Introduction

Of all the threats associated with the quantum computing era, Harvest Now, Decrypt Later (HNDL) is arguably the one that has captured the most attention. It is referenced frequently in vendor marketing, government advisories and industry conferences. Yet despite this visibility, it remains one of the most misunderstood risks in the post-quantum cryptography landscape.

HNDL describes an adversarial strategy in which encrypted data is intercepted and stored today, in the expectation that it can be decrypted in the future once a cryptographically relevant quantum computer becomes available. The data does not need to be decrypted now. It simply needs to be captured and retained until the technology to break its encryption exists.

For CISOs and senior security leaders, understanding this threat is essential — not because it demands immediate panic, but because it requires a clear-headed, risk-based assessment of which data in your organisation is genuinely exposed and what the consequences of that exposure would be.

How HNDL Works in Practice

The mechanics of HNDL are straightforward, which is part of what makes it concerning. Adversaries with the capability to intercept encrypted network traffic — whether through compromised infrastructure, supply chain access, or passive monitoring of communications — can collect and store vast quantities of encrypted data at relatively low cost. Storage is cheap, and the data does not need to be processed immediately.

The adversary’s calculation is simple: if this data is still valuable by the time a quantum computer capable of breaking today’s public-key cryptography becomes available, the investment in collection will have paid off. The encrypted data effectively becomes a time-delayed asset, waiting to be unlocked.

This is not a hypothetical scenario. National cybersecurity agencies across multiple countries have publicly acknowledged that HNDL collection activity is likely already taking place. The question is not whether it is happening, but at what scale and against which targets.

Who Is Most at Risk?

NIST and multiple national agencies explicitly warn that HNDL makes long-lived sensitive data particularly exposed. The types of data most at risk include government secrets and classified information, personal health records and patient data, high-value intellectual property and trade secrets, critical infrastructure operational data and logs, long-term contractual and legal information, and financial data subject to extended regulatory retention requirements.

Organisations in sectors such as defence, central government, healthcare, financial services and critical national infrastructure are inherently more exposed to HNDL because the data they hold retains its sensitivity over extended periods. Classified information may remain sensitive for decades. Patient records have lifelong relevance. Intellectual property can underpin competitive advantage for years. In these environments, HNDL is not a distant concern — it is a material risk that warrants prioritised attention now.

For organisations operating in these sectors, the combination of high data sensitivity and the realistic possibility of nation-state collection activity creates a risk profile that demands explicit assessment and documented mitigation plans.

Maintaining Perspective

While HNDL is a serious concern for certain organisations and data types, it is equally important to maintain perspective. For many organisations, the confidentiality value of most data decreases rapidly over time. Marketing plans, operational communications, routine business correspondence and transactional data typically lose their sensitivity within months or a small number of years. If the value of your data degrades well before a quantum computer is likely to be available, HNDL may represent a manageable risk compared to more immediate cyber threats.

This distinction matters because the security landscape is not short of competing priorities. Ransomware, supply chain compromise, insider threat, identity-based attacks and cloud misconfiguration all present clear and present risks that demand investment today. A CISO who redirects significant budget towards mitigating a quantum decryption scenario at the expense of addressing these immediate threats is not necessarily making a risk-informed decision.

The key is proportionality. HNDL should be assessed alongside other risks, not in isolation. And the response should be calibrated to the specific data sensitivity and threat profile of your organisation, not driven by generic urgency messaging from the vendor community.

Using Mosca’s Framework to Assess Your Risk

One of the most useful tools for assessing HNDL exposure is Mosca’s quantum risk framework, which is referenced by many national cybersecurity agencies and standards bodies. The framework asks organisations to balance three variables: the time until quantum computers are cryptographically relevant, the time required to migrate systems to quantum-resistant algorithms, and how long the data or trust assertions in question need to remain secure.

If the combined length of your migration timeline and data sensitivity period exceeds the estimated time until a cryptographically relevant quantum computer exists, then your data is at risk of being compromised before you can protect it. This is the scenario HNDL exploits.

