fr
Revenir au blog

THE DUAL DISRUPTION: AI AND QUANTUM

Picture of Luc Brouwers
Luc Brouwers 11 sept. 2025 23:00:00
blogs articles

Dual Disruption

The Dual Disruption: Generative AI and Quantum Computing in Cybersecurity
Presented by Bart Salaets, EMEA Field CTO at F5, at BE-CEC on September 11, 2025 in Dolce, La Hulpe.

At the Belgian Cybersecurity Executive Conference (BE-CEC), Bart Salaets, EMEA Field CTO at F5, took the stage to address two of the most disruptive forces shaping the cybersecurity landscape today: Generative AI and Quantum Computing. His session, “The Dual Disruption: Generative AI and Quantum Computing in Cybersecurity”, explored both the unprecedented opportunities and the critical risks these technologies introduce.

Bart 019

AI in the Enterprise: From Hype to Security Challenge

Slide11

Salaets began with a striking forecast: by 2028, four out of five enterprise applications will rely on AI. This isn’t just about AI-driven chatbots or copilots — it represents a wholesale rewriting of the application delivery and security stack.

For decades, F5 has specialised in application delivery and security, ensuring apps are fast, available, and secure. But the rise of generative AI (GenAI) is rewriting the rules of engagement. While AI accelerates innovation, it also expands the attack surface in ways that security teams are only beginning to grasp.

 

xxx

 

Slide12

Salaets outlined new AI-specific threat classes:

  • Hallucinations: fabricated but convincing AI-generated outputs

  • Data exfiltration: leakage of sensitive information through AI interactions

  • Prompt injection: attackers manipulating AI instructions to bypass safeguards

  • Agentic malware: AI-driven code capable of adapting in real time

  • Abuse of large language models (LLMs): weaponizing AI tools for malicious use

 

xxx

 

Slide13-1

He reminded the audience that every technological wave has come with its own security wake-up calls. In the early days of cloud adoption, misconfigured firewalls and over-permissioned accounts led to high-profile breaches. In mobile, lack of proper API security exposed millions of user records. In DevOps, supply chains proved exploitable, with attackers compromising signed software updates.

AI is no different,” Salaets argued. “We are already seeing leakage, hijacking, and prompt injection — and we’re still at the very beginning of this journey.”

 

xxx

 

AI Gateways: Controlling the Model

Slide14

As enterprises race to embed AI into their workflows, securing the models themselves is emerging as a priority. Salaets introduced the concept of the AI gateway: a dedicated layer to protect and manage AI models, monitor usage, and ensure visibility.

Recent industry data shows that half of organizations are already deploying AI gateways. Their main purposes are to:

  • Protect the AI model from exploitation or theft

  • Control access to sensitive data processed by the model

  • Provide oversight for compliance and governance

 

xxx

 

Slide15-1But AI gateways are only part of the picture. Salaets stressed the need for a holistic AI security strategy — one that consolidates application delivery, visibility, and security into a unified platform.

 

xxx

 

Quantum Computing: The Next Seismic Shift

Slide16-1

If AI is today’s disruption, quantum computing is tomorrow’s. Salaets framed quantum as a paradox: on the one hand, it will unlock breakthroughs in healthcare (drug discovery), energy (grid optimization), and even space exploration. On the other hand, it poses an existential risk to digital security.

 

xxx

 

The Post-Quantum Cryptography Roadmap

The problem lies in cryptography. Today’s digital world relies on algorithms like RSA and ECC to secure communications, payments, and infrastructure. Quantum computers, however, are expected to break these algorithms with relative ease. This means that nation-states and threat actors are already stockpiling encrypted data in anticipation of decrypting it once quantum capabilities arrive — a tactic known as “harvest now, decrypt later.”

Q-Day is coming,” Salaets warned. “The day when quantum systems can break our current cryptography may not be tomorrow, but it’s close enough that we need to prepare now.”

Slide17-2
Salaets walked through the milestones on the journey to post-quantum cryptography (PQC):

  • 1994–1996: Shor’s and Grover’s algorithms proved quantum computers could theoretically undermine RSA and ECC.

  • 2001: IBM and Stanford demonstrated the first quantum algorithm on a 7-qubit machine.

  • 2024: NIST published official PQC standards (FIPS-203 ML-KEM, FIPS-204 ML-DSA, FIPS-205 SLH-DSA).

  • 2029: Gartner forecasts practical quantum decryption.

  • 2030: NIST plans to deprecate RSA and ECC entirely.

 

xxx

 

Slide18

Industry adoption, however, remains slow: government (6.3%), financials (6.7%), healthcare (7.6%), and consumer goods (13.2%).

 

xxx

 

Slide19

Big tech firms are leading the charge.
  • Google has enabled PQC in Chrome and Android
  • Apple will introduce PQC support in iOS 26, iPadOS 26, and macOS Tahoe 26
  • Microsoft is preparing PQC capabilities in Windows 11

 

xxx

 

Slide20-1

A complicating factor is that the lifespan of digital certificates is shrinking: from 398 days in 2025 to just 47 days in 2029. Manual certificate management, already a burden for IT teams, will soon be impossible at scale.

 

xxx

 

Crypto Agility: Preparing for Q-Day

Slide21-1

To survive the quantum disruption, Salaets urged organizations to adopt crypto agility — the ability to quickly replace or update cryptographic algorithms across systems with minimal disruption.

Crypto agility requires:

  • Introducing post-quantum algorithms into the enterprise stack

  • Automating certificate and key management

  • Offering crypto-as-a-service for developers, paired with governance for security teams

“Manual operations will break under the weight of shrinking certificate lifecycles and new algorithms,” he explained. “Automation is the only way forward.”

 

xxx

 

Slide8-1

Enterprises today face a fragmented stack: on-premises ADCs, cloud-native ADCs, and scattered point-security products. This sprawl leads to high costs, operational complexity, and increased risk. Vendor and platform consolidation is no longer optional.

 

xxx

 

F5’s Answer: Consolidation and Agility

Slide9-1

Against this backdrop of dual disruption, Salaets positioned F5’s App Delivery & Security Platform (ADSP) as a strategic response.

Slide22-2

F5’s ADSP consolidates delivery and security into a single platform that:

  • Provides complete coverage for every app, anywhere, in any form factor

  • Bridges teams across NetOps, SecOps, DevOps, and PlatOps

  • Automates SSL and cryptographic management

  • Exposes APIs so developers can self-serve while crypto teams maintain control

In practice, this means enterprises can simplify operations today while preparing for tomorrow’s AI-driven and quantum-challenged environment.

 

xxx

 

 

A Call to Action

Slide23

Salaets closed his session with a stark reminder: both AI and quantum computing are not distant trends — they are already reshaping the cybersecurity agenda. The organizations that succeed will be those that:

  1. Secure their AI models and applications with gateways and holistic controls

  2. Consolidate their delivery and security operations to reduce complexity

  3. Adopt crypto agility to prepare for a post-quantum future

The dual disruption of AI and quantum computing will redefine cybersecurity. The only sustainable response is agility, consolidation, and automation.

The BE-CEC audience left with a clear message:

The time to prepare for AI- and quantum-driven disruption is not tomorrow, but today.

Contactez nous