What is Harvest Now, Decrypt Later?
If encrypted data is stolen today and must remain confidential for many years, future decryption can become today’s risk.
X + Y > Z
Mosca-style risk thinking connects data confidentiality lifetime, migration time, and time to a relevant quantum threat.
Copied today
Encrypted data can be recorded or copied before it can be read.
Stored for later
The value depends on how long the data remains sensitive.
Future readability risk
If protection weakens later, the problem may have started earlier.
If long-lived encrypted data is copied today, future decryption can become today’s risk.
Short Answer
Harvest Now, Decrypt Later means an attacker may steal or record encrypted data today and keep it.
Data can be copied before it can be read
The attacker may not be able to read it now. But if the data remains valuable for many years, and future technology weakens the cryptography that protected it, the stolen data may become useful later.
This is why quantum risk can matter before a large cryptographically relevant quantum computer exists.
Risk can start before Q-Day
The question is not only: “When is Q-Day?”
Ask the better question
The better question is: “Which data stolen today would still cause harm if it became readable in the future?”
Core Explanation
Some attackers can store data for later
Encrypted traffic, files, backups, archives, or copied databases can be stored.
If the data is useless after a few days, the long-term risk may be limited.
If the data remains sensitive for years, the risk becomes more serious.
Data has a shelf life
Different data has different confidentiality lifetimes.
The longer the data must remain confidential, the more important the question becomes.
- medical records
- identity documents
- legal archives
- signed contracts
- employee records
- industrial designs
- long-term financial records
- merger and acquisition material
Migration also takes time
Companies cannot usually replace cryptography overnight.
If migration takes years, waiting until the risk is obvious may be too late for some systems and some data.
- protocols
- certificates
- VPNs
- identity systems
- applications
- hardware
- firmware
- cloud services
- vendor products
- operational processes
The first step is visibility
Harvest Now, Decrypt Later does not mean panic.
It means companies should understand what sensitive data they hold, how long it must remain confidential, where that data moves, where vulnerable public-key cryptography is used, which vendors control parts of the cryptography, and which systems will be slow or difficult to change.
Why It Matters
Harvest Now, Decrypt Later changes the timing of the problem.
Without this idea, it is easy to think: “We can deal with quantum risk when quantum computers are ready.”
For short-lived data, that may be reasonable.
For long-lived sensitive data, the risk can start earlier. If data is copied now and remains valuable later, the organisation may have a future problem that began before it was visible.
This is also why audits and discovery work matter. Long-lived data rarely stays in one neat place. It can move through cloud platforms, VPNs, SaaS tools, backups, archives, suppliers, and identity systems.
If the organisation cannot see where the data moves, it cannot prioritise protection or migration sensibly.
Long-Lived Data Examples
These examples help identify where the timing model may matter most.
| Data type | Why it may be long-lived |
|---|---|
| Medical records | Sensitive for many years and often hard to replace or withdraw. |
| Identity documents | Useful for fraud, impersonation, and long-term personal risk. |
| Legal archives | Contracts and disputes can remain relevant for years. |
| Industrial designs | Product and engineering value may last across long development cycles. |
| M&A material | Sensitive before, during, and after a transaction. |
| Employee records | May contain identity, payroll, health, or legal information. |
Practical Example
Long-lived data across ordinary systems
A company stores confidential legal documents, employee records, and product designs.
It also uses:
Useful first questions
- Which data would still be sensitive in ten years?
- Where is that data copied, synced, backed up, or shared?
- Which systems protect that data in transit or at rest?
- Which systems use public-key cryptography?
- Which systems are controlled by vendors?
- Which systems would be difficult to upgrade quickly?
The answer does not need to be perfect at the beginning.
The useful first step is to identify the data and systems that deserve earlier review.
Common Misunderstanding
“We can wait until quantum computers are available.”
For some data, waiting may be acceptable. For long-lived sensitive data and slow-to-change systems, planning needs to start earlier because the data can be copied now and migration can take years.
What to Remember
One-Sentence Summary
Harvest Now, Decrypt Later is the risk that encrypted data stolen today may become readable in the future while it is still sensitive.
Three Key Points
- The key issue is data confidentiality lifetime.
- Mosca-style risk thinking connects data lifetime, migration time, and future quantum capability.
- Readiness starts by finding where long-lived sensitive data moves and which systems protect it.