Quantum-Era Threats: Harvest-Now-Decrypt-Later and Trust-Now-Forge-Later Attacks Challenge Digital Trust

In this interview, we speak with Tim Callan, Chief Compliance Officer at Sectigo, about his journey in digital certificates, online trust, and the evolving landscape of PKI.

With more than two decades championing digital trust, Callan’s passion has taken him from the early internet era to co-hosting the 500-episode Root Causes podcast.

Curious about how Post-Quantum Cryptography (PQC) will reshape cybersecurity, we asked Callan about quantum-era threats, the challenges of migration, and the first steps organizations should take, and found plenty of answers in his insights.

The discussion also turned to the industry’s move toward a 47-day SSL certificate lifespan and what that shift means for organizational risk.

Combined with the looming reality of quantum-powered attacks, these changes raise big questions: how will businesses be impacted? Let’s find some answers.

Vishwa: Please share about yourself, early experiences, challenges, and journey to Sectigo. What sparked your fascination with online trust? Could you share what set you on the path to co-hosting a podcast dedicated to PKI and the genesis of your passion for digital certificates?

Tim: I’ve been passionate about online trust and digital certificates for over 20 years, starting my journey during the early days of the commercial internet. Seeing the challenges organizations faced in securing online communications fuelled my interest in PKI and digital identity. 

Over the years, I held various leadership roles within the industry before joining Sectigo in 2018. What really drives me is helping people understand the importance of secure digital identities. 

Jason Soroko and I started the Root Causes podcast six years ago to make complex PKI topics accessible and explore the evolving world of online trust with industry experts. We recently celebrated our 500th episode. 

For me, digital certificates are fundamental to a safe internet, and I’m committed to advancing that mission every day.

Vishwa: With the advent of Post-Quantum Cryptography (PQC), what are the most critical quantum-era threats that it aims to neutralize?

Tim: Quantum computers have the potential to break widely used encryption algorithms like RSA, which could expose sensitive data across many industries. Among the most pressing quantum-era threats are “harvest now, decrypt later” and “trust now, forge later” attacks.

In a harvest now, decrypt later scenario, attackers intercept and store encrypted data today—such as sensitive communications, financial records, or intellectual property—with the intention of decrypting it once quantum computing becomes viable. This creates a long-tail risk, especially for data with enduring sensitivity.

The trust now, forge later risk involves adversaries compromising the integrity of long-lived digital signatures, often found in important, sensitive documents and contracts for a company. Once quantum capabilities emerge, forged signatures could be used to retroactively falsify documents, software updates, or communications that were previously considered trustworthy, undermining the chain of trust in digital systems.

According to our research conducted in the State of Crypto Agility report, we found that the concern for both of these new, esoteric quantum threats ranks on par with today’s common man-in-the-middle attacks. 

This suggests that organizations are not only aware of the threats quantum computing will bring, but there is rising concern about what type of effects these attacks could have on their business.

Vishwa: The transition to PQC would become a need for future cybersecurity. From your perspective, what challenges are organizations facing or may face in preparing for this?

Tim: Our research shows that 80% of organizations have some form of PQC migration strategy in mind, but nearly all (98%) organizations have or expect to experience challenges with PQC implementation.

The transition to PQC presents three major challenges for organizations. The first is that current systems are simply not ready for the transition. PQC algorithms use much larger keys, which can break existing applications, protocols, and hardware. Preparing for PQC will require widespread updates across infrastructure, software, and devices. This can take years to do.

Secondly, the PQC algorithms themselves are still young. While NIST’s selected PQC standards have undergone significant testing, they remain relatively new compared to the decades of scrutiny given to today’s public-key cryptography. It’s possible that undiscovered vulnerabilities exist or even that well-resourced adversaries have already found those weaknesses.

Finally, migration will be complex and drawn-out. This will not be a “flip the switch” event. Organizations will operate in hybrid environments mixing classical and PQC algorithms for years or even decades. Managing interoperability, compatibility, and security in such mixed ecosystems will be operationally challenging and prone to errors. 

Our research suggests that the most frequently cited barriers expected during PQC implementation are legacy systems include integration complexity, risk of downtime, and compatibility issues.

In general, the lack of visibility into where and how cryptography is used across complex, distributed infrastructures, will make it difficult to identify and prioritize what needs updating. Our research shows that only 14% of organizations have conducted a full assessment of quantum-vulnerable systems, which isn’t all that surprising. 

Pair that with a shortage of expertise and resources, and many companies underestimate the urgency of the quantum threat, focusing instead on more immediate cybersecurity issues.

Vishwa: What are some of the first steps organizations can take towards their PQC migration?

Tim: Achieving crypto-agility is a natural and necessary first step in preparing for quantum threats, but many organizations overlook a foundational layer before they even start thinking about PQC: certificate agility. 

Before you can swap out cryptographic algorithms or transition to PQC standards, you need to know where your cryptography actually lives. That starts with digital certificates.

Certificates are the access points to your cryptographic landscape. They govern authentication, encryption, and data integrity across your systems. If you can’t inventory, manage, and update your certificates at scale, you can’t realistically assess or update the cryptographic algorithms tied to them. In other words, you can’t achieve crypto agility if you haven’t first achieved certificate agility.

Without this foundation, organizations risk flying blind: unknown certificates, expired keys, or hard-coded cryptography could quietly create critical vulnerabilities. Establishing certificate agility through automation, visibility, and certificate lifecycle management (CLM) is what makes broader crypto-agility possible, measurable, and scalable.

Another notable step is setting up a cryptographic center of excellence (CryptoCOE). A CryptoCOE offers a structured yet dynamic framework to drive the strategic development, management, and enforcement of cryptographic policies and best practices across entire organizations. 

According to Gartner, by 2028, organizations with a CryptoCOE will save 50% of costs by switching to PQC compared to those organizations without. 

Vishwa: The industry's move to a shorter 47-day SSL certificate lifespan is a major shift. From a cybersecurity solutions perspective, and based on Sectigo’s data, how does this reduce or alter organizational risk? 

Tim: The shift to a 47-day SSL certificate lifespan strengthens security by reducing the window of exposure if a certificate or private key is compromised, forcing more frequent key rotations and improving overall cryptographic hygiene. 

It also tightens the connection between domain control and certificate ownership, since domain control validation (DCV) will be performed more often, making it harder for misissued or outdated certificates to remain in use.

From an operational standpoint, the accelerated renewal cycle promotes automation out of necessity: Manual tracking simply can’t keep pace. Automated certificate lifecycle management ensures timely renewals, seamless DCV, consistent deployment across systems, and real-time visibility into certificate status. 

This not only minimizes human error and prevents outages but also frees IT teams to focus on higher-value security work.

These practices also enhance crypto agility, ensuring organizations can more quickly adapt to new cryptographic standards. The discipline, tooling, and automation developed for managing short-lived certificates will directly benefit future transitions, including the migration to PQC.