Q Day is no longer being treated as a distant theory. Palo Alto Networks says the moment a cryptographically relevant quantum computer can break the security systems protecting data and networks will not bring down the internet, but it could shake trust at its foundation as RSA and ECC become vulnerable.
The company said public key infrastructures, certificate authorities and digital identities would need to be replaced immediately to keep systems and data safe. That warning lands as organizations around the world race to build quantum computers capable of tackling problems too complex for classical machines, and as cybersecurity leaders warn that current defenses may not survive the leap.
No one can say exactly when Q Day will arrive because the timeline depends on breakthroughs in building a cryptographically relevant quantum computer. But the range of estimates is narrowing. IBM plans to build a large-scale, fault-tolerant quantum computer by 2029, while the National Institute of Standards and Technology, the Canadian Centre for Cyber Security and the U.K. National Cyber Security Centre are targeting complete post-quantum cryptography migration by 2035.
The debate has sharpened this year. In February, Iceberg Quantum published a paper on arXiv.org saying a quantum computer with about 100,000 qubits could break RSA encryption within a week, far below earlier studies that had put the figure at 20 million qubits. In March, Google Quantum AI published a paper saying the cryptography protecting major cryptocurrencies, including Bitcoin and Ethereum, could be defeated with a quantum computer with 500,000 physical qubits within minutes.
That urgency is why Niccolo De Masi’s comments at the World Economic Forum in January drew attention. He said Q Day may arrive within a few years, adding that people assume it was happening in 2040 and that he thinks it will arrive “like a freight train” by the end of the current U.S. administration.
Not everyone uses the same timeline, but the policy response is already taking shape. The Potomac Officers Club will convene experts at the 2026 Cyber Summit on May 21 for a Quantum Computing and Post Quantum Cryptography panel featuring speakers from the University of Alabama, the Department of Education, DEVCOM Army Research Laboratory, Corelight and Everforth ECS Federal. The gathering comes as governments and companies face the same blunt problem: the security systems built on today’s public-key math may not be good enough for tomorrow.
The nearest milestone may not be a collapse, but a scramble. If the first real sign of Q Day is not a broken internet but broken trust, the institutions that authenticate identities and issue certificates will be the first to feel the shock.
