In today’s digital landscape, financial services firms face increasing pressure to safeguard...
Over the past 12 months quantum computing has leapt from “futuristic” to “practically-relevant.” Microsoft’s first new quantum processor, Google’s error-correction demo, a string of record-setting Chinese machines and the publication of NIST’s final post-quantum encryption standards all landed since mid-2024. The takeaway is clear: the timeline for quantum-safe cryptography is now measured in IT budget cycles, not decades. Below is what changed, why regulators care, and how the advancements are being tracked by SideDrawer so that we can ensure your files remain private and secure. This post is primarily for technology leaders in finance who have cybersecurity responsibilities and business leaders interested in emerging tech.
What Is Quantum Computing?
Quantum computing swaps classical bits (the binary, 0 or 1 code that forms the basis of all current digital systems) for quantum bits (qubits) that can inhabit 0 and 1 at the same time (superposition) and become entangled, letting a small register act like an exponentially larger one. The best way to think about what this means, from our perspective, is to think about this as a change from linear to exponential growth in computing power as more bits are used together.
Because these quantum states collapse when jostled, processors hang inside chandelier-like dilution refrigerators chilled to a few millikelvin—colder than deep space—to keep noise at bay. With hundreds to thousands of high-fidelity qubits, algorithms can run millions of computations per second and, in the wrong hands, use algorithms to crack encryption keys that protect sensitive information.
Banks from State Street to JPMorgan are already piloting workloads on cloud infrastructure from IBM, Google and Microsoft, aiming to harness quantum acceleration for optimization, pricing, and settlement-risk analysis long before these machines disrupt today’s encryption standards.
Why Are These Machines Not Used Today?
The road to mass-market quantum computing is still blocked by a handful of hard engineering and ecosystem gaps. Industry leaders—IBM, Google, Microsoft, and their peers—are attacking them on several fronts: making qubits stay coherent (i.e. stable) longer, decreasing error rates below the surface-code threshold, wiring thousands of qubits without melting the fridge, fabricating chips with high computing yields, and building the new talent and software stack on the new hardware needed to turn fragile physics into business-ready cloud services. This doesn't mean that encryption standards and cybersecurity will remain safe until these challenges are overcome.
The computing power available to even the first generation of quantum computers (think back to the large mainframes needed for the initial computers) and the people who can access them, will still be enough to crack the current encryption standards used through digital systems to safeguard information and user accesses.
Hardware Headlines You Shouldn’t Ignore
Microsoft, Google, and IBM each attacked a different roadblock on the road to fault-tolerant (i.e. stable and usable, but not scalable) quantum machines this year. Microsoft’s Majorana 1 chip is the first processor built from topological qubits—quantum states encoded non-locally in a “topoconductor” nanowire so local noise can’t easily flip them, slashing the raw error rate and, in principle, letting “millions of qubits fit on one chip” under a DARPA-backed program. Google’s Logical-Qubit Milestone 2 proved that a surface-code logical qubit made from 49 physical qubits can actually get more reliable as you add qubits—experimental evidence that software-level error correction will scale. IBM’s Condor pushed classical chip-making skills deepest into the quantum realm so far: 1,121 superconducting qubits wired together with cross-resonance gates—a 50 % density jump over its predecessor—and forms the base of a roadmap to 10 K-qubit machines by 2027.
Put together, the trio shows a plausible path to practical quantum computers: Microsoft attacks qubit stability at the materials level, Google validates scalable software error correction, and IBM proves you can fabricate and wire kilo-qubit chips. None run at room temperature or use silicon transistors; instead they operate near 10 megakelvin (so, colder than space) and manipulate quantum phases or microwave photons—opening possibilities for drug discovery, optimization, and, critically, breaking today’s public-key cryptography far sooner than once expected.
Asia's Surge Forward
It's not just the large USA technology companies that are driving this new wave of technological advancement. Many innovations are coming from the global community with China emerging as a center of excellence for many new techniques.
| Provider | Latest system | Qubits | Notable result |
|---|---|---|---|
| Origin Quantum | Wukong | 72 | Used to fine-tune a billion-parameter AI model, hinting at near-term HPC/AI crossover. |
| USTC | Zuchongzhi 3.0 | 105 | Ran random-circuit sampling 1 quadrillion× faster than top classical supercomputers. |
| China Telecom / CAS | Tianyan-504 | 504 | Highest-qubit Chinese chip; integrates with a public quantum cloud platform boasting 12 M visits. |
| Fujitsu + RIKEN (Japan) | 256-qubit SC QPU | 256 | Rolled into a hybrid cloud offering (April 22 2025) to tackle materials & pharma workloads. |
Based on all of these advancements, experts in the space are now predicting that usable (in a limited setting) quantum computing machines will become available, even if in a limited setting, before the end of 2030.
