Quantum computing development is picking up fast. But are enterprises actually ready for it? 

The past several months have been ripe with quantum announcements, with the most recent coming from Microsoft. The company last week introduced Majorana 1, a quantum chip powered by “topological core” architecture that it claims can “offer a path to developing quantum systems that can scale to a million qubits.”

Microsoft’s focus on quantum mirrors that of other tech giants: Google announced its Willow chip earlier this year, which it claims can perform calculations in five minutes that would take a supercomputer 10 septillion years; and Amazon AWS debuted Quantum Embark in November, a program aimed at helping businesses prep for the quantum future. Microsoft also promised last year that it would launch a commercial quantum computer in 2025. 

But the reality is that, despite the recent uptick in hype (and Microsoft’s claims that the tech might be ready in “in years, not decades” — “these breakthroughs take a while,” said Clyde Williamson, senior product security architect at Protegrity. 

While people weren’t thinking about quantum computers seven years ago, “now it’s in the news. And so every breakthrough … I think they do get blown out of proportion a little bit. We’re still years away from a real quantum computer,” said Williamson. 

The dawn of quantum also brings a brand new set of problems, Williamson said. For example, quantum computing might exacerbate issues with current data systems. To put it simply, existing data infrastructure has inherent limitations that are already creating problems in generative AI training, as models can’t tell when a dataset contains gaps in context or information. 

And that issue exists when we’re just talking about ones and zeros. Quantum computers exist in “superposition,” a state in between our current binary, creating a whole new type of data. This makes data storage even more complicated, said Williamson. “I think it will have a big impact on data lakes as quantum computers become a reality.”

As it stands, the use cases for the theoretical tech lie in the lab, said Troy Nelson, CTO of LastWall. These devices will fit best in applications such as quantum chemistry for new drug development, materials discovery that could “revolutionize our energy industry,” or weather modelling. 

• “Quantum computers compute in different and strange ways than classical computers. And there are still going to be things that classical computers are better at,” said Nelson. 
• For the average enterprise, quantum might not have much to offer for the foreseeable future, said Williamson. The powerful calculations that these devices can crunch aren’t going to be necessary in contexts like sales or HR. 

“There’s a lot of noise right now and I’m not sure how warranted the noise is for most organizations in their day-to-day business,” Williamson added. 

So what do enterprises need to know amid all the noise around quantum? For now, instead of prepping for how to use it, it may be more important to proactively protect your business against its capabilities, said Nelson. Right now, the “alligator nearest to the boat” is that quantum computing is coming for modern-day encryption technologies, he said. 

Though this tech has the capability to turn cryptography on its head, it’s a reality that many have been preparing for: The National Institute of Standards and Technology announced the approval of quantum-resistant algorithms back in August. 

The problem is actually getting enterprises to make the switch to these standards before quantum development gets too far, said Nelson. “Now begins the very long, very expensive cycle of everyone updating their cryptography — which is also going to be a multi-year cycle.”

When it comes to cybersecurity, there is no such thing as being completely secure. But there are a few areas that are more slippery than others. 

Breaches, more often than not, aren’t the result of highly-sophisticated attacks, but rather of enterprises having too much software, a lack of network visibility, and human error, experts told CIO Upside. 

“There is no 100% security because software is fundamentally flawed,” said Mieng Lim, VP of product management at cybersecurity firm Fortra. “You will find security vulnerabilities in any piece of software that you deploy, and the malicious actors are just that much more diligent at finding them.” 

Missing software packages and software that hasn’t been updated are some of the most common and easily-missed vulnerabilities that enterprises face, said James Cassata, cloud security architect at Myriad360.

• Open source or “off-the-shelf” software like Adobe, Mozilla Firefox or Google Chrome are so commonly used that malicious actors “see that as a highly priced target,” said Cassata. The question enterprises need to ask their workforces is whether or not they need all of the software they download, he said. 
• If not, enterprises may want to consider a “self-serve model,” allowing individuals that use certain software to get it from company portals “versus pushing it out to everybody,” Cassata said. “If your employees or users don’t need all of this software, stop deploying it.” 

Another major issue occurs when enterprises pick and choose what deserves coverage. Many companies don’t have full visibility of operations across their entire network, said Lim, or choose to protect only areas that are deemed business-critical, leaving other areas vulnerable. The widespread availability of cloud computing has only expanded the potential areas of attack, she added.

“Typically, it’s a resourcing issue,” said Lim. “They’re focused on protecting intellectual property, confidential data, etc. The problem with that is that many times devices have connectivity to each other, and if the proper access controls aren’t set up … a malicious actor could easily get access to those areas.” 

The biggest attack vector, however, may be employees themselves, said Lim. According to data from security firm NordLayer, 68% of data breaches in 2024 involved human error. Because it’s difficult to govern human curiosity and anyone can fall victim, phishing attacks often still plague enterprises, she said. “There is an element of social engineering every time. It’s why scams have been so successful and continue to be successful.” 

While companies can train their workforces to be more suspicious and have better “cyber hygiene,” many don’t take the time to consider security, opting instead to deploy shiny, new cybersecurity technology without a clear understanding of the fundamentals, said Lim. 

“Those fundamentals are security awareness training, keeping security top of mind for those employees and staff members,” said Lim. “Give everything a second look, before taking action – it’s changing that behavior that is so hard. Otherwise there wouldn’t be scams happening all the time.”

With the onslaught of AI agents, how can enterprises keep them straight?

Salesforce is seeking to patent a system for “orchestrating LLM-augmented autonomous agents” that essentially coordinates and selects the best AI agent for any given task. 

When a user sends in a task, a “controller” will observe the computing environment for relevant data or context, then pick the right “language model augmented agent” for the job, feeding it the task instructions and additional context. For reference, a language model augmented agent is one in which a language model’s capabilities are used to “provide an agent response and/or reasoning.” 

Once the agent offers an output, the controller then decides how to turn that output into action. “Existing [language model augmented agents] do not always provide accurate next-action indications and therefore, a target task may not be completed.” Salesforce said in the filing. 

Salesforce’s patent application is just one representation of its massive push toward agentic AI. The company made a public commitment to the technology at its Dreamforce conference last year by debuting Agentforce, an agentic AI tool for sales, marketing, and customer service. 

Salesforce isn’t alone. In the past several months, practically every tech giant in the enterprise space has jumped in on the agentic craze, including Nvidia, Microsoft and Google. 

Though Big Tech is keen on the possibilities of these agents, the workers using them may not feel the same: A survey of 2,100 US and UK workers from software firm Pegasystems found that, while 57% of workers are inclined to use AI agents, 33% are worried about the quality of the output, 32% worry about a lack of emotional intelligence, and 30% don’t trust the accuracy of these agents.