While the exact timeline for quantum computing capability is inherently uncertain — estimates vary from under a decade to several decades — the framework provides a structured way to assess exposure rather than relying on speculation or vendor-driven timelines. It brings the conversation back to what you can control: understanding your data, your migration complexity and your risk tolerance.

The Key Questions for Boards

Rather than treating HNDL as a blanket emergency, organisations should frame it as a structured risk management conversation. Three questions are central to this discussion.

First, which of your data remains sensitive for 10, 20 or more years? This requires a clear understanding of data classification, retention requirements and the business impact of long-term exposure. For some organisations this insight already exists within information governance frameworks; for others, developing it will be a necessary first step.

Second, could that data realistically be harvested by nation-state or highly capable adversaries today? This is a question about your threat model, not your technology stack. Organisations that operate in sectors of national importance, handle classified or commercially sensitive information, or maintain extensive digital supply chains are more likely to be targets of collection activity.

Third, do you have plans to protect those data flows with quantum-resistant controls? This does not necessarily mean implementing new algorithms immediately. It means having visibility of where your most sensitive data flows, understanding which encryption mechanisms protect it, and developing a roadmap for transitioning those protections to quantum-resistant alternatives when the time is right.

These questions help ensure that HNDL is assessed on its merits within your specific context, rather than being either dismissed as a future problem or escalated into disproportionate action.

What CISOs Should Avoid

There are two common mistakes that CISOs should be wary of when responding to HNDL. The first is treating it as someone else’s problem. Even if the exact date of quantum computing capability is uncertain, the collection of encrypted data can happen today with conventional technology. Deferring any assessment on the basis that quantum computers do not yet exist misses the point of the threat entirely.

The second mistake is the opposite: responding with urgency-driven procurement that is not grounded in a clear understanding of your data landscape and risk profile. Purchasing quantum-resistant encryption products without first understanding where your most sensitive data resides, how it moves through your organisation and which flows are most exposed is unlikely to deliver meaningful risk reduction. It risks repeating the pattern of previous technology hype cycles, where procurement preceded strategy.

The appropriate response sits between these two extremes: a deliberate, risk-informed assessment that identifies where HNDL poses a genuine threat to your organisation and develops a proportionate, phased plan to address it.

HNDL in the Context of Broader PQC Readiness

It is worth noting that HNDL is only one dimension of the broader post-quantum challenge. Its counterpart — Trust Now, Forge Later (TNFL) — addresses the future risk to digital signatures rather than data confidentiality, and in many respects poses an even more systemic threat. A comprehensive approach to post-quantum readiness should assess both risks in parallel, alongside the organisational and architectural changes needed to achieve lasting cryptographic agility.

HNDL is, however, a useful starting point for board-level engagement because it is conceptually straightforward and directly linked to data protection — a topic that most senior leaders already understand. Using HNDL as a gateway to the broader PQC conversation can help build the organisational awareness and executive sponsorship needed to drive a more comprehensive programme of work.

How Unsung Can Help

Unsung works with CISOs and security leaders to assess HNDL exposure as part of broader post-quantum readiness planning. We help organisations identify where long-lived sensitive data resides, map how it flows through business systems, assess the realism of collection threats and determine where quantum-resistant controls should be prioritised.

Critically, we approach this as a risk conversation, not a technology conversation. Our vendor-neutral position means we are not incentivised to create urgency or recommend products. Instead, we focus on helping you develop a clear, proportionate understanding of your HNDL exposure and a practical roadmap for addressing it — one that sits alongside your existing security priorities rather than displacing them.

If you would like to discuss how HNDL applies to your organisation, or if you are looking for independent support in assessing your broader PQC readiness, we would welcome the conversation.

‍

Want to explore this topic further?

This blog is part of a series drawn from our strategic whitepaper, Post-Quantum Cryptography: A Strategic Whitepaper for the C-Suite. It provides vendor-neutral, business-focused guidance on navigating the quantum era — covering the threats already in play, lessons from previous hype cycles, and practical steps your organisation can take today. Download your copy here: https://2f4v3l.share-eu1.hsforms.com/20qJjHSynQkuJKhI_xq9Msg