Somewhere, right now, a state-sponsored actor is quietly siphoning encrypted traffic from major financial institutions, government networks, and healthcare systems. They can’t read any of it. Not yet. But they’re not trying to. They’re waiting.

This is the world of Harvest Now, Decrypt Later (HNDL), a cybersecurity threat that’s already happening but won’t hurt you until it does. It’s the ultimate long game, and if you’re not already thinking about it, you’re already behind.

What is HNDL? (And Why Should You Care?)

HNDL is elegantly simple and terrifyingly patient. Adversaries intercept and store encrypted data today, knowing that quantum computers will eventually be powerful enough to crack today’s encryption algorithms. Your RSA-2048 keys? Your elliptic curve cryptography? Once a sufficiently powerful quantum computer running Shor’s algorithm comes online, those mathematical safeguards become little more than a polite suggestion.

Elliptic Curve Cryptography (ECC) is an asymmetric encryption algorithm that leverages the algebraic structure of elliptic curves over finite fields. It is used for public-key encryption, providing the same level of security as RSA but with significantly smaller key sizes.

The kicker? The data doesn’t need to be valuable right now. It needs to be valuable when it’s decrypted. Think about it: personnel records, medical histories, national security communications, financial transactions, trade secrets, merger and acquisition details. These don’t become less sensitive with age. A 15-year-old government communication about intelligence operations is still classified. Medical records remain sensitive for a lifetime. And that brilliant innovation your R&D team is working on? Your competitors would still love to know about it in a decade.

Enter Mosca’s Theorem: Your New Best Friend

Dr. Michele Mosca, a cryptography expert and co-founder of the Institute for Quantum Computing at the University of Waterloo, gave us a beautifully simple framework for understanding why we can’t afford to wait. It’s called Mosca’s Theorem, and it boils down to an inequality that should keep every CISO up at night:

If X + Y > Z, you have a problem.

Where:

X = How long your data needs to remain confidential (the shelf life of your secrets)

Y = How long it will take to migrate your systems to quantum-resistant cryptography (your migration time)

Z = How long until a cryptographically relevant quantum computer arrives (Q-Day)

Let’s make this painfully real. You’re a financial services firm with customer data that needs to remain confidential for, say, 20 years (regulatory requirements, customer relationships, the works). Your IT team estimates a full cryptographic migration will take 5 years. That’s X + Y = 25 years.

Now, expert consensus is coalescing around Q-Day occurring somewhere in the early-to-mid 2030s — let’s be generous and say 2035. That’s roughly 10 years from now (Z = 10).

25 > 10. Houston, we have a problem.

And here’s the uncomfortable truth that Mosca’s Theorem reveals: by the time Q-Day arrives, your data has already been harvested. The breach happened years ago — you just haven’t felt it yet.

Why Senior Leadership Need to Lead This Conversation

I’ve seen it too often: quantum computing gets treated as a “future problem” or, worse, dismissed as science fiction. “We’ll deal with it when it’s real,” they say, while conveniently ignoring that adversaries are harvesting encrypted traffic right now.

This isn’t a junior analyst problem. This isn’t something you can delegate to the next security committee. The HNDL threat requires senior leadership because:

1. The timelines are measured in years, not sprints. NIST has set 2035 as the deadline for federal systems to complete their migration to post-quantum cryptography (PQC). The EU is even more aggressive, requiring critical infrastructure to be quantum-safe by 2030. These aren’t aspirational targets — they’re regulatory expectations.

2. Migration is complex. This isn’t a patch Tuesday fix. We’re talking about discovering every cryptographic dependency in your enterprise, prioritizing assets based on data sensitivity and exposure, testing new algorithms for compatibility and performance, and deploying across potentially thousands of systems and devices. Some organisations took years just to deprecate SHA-1. PQC migration makes that look like changing a password.

3. The business case is counterintuitive. You’re asking executives to invest significant resources to protect against a threat that hasn’t materialized yet, to prevent a breach that may have already happened, resulting in damage that won’t be visible for years. That’s a difficult conversation that requires credibility and influence.

What Can You Do Today?

• Conduct a Cryptographic Inventory. You can’t protect what you don’t know about. Map every system, application, and data flow that uses public-key cryptography. Yes, this is tedious. Yes, it’s essential.

• Classify Data by Sensitivity Lifespan. Not all data is created equal. Personnel records have different longevity requirements than marketing materials. Apply Mosca’s X variable to your data classification scheme.

• Develop Crypto-Agility. Build systems that can swap cryptographic algorithms without wholesale replacement. This isn’t just about quantum — it’s good security hygiene that will serve you well regardless of how the threat landscape evolves.

• Start Testing NIST-Approved PQC Algorithms. NIST finalized its first set of post-quantum cryptography standards in August 2024 (FIPS 203, 204, and 205). These aren’t theoretical — they’re ready for piloting. Major players like Apple, Google, and Cloudflare are already deploying hybrid quantum-safe encryption.

• Educate Your Leadership. Use Mosca’s Theorem as a communication tool. Its simplicity makes the quantum threat tangible: “Here’s how long our data needs protection. Here’s how long migration takes. Here’s when the threat arrives. Do the maths.”

As senior IT professionals, we have a choice: we can wait for Q-Day to arrive and scramble to respond, or we can start the migration now and be ready when the storm hits. The cost of preparation is measured in budget and effort. The cost of being late is measured in data breaches, regulatory penalties, reputational damage, and the uncomfortable knowledge that we saw this coming and chose to look the other way.

The quantum clock is ticking.

Sam Odekunle is a Cybersecurity Consultant specialising in Identity and Access Management, currently leading enterprise IDAM transformation programmes. He writes about the intersection of cybersecurity, governance, and emerging threats.