A Quantum Leap for Cybersecurity Startups?

For a long time now, quantum computing’s status as a new technology has mirrored quantum mechanical phenomena itself. That is to say, it’s been both happening and not happening: seemingly suspended in a superposition of being about to change absolutely everything, and being the impractical plaything of scientists, investors and futurists. This tantalising ambiguity has led to much talk of it being “overhyped” or even “Silicon Valley’s longest-running hoax”.

Justified though the scepticism around the hype cycle has been, the general consensus is that we are indeed on the verge of a paradigm shift in computing, with companies having recently made tangible steps forward when it comes to harnessing the power of qubits – the units of quantum information which, unlike classical binary bits, can occupy positions between 0 and 1. One of the most notable moments came in December, when Google unveiled its “Willow” quantum chip, reportedly capable of being able to solve in five minutes a problem which would require a classical computer 10 septillion years to complete.

While we’re certainly still years away from the “post-quantum” era, it’s widely agreed that the accelerating developments in this field will comprise one of the defining trends of 2025, with numerous startups racing to explore use cases ranging from drug discovery to climate modelling. All eyes are also on the cybersecurity implications of the quantum revolution, given that the unprecedented decryption capabilities of quantum computers will make classical data protection systems obsolete.

Concerns around this issue were highlighted in a recent survey by KPMG, which found that the majority of North American businesses believe “it’s only a matter of time” before “cybercriminals are using the power of quantum to decrypt and disrupt today’s cybersecurity protocols”, while over 95% of respondents in Germany said they believed the impact of quantum computing on current security systems will be “high or very high”.

Moreover, the ramifications are already being felt in our current pre-quantum world, due to the threat of “harvest now, decrypt later” attacks, in which hackers steal encrypted data and then simply sit on it until quantum technology becomes capable of cracking it (“Q-Day”).

Such scenarios bring new resonance to the well-worn phrase “future-proofing”, and present opportunities for cybersecurity startups specialising in equipping organisations to deal with quantum-enabled threat actors. Here are some that are on our radar.

Last summer, Oxford-based post-quantum cryptography startup PQShield achieved a $37 million Series B fundraise, reflecting the demand for its solutions within the semiconductor industry. “They embed our hardware design IP in the chip,” PQShield’s founder explained in an interview at the time, “so that the chip is equipped to do post-quantum cryptography.”

The investment came just before the US Department of Commerce’s National Institute of Standards and Technology (NIST) finalised its set of post-quantum cryptography standards, a milestone which escalated interest in such solutions. As one investor involved in the PQShield fundraise put it, “we expect newly-ratified standards to help drive rapid adoption of [post-quantum cryptography] across the technology supply chain.”

One of the first major investments into this field in 2025 was the $3.1 million secured by Wultra, a Prague-based cybersecurity startup developing quantum-resistant authentication solutions for banks and other financial institutions. These solutions secure mobile banking apps and other digital infrastructures from the seismic ramifications of Q-Day, which Wultra’s founder – like many industry commentators – believes will occur by 2030.

The company is putting the new capital towards research and development, and furthering its expansion into new territories – most notably southeast Asia, which has already become a strong market for Wultra.

Another major European player in this subsector is Q*Bird, based in Delft in the Netherlands. The startup develops software and hardware for securing critical infrastructure, and made headlines earlier this year when it unveiled new technology which allows for secure multipoint-to-multipoint communication on quantum networks.

The company’s CEO has boldly declared that her “vision for Q*Bird is to become the largest supplier of quantum networking equipment in Europe, US and beyond”. The company last year began a significant partnership with the Port of Rotterdam (the largest seaport in Europe) to implement its technology to safeguard the port’s digital infrastructure, protecting communications between customs authorities and logistics services providers.

Across the pond, QuSecure – a Silicon Valley post-quantum cybersecurity startup communications – commenced the year with an investment from Accenture. The fundraise, whose value was not disclosed, came in the wake of a collaboration between QuSecure and Accenture which saw the first successful test of multi-orbit satellite communications secured against quantum attacks.  

The two companies had also collaborated on a project to make the infrastructure of Banco Sabadell, one of Spain’s largest financial organisations, more quantum-resilient. Speaking of the investment, a spokesperson at Accenture cited the NIST post-quantum encryption standards as a spur to activity in the subsector. It will be interesting to see how similar regulatory overhauls in different territories will act as a deal driver for cybersecurity startups.

As Dr Michele Mosca of the Institute of Quantum Computing in Ontario has said, the inherent threats posed by the post-quantum world are “in fact a blessing in disguise, since this challenge gives us a much-needed impetus to build stronger and more resilient foundations for the digital economy.”

If you’re a cybersecurity founder seeking guidance on navigating this fast-evolving space and capitalising on the potential interest of investors and acquirers, we’d love to hear from you. Say hello and we can get the ball rolling with the right expert dealmakers from across a range of specific tech sectors.