PQC Business Risk Evaluator

📊 Industry Scenario — Quick Start:

Select an industry scenario to load typical values for that sector, or choose "Custom" to set your own parameters.

Currency:

Mosca's Theorem — Assess Your Timeline

📊 Mosca's Quantum Threat Probabilities

Based on Dr. Michele Mosca's 2015 analysis: ~14% probability by 2026 (1 in 7 chance), ~50% by 2031 (1 in 2 chance), with projections of ~70% by 2035 and ~85% by 2040. Note: These are estimates with significant uncertainty; actual timelines may vary.

⟦ X = Data Security Requirement 5 years

How long does your sensitive data need to remain confidential?

05101520

⟦ Y = PQC Migration Time 3 years

How long will it take to complete your migration to quantum-safe cryptography?

03691215

Combined Timeline (X + Y) 8 years

X: 5

Y: 3

05101520

X: Data Security Requirement

Y: Migration Time

Quantum Threat Probability

60%

by year 2033

Window End Year

2033

X + Y from now

⚠️

Migration Planning Recommended

Your combined X+Y timeline suggests moderate risk. Begin planning your PQC migration now.

📚 Learn More: Deep Dive into Mosca's Theorem ▼

Mosca's Theorem: Quantum Security Preparedness

Mosca's Theorem provides a framework for determining when organizations must act to protect against quantum computing threats. The inequality (X + Y) > Z helps assess quantum readiness.

Interactive Z Comparison

Adjust Z (estimated time until cryptographically-relevant quantum computers) to compare against your X+Y timeline:

⟦ Z = Time until CRQC 7 years

151015

Z: 7y

X: Data Security

Y: Migration Time

Z: CRQC Timeline

X+Y (8) > Z (7) — Action Required Now

Learned Hand Formula — Evaluate Investment

⚖️ The Legal Risk of Post-Quantum Delay

The Learned Hand Formula (from U.S. v. Carroll Towing Co., 1947) states that negligence occurs when B < PL, where B is the burden (cost) of prevention, P is the probability of harm, and L is the magnitude of loss. In the context of Post-Quantum Cryptography and the "Harvest Now, Decrypt Later" (HNDL) threat, this means: if the cost of implementing PQC now is less than the expected loss from quantum decryption (probability × damages), delaying PQC migration could create legal exposure.

⟦ B = Burden (Cost of PQC Migration) $500,000

What is the estimated cost of implementing quantum-safe cryptography?

$50K$1M$2.5M$5M

⟦ L = Loss (Potential Breach Damages) $15,000,000

What is the potential loss from a quantum-enabled data breach?

$1M$25M$50M$100M

$500K

B (Prevention Cost)

$9M

P × L (Expected Loss)

Expected Loss (P × L)

$9M

Probability × Potential Loss

Risk/Cost Ratio

18x

Expected loss vs. prevention cost

🚨

Higher Risk Profile

Prevention cost (B) is significantly less than expected loss (P×L). Immediate action is economically and legally justified.

⚠️ Limitations & Assumptions ▼

Important Caveats

Probability estimates are uncertain: Mosca's probabilities are educated estimates, not precise predictions. Actual quantum computing timelines may differ significantly.
Loss calculations are illustrative: Actual breach costs depend on many factors including data type, regulatory environment, and organizational response.
Legal standards vary: The Learned Hand Formula is a US legal concept; other jurisdictions may apply different standards.
Not legal advice: This tool is educational. Consult qualified legal counsel for specific guidance.
Migration costs vary widely: Actual PQC implementation costs depend on organizational size, complexity, and existing infrastructure.

📚 Learn More: Resources & References

NIST Post-Quantum Cryptography Project
NSA's Cybersecurity Advisory (PDF)
Mosca, M. (2015). "Cybersecurity in an Era with Quantum Computers" – IEEE Security & Privacy
United States v. Carroll Towing Co., 159 F.2d 169 (2d Cir. 1947) – Learned Hand Formula

⚖️ Legal Disclaimer

This tool is provided for educational and informational purposes only and does not constitute legal advice, professional consultation, or a guarantee of legal outcomes. Consult with qualified legal counsel before making decisions based on this analysis. No attorney-client relationship is created by use of this tool.

💬 Discuss with ProteQC

© 2025 ProteQC Limited. All rights reserved.

✓ FREE USE PERMITTED:
• Educational and academic purposes
• Research and non-commercial analysis
• Personal risk assessment
• Sharing with proper attribution

✗ PERMISSION REQUIRED:
• Commercial use or paid services
• White-labeling or rebranding
• Removal of attribution

ATTRIBUTION: "Developed by ProteQC Limited (ProteQC.com)"

NO WARRANTY: Provided "AS IS" for educational purposes.