Library Header Image Library Header Image

Ben's Book of the Month: How AI and Quantum Impact Cyber Threats and Defenses: Reshaping Your Cyber Defense Strategies


Posted on by Ben Rothke

Few developments will reshape cybersecurity more profoundly than artificial intelligence and quantum computing.

Roger Grimes has earned a well-deserved reputation as one of cybersecurity's most effective communicators. Over the past two decades, he has consistently translated complex technical subjects into practical guidance for security professionals, executives, and policymakers alike.

I've known Roger for many years and have reviewed several of his previous books on this site. His latest work, How AI and Quantum Impact Cyber Threats and Defenses: Reshaping Your Cyber Defense Strategies, continues that tradition, offering an accessible and practical look at two technologies that are rapidly reshaping the cybersecurity landscape.

Artificial intelligence and quantum computing are arguably the two most transformative technologies to impact information security in decades. AI is already changing how organizations detect, prevent, and respond to attacks, while quantum computing promises to fundamentally alter the cryptographic foundations upon which modern security depends.

The prospect of quantum computing breaking today's public-key encryption sounds like science fiction. Once sufficiently powerful quantum computers become a reality, many of the cryptographic algorithms currently protecting sensitive data could become obsolete. Information once considered securely encrypted could be exposed unless organizations prepare in advance. I discussed this challenge in my earlier review of Becoming Quantum Safe: Protect Your Business and Mitigate Risks with Post-Quantum Cryptography and Crypto-Agility.

In this new book, Grimes argues that organizations should not view AI and quantum computing as separate initiatives. Instead, enterprises must understand how these technologies will increasingly intersect, accelerating both offensive cyber capabilities and defensive security measures.

One of the book's greatest strengths is its emphasis that AI adoption and post-quantum preparedness are not merely technical projects, they are business transformation initiatives. Grimes continually reinforces a principle that experienced security professionals understand well: cyber risk is fundamentally a business risk.

When discussing quantum computing, opinions vary widely. Some experts believe organizations should prioritize post-quantum migration immediately, while others advocate a more measured approach. Grimes wisely avoids sensationalism. Rather than embracing "the sky is falling" narratives, he acknowledges both the urgency and the reality that migrating to quantum-resistant cryptography is a complex, multi-year effort requiring careful planning.

Readers seeking a deeper exploration of quantum computing will also benefit from Grimes's earlier work, Cryptography Apocalypse: Preparing for the Day When Quantum Computing Breaks Today's Crypto, published in 2019.

Although the book explores emerging concepts and future scenarios, its primary focus remains practical. Readers will find actionable guidance on preparing security teams for AI-enabled attacks, evaluating AI vendors, prioritizing post-quantum migration, and developing realistic strategies for adapting to this rapidly changing threat landscape.

At approximately 350 pages, the book serves as an excellent introduction to both AI and quantum computing without sacrificing substance. As these technologies continue to redefine cybersecurity, every security professional, from practitioners to CISOs, needs to understand not only the risks they introduce but also the opportunities they present.

For anyone seeking a practical, balanced, and business-focused guide to understanding how AI and quantum computing will reshape cybersecurity over the coming years, How AI and Quantum Impact Cyber Threats and Defenses is an outstanding resource and a worthwhile addition to any security professional's library.

Contributors
Ben Rothke

Senior Information Security Manager, Tapad

Blogs posted to the RSAConference.com website are intended for educational purposes only and do not replace independent professional judgment. Statements of fact and opinions expressed are those of the blog author individually and, unless expressly stated to the contrary, are not the opinion or position of RSAC™ Conference, or any other co-sponsors. RSAC Conference does not endorse or approve, and assumes no responsibility for, the content, accuracy or completeness of the information presented in this blog.


Share With Your Community

Related Blogs