Abstract
As quantum computing advances, organizations can no longer view post-quantum cryptography as a future project. In this episode of Shielded: The Last Line of Cyber Defense, Konstantinos Karagiannis, Director of Quantum Computing Services at Protiviti, lays out a practical and attacker-focused perspective on preparing for the quantum era. Konstantinos explains why the industry’s fixation on harvest-now-decrypt-later misses the most serious exposure: harvest-now-forge-later, where quantum capability targets the foundation of digital trust through attacks on code signing, software update channels, and blockchain consensus mechanisms. He introduces the emerging Five-Day Rule, informed by recent research indicating that a cryptographically relevant quantum machine could break RSA-2048 in roughly five days, reshaping assumptions about risk and timelines. The discussion expands to the potential instability of blockchain networks, such as proof-of-stake systems reliant on BLS signatures, and the broader implications for market integrity and digital identity. Konstantinos outlines the steps security leaders must take now: identify crown-jewel assets, conduct a full cryptographic inventory, evaluate exposure windows, and demand clear post-quantum plans from vendors. The lesson here is post-quantum migration is a core cyber resilience program that must begin immediately, supported by real posture measurement and actionable timelines.
What You’ll Learn
- The difference between harvest-now-decrypt-later and harvest-now-forge-later
- Why code signing and supply-chain trust models are the most critical targets
- How the five-day rule reframes attacker capability planning
- Why blockchain & BLS signatures represent high-impact quantum risk
- Why cryptographically relevant machines will be operated by nation states and major crime rings
- How PQC migration aligns with existing cyber resilience practices
- Why crown jewel analysis and crypto inventory must start immediately
- How to evaluate vendors and avoid vague timelines
- Why PQC will become invisible infrastructure within the next few years
Konstantinos Karagiannis is the Director of Quantum Computing Services at Protiviti, where he leads efforts helping organizations develop real quantum use cases in optimization, machine learning, and simulation, and build realistic paths toward post-quantum cryptography migration. He has been with Protiviti for more than six years, serving previously as Associate Director of Quantum Computing Services. Before Protiviti, Konstantinos spent 13 years at BT, where he served as CTO of the Security Consulting Practice for BT Americas, and earlier as Global Technical Lead for Ethical Hacking, leading red-team operations and advanced cryptographic security testing.
He is the host of Protiviti’s “Post Quantum World” podcast, recently featured at DEFCON with his talk Post-Quantum Panic: When will the cracking begin, and can we detect it? His work focuses on building real quantum computing solutions today while preparing enterprises for the accelerating risks of Q-Day.
……………………………………….
Want exclusive insights on post-quantum security? Stay ahead of the curve—subscribe to Shielded: The Last Line of Cyber Defense on…