Is quantum computing overhyped?

Quantum computing is not overhyped. Rather, CIOs and IT leaders may want to pay more attention to the tech to understand the disruptions to come.

That's the take of a number of industry watchers, including Nella Grace Ludlow, director of quantum computing and research professor of computer science at Wright State University.

While quantum computing is still in its early stages of practical development, some companies are already using it to solve difficult challenges. When technology firms are able to fully develop the technology, quantum computers could solve in a matter of seconds complex problems that traditional computers need months or years to solve. On the downside, quantum computers could also enable hackers to quickly solve the complex mathematical algorithms that data encryption requires, thus placing all data and cybersecurity at risk.

In this interview, Ludlow delves into the state of quantum computing today, potential benefits of its use and greatest risks associated with its advancement.

Editor's note: This interview was edited for length and clarity.

How would you characterize the current state of quantum computing?

Nella Grace Ludlow: Quantum computing is useful now. The 'big lie' in computer science is that we can solve any problem if we just get a bigger supercomputer. I teach algorithms courses to Ph.D. students, and my main goal is to instill in those new computer scientists the ability to communicate to their pointy-haired boss how some problems explode in computational complexity and cannot be realistically solved on a bigger supercomputer [which uses traditional binary computing].

In chemistry, there are dozens of examples where we currently use quantum computers to search new chemical structures for ideal new materials, to search for new medicines or to better optimize machine learning algorithms that currently use AI tricks to find a good, but not best, solution.

Quantum computing is rapidly advancing, so any snapshot changes quickly. Quantum computers use quantum bits, or qubits, one of the benchmarks for a quantum computer's capability. For example, if a new quantum computer comes out