Quick Links
Connect us
Directors Databank
Become a faculty
Blog
Become an Awards Assessor
Publications
Contact Us
Quantum Governance : Why Boards Must Lead the Next Technological Revolution
Why Boards Must Lead the Next Technological Revolution
Executive Summary
As the United Nations marks 2025 as the International Year of Quantum, corporate boards face a pivotal moment in technological governance. While AI has already transformed business operations, quantum computing emerges as the next frontier, with potential to amplify AI capabilities exponentially. Directors must transition from passive oversight to active stewardship of this transformation. The immediacy of quantum threats, particularly "harvest now, decrypt later" attacks, demands urgent board attention. Whilst quantum computing promises unprecedented opportunities for innovation and efficiency, it also presents significant risks that could compromise organisational security and competitiveness. This article outlines why boards must prioritise quantum readiness through comprehensive risk assessment, resource allocation, and strategic planning, emphasising that quantum governance is not merely about risk management but essential for sustainable business success in the emerging quantum era.
As custodians of organisational resilience, boards must recognise that quantum adaptation extends beyond risk management - it is fundamental to building sustainable business futures.
Introduction
The quantum era is no longer a theoretical prospect—it's here, demanding immediate board attention. As the United Nations designates 2025 as the International Year of Quantum, India has positioned itself at the forefront of this revolution. The National Quantum Mission (NQM), bolstered by a fresh ????600 crore allocation in the February 2025 Union Budget, builds upon a ????6,003.65 crore commitment through 2031. Through strategic investments in quantum computing, communication, sensing and materials development, India aims to develop sovereign capabilities whilst fostering economic transformation across sectors—from financial cybersecurity to healthcare innovation—positioning itself as a formidable player in the global quantum landscape.
This technological shift presents both extraordinary opportunities and substantial risks that boards must skilfully navigate to safeguard their organisations' future resilience and competitive edge.
Understanding the Quantum Imperative
At its core, quantum computing harnesses quantum physics principles to process information exponentially faster than traditional computers, using quantum bits or 'qubits' that can exist in multiple states simultaneously. For many board directors, quantum computing may seem an abstract concept best left to technical teams. However, its increasing potential to converge with artificial intelligence (AI) is rapidly reshaping the business landscape in ways that demand board-level engagement.
The immediacy of this challenge is highlighted by recent developments. According to a report by QuEra Computing, global quantum technology budgets are expected to increase by nearly 20% in 2025, with the survey revealing that around 65% of organisations plan to adopt quantum technology within the next two to three years; this data is based on their "Quantum Readiness Report 2025”. Major breakthroughs, such as Google's Willow quantum processor and IBM's Quantum System Two, signal that quantum computing is transitioning from theoretical possibility to practical reality.
The Board's Fiduciary Duty in the Quantum Age
Directors have a fundamental fiduciary responsibility to address quantum-related risks and opportunities. This extends beyond traditional oversight to active stewardship of quantum integration. The duty of care now encompasses ensuring adequate quantum security measures, appropriate resource allocation, and strategic planning for quantum readiness.
Current Threats Demanding Board Attention
Perhaps most pressing for boards to understand is that quantum threats are not future concerns—they represent clear and present dangers. The "harvest now, decrypt later" threat, where adversaries collect encrypted data today for future quantum decryption, poses an immediate risk to organisational security.
Current attack scenarios include:
• Data Harvesting: Malicious actors are already collecting encrypted data to decrypt once quantum computers become sufficiently powerful
• Historical Record Manipulation: Future quantum capabilities could enable the alteration of property ownership records, financial transactions, and legal documents
• Authentication Breaches: Quantum computing could facilitate the forgery of digital signatures and bypass current security systems
Strategic Imperatives for Boards
Boards must take decisive action through a structured approach:
• Risk Assessment and Quantum Readiness: Boards should mandate comprehensive assessments of current encryption practices and identify critical data requiring long-term protection. This evaluation must extend to supply chain quantum readiness, ensuring end-to-end security.
• Resource Allocation and Implementation: Directors must ensure adequate resources for implementing Post-Quantum Cryptography (PQC) across critical infrastructure. Importantly, quantum resilience does not require organisations to own quantum computers. Instead, it demands a strategic approach to protecting data and systems against quantum threats through postquantum cryptography—encryption methods designed to resist both classical and quantum attacks. This requires developing a robust quantum resilience roadmap, reuse and repurpose where possible, with clear governance frameworks and accountability measures.
• Stakeholder Engagement: Effective communication of quantum strategy to investors, regulators, and industry partners is crucial. Boards must demonstrate proactive leadership in addressing quantum risks whilst identifying opportunities for competitive advantage.
Cost of Inaction
Delayed preparation may result in severe consequences:
• Regulatory non-compliance as quantum-safe standards emerge
• Competitive disadvantage as peers advance quantum capabilities
• Emergency remediation costs far exceeding planned transitions
• Potential breach of fiduciary duties in failing to address known risks
Leadership through the Quantum Transition
Boards must shift from passive oversight to active stewardship of quantum-AI integration. This requires:
• Regular board-level briefings on quantum developments and risks
• Integration of quantum considerations into risk management frameworks
• Development of quantum-aware talent strategies
• Investment in quantum-safe technologies and processes
The Path Forward
As custodians of organisational resilience, boards must recognise that quantum adaptation extends beyond risk management—it is fundamental to building sustainable business futures. Those who take decisive action now will position their organisations at the forefront of this technological transformation.
Conclusion
The quantum revolution presents a defining moment for corporate governance. Boards that embrace their expanded oversight responsibilities in the quantum era will ensure their organisations' long-term viability and competitive advantage. The imperative for directors is clear: prioritise quantum-safe security measures, allocate resources for quantum readiness, and integrate these considerations into core business planning.
As we stand at this technological crossroads, the question is not whether to prepare, but how swiftly and effectively boards can lead their organisations through this fundamental shift in business security. The time for quantum governance is now.
Back to HomeAuthor
Ms. Anita Nandi-Ray
She is a financial services expert and policy advocate, currently serving as Co-Founder and Policy Director at Kquanta Research LLP. She possesses over 19 years of experience in financial services, having held senior positions at American Express Europe (Amsterdam and London) and served as India Head at the City of London Corporation. In her current role, she leads research initiatives at the intersection of finance, emerging technology and sustainability, whilst working with global stakeholders including financial institutions, regulators and policymakers.
Owned by: Institute of Directors, India
Disclaimer: The opinions expressed in the articles/ stories are the personal opinions of the author. IOD/ Editor is not responsible for the accuracy, completeness, suitability, or validity of any information in those articles. The information, facts or opinions expressed in the articles/ speeches do not reflect the views of IOD/ Editor and IOD/ Editor does not assume any responsibility or liability for the same.
