, escrow and real estate closing firms: identity documents, wire instructions, and multi-decade mortgage files.

If your firm handles any of these categories, harvest now, decrypt later is a risk on your books today, not a future one. Our enterprise security program is designed around exactly these long-retention data profiles.

What should a business do about long-shelf-life data now?

The first step is not to rip out your cryptography. It is to build a cryptographic inventory: know where your most sensitive, longest-lived data lives, how it is encrypted, and how long it must stay secret. CISA, NSA, and NIST identify this inventory as the foundation of any credible quantum-readiness roadmap.

Inventory first
CISA, NSA and NIST jointly advise organizations to inventory where quantum-vulnerable cryptography protects sensitive data, estimate how long that data must stay protected, and feed it into risk assessment
CISA, NSA, NIST, 2023 ↗

The reassuring news is that the transport layer is already moving. Cloudflare has deployed a hybrid key agreement combining ML-KEM with classical X25519, so protection does not depend on a single unproven algorithm. As of mid-September 2025, a large share of human web traffic to Cloudflare was already using post-quantum key agreement.

About 43%
Share of human-generated connections to Cloudflare already protected by hybrid post-quantum key agreement as of mid-September 2025
Cloudflare, 2025 ↗

A sound plan combines that edge protection with a data-level roadmap: identify your long-lived crown jewels, apply post-quantum or hybrid encryption where the shelf life demands it, and keep a verifiable record of what was protected and when. See how we run this at the Cloudflare edge and pair it with AI governance so both your data and your AI systems are covered. When you are ready to map your exposure, contact our Naples team.

FAQ

Quantum — common questions

Is my data really at risk if quantum computers do not exist yet?
Yes, if your data must stay confidential for years. The core of the harvest-now-decrypt-later threat is timing. An attacker can steal your encrypted data today and simply store it until a quantum computer capable of breaking RSA or elliptic-curve encryption arrives. US and allied intelligence agencies have publicly warned this collection is already happening. So the question is not whether a quantum computer exists this minute, but whether your data will still be sensitive when one does. For a 30-year mortgage file, a decade-long medical record, or a privileged legal document, the answer is almost certainly yes, which means the data you encrypt now is part of the exposure.
What are FIPS 203, 204, and 205?
They are the first finalized post-quantum cryptography standards, published by NIST on August 13, 2024. FIPS 203 specifies ML-KEM, a key-encapsulation mechanism for secure key exchange that is designed to replace RSA and elliptic-curve key agreement. FIPS 204 specifies ML-DSA, the primary digital signature standard for authentication and integrity. FIPS 205 specifies SLH-DSA, a hash-based signature scheme that relies on different underlying math for defense in depth. Together they cover the two cryptographic functions a large quantum computer would threaten: key exchange and digital signatures. These are production standards that federal systems and major vendors such as Cloudflare are already deploying, not experimental proposals.
How do I know if my Naples business needs to act now?
Use Mosca's inequality, a simple test defined by cryptographer Michele Mosca in 2015. Add the number of years your data must stay secret to the number of years your migration will take. If that sum is greater than the years until a capable quantum computer arrives, you are already exposed. Most legal, medical, financial, and title firms in Southwest Florida hold data with a shelf life of a decade or more, and migration itself takes time, so the sum is large. Given that the NSA expects national security systems to complete their own migration by 2030 to 2033, a private firm with long-retention records generally has less slack than it assumes and should begin building a quantum-readiness roadmap now.
Do I have to replace all my encryption immediately?
No. Ripping out working cryptography overnight is neither necessary nor advisable. The guidance from CISA, NSA, and NIST is to start with a cryptographic inventory: find where your most sensitive, longest-lived data lives and how it is protected. From there you prioritize by shelf life, applying post-quantum or hybrid encryption first to the data that must stay secret longest. Much of the transport layer is already moving, with Cloudflare deploying hybrid ML-KEM key agreement that protected roughly 43% of human connections by September 2025. A phased, verifiable migration that pairs edge protection with data-level upgrades is both realistic and defensible.

Sources

  1. Announcing Issuance of FIPS 203, 204, and 205 · Federal Register / NIST
  2. What is CNSA 2.0 · Entrust
  3. Quantum-Readiness: Migration to Post-Quantum Cryptography · CISA, NSA, NIST
  4. State of the post-quantum Internet in 2025 · Cloudflare
  5. Mosca's Theorem and Post-Quantum Readiness · PostQuantum.com
  6. AI Infrastructure and Harvest Now, Decrypt Later · Cloud Security Alliance
  7. HIPAA Retention Requirements · HIPAA Journal
Get started

Protect your Naples business against this.

RankShield turns the ideas in this guide into verifiable defense for your Southwest Florida business. Get a no-obligation assessment.