Standards & Policy: The Finish Line Is in Sight
Over the last 18 months regulators have moved almost as fast as the hardware teams: standards that once felt a decade away are now published in final or near-final form, giving the financial-services sector a clear compliance runway. The table below completes the picture we started, showing exactly who has mandated what, when, and which algorithms matter. Taken together, these milestones mean the conversation is no longer whether to migrate to post-quantum cryptography, but how quickly we can execute crypto-agile road-maps before the first cryptanalytically-relevant quantum machines arrive.
| Date | Body | Action | Algorithms / Mandate |
|---|---|---|---|
| 13 Aug 2024 | NIST | Final FIPS 203-205. Makes ML-KEM (key exchange), ML-DSA/Dilithium (signatures) and SLH-DSA/SPHINCS+ (hash-based backup signatures) federal law for any system that must follow FIPS, immediately enabling vendors to start the FIPS-140 validation queue. | ML-KEM (FIPS 203), ML-DSA (Dilithium) (FIPS 204), SLH-DSA (SPHINCS+ ) (FIPS 205) |
| Dec 2024 (v 2.1) | NSA — CNSA 2.0 | Hard deadline for U.S. National-Security Systems. New gear bought after 1 Jan 2027 must support ML-KEM, ML-DSA, SLH-DSA; by 31 Dec 2031 nothing that lacks them may remain in service—turning “road-map” into a procurement mandate. | ML-KEM, ML-DSA, SLH-DSA |
| 2024-2025 | ENISA & EU Commission | Crypto-agility guidance. ENISA’s 2024 report urges EU critical-infrastructure operators to pilot lattice-based KEMs and require “algorithm-swap” features in new RFPs—paving the way for EU-wide mandates once ETSI finalises telecom profiles. | EU bodies begin referencing NIST algorithms in procurement templates |
| Jan 2025 (draft) | IETF TLS WG | Hybrid ECDHE-MLKEM for TLS 1.3. Draft-ietf-tls-ecdhe-mlkem-00 specifies X25519/MLKEM-768 and related hybrids, letting browsers and APIs deploy post-quantum key exchange before every endpoint is upgraded. | X25519-MLKEM-768, P-256-MLKEM-768, P-384-MLKEM-1024 |
| 11 Mar 2025 | NIST | Adds HQC-KEM as “Plan B.” Designates the code-based HQC algorithm as a formal alternate to ML-KEM in case future cryptanalysis weakens Kyber; draft FIPS (due 2026) means libraries must keep crypto-agile APIs. | HQC-KEM will sit beside ML-KEM for general encryption |
| Mar 2025 | UK NCSC | Three-phase migration roadmap. ▸ Inventory crypto by 2028 ▸ Upgrade high-value systems by 2031 ▸ Complete sector-wide cut-over by 2035. Creates audit checkpoints for finance, energy and gov-cloud suppliers. | Road-map aligns with UK G-Cloud contracts |
Why this matters in the broader story
-
Regulatory certainty has arrived. With FIPS 203-205 final and the NSA, NCSC, IETF, and ENISA all pointing to the same lattice-based primitives, financial institutions finally have an agreed end-state instead of draft wish-lists.
-
Timelines are tight. The strictest mandate (NSA, NSS) forces new systems to be PQ-ready in less than 24 months.
-
Audit scopes are expanding. OSFI, FINRA and SEC examiners have already begun asking for post-quantum migration road-maps that reference these exact documents, so adopting ML-KEM/ML-DSA now reduces future remediation costs.
In short, hardware breakthroughs from Microsoft, Google, IBM and Asia’s frontrunners show why post-quantum migration is urgent; the standards above clarify how and when to execute. SideDrawer is these advancements so you can focus on client service, not cryptographic plumbing.
Bottom Line
Quantum hardware milestones from Microsoft, Google, IBM and Asia's rapidly advancing ecosystem combined with final NIST standards signal the end of “wait and see.” SideDrawer is actively tracking these advancements and building our roadmap in alignment with the advancing technology and regulatory standards.
With SideDrawer, your files will remain private—no matter how powerful tomorrow’s computers become.
Questions? Reach out to a SideDrawer representative for a deeper dive into our quantum-safe roadmap.
.png)
.svg)
