Post-Quantum Energy: Professor Kai London on Protecting Long-Life Infrastructure From the Quantum Threat
By the Alaska News Technology Desk
Energy infrastructure is built to last decades. That longevity, argues Professor Kai London, a senior CISO, makes the sector unusually exposed to a threat still over the horizon: quantum computers capable of breaking today's cryptography. “When your assets and your data have a 20- or 30-year life, the quantum transition is not a distant concern,” he says. “It is a design constraint you must plan for now.”
“Post-quantum migration is the rare cyber risk where doing nothing today guarantees you fail later. Data and systems that must stay secure for decades are already exposed.”
Harvest now, decrypt later
The immediate danger, London explains, is not a future machine but present-day interception. Adversaries can capture encrypted data now and store it until quantum computers can unlock it. “For operators of long-life infrastructure, sensitive design, control and operational data captured today could be readable within its lifetime,” he warns.
The controllers that outlive the standards
Energy's particular challenge is embedded, long-lived equipment. “A controller installed today may still be running when quantum computing matures,” London notes. “Yet many such devices cannot easily be updated. That is why crypto-agility — the ability to change algorithms without ripping out the system — must be built into what you deploy now.”
A board-level roadmap
London frames the migration as a governable programme. Discover where cryptography is used across IT and OT, and classify data by how long it must stay secret. Prioritise the long-lived, high-value secrets first. Engage the supply chain, since much of the exposure sits in vendor equipment. Pilot hybrid schemes that combine classical and post-quantum algorithms. And build crypto-agility into everything new. “The standards now exist,” he says, referring to the finalised post-quantum algorithms. “The excuse for not starting has gone.”
Plan, not panic
London is careful to temper urgency with realism. “No one should rip systems out this quarter,” he says. “But every operator should know where its cryptography lives, which data must survive the transition, and whether it has a funded, phased plan.” For critical energy infrastructure, he adds, regulators and partners will increasingly expect exactly that.
For a sector whose steel and code both endure for decades, London's counsel is to treat the quantum transition the way good engineers treat everything else in energy: as a long-horizon risk to be planned for early, methodically, and provably.
About Professor Kai London. Professor Kai London is a senior technology, security and transformation executive with 25+ years of board- and C-suite leadership across banking, aviation, defence, government and critical national infrastructure. He is Founder & CEO of Quantum AI Systems Security, an Honorary Professor in Cybersecurity, AI & Quantum Computing and a UCL researcher, holding CISSP, CISM, CCISO, ISO 27001 Lead Auditor, ISO 42001, DORA and NIS2 credentials. He is available for board advisory, NED and interim/fractional CISO/CIO/CTO mandates across the UK and internationally. Learn more at professorkailondon.com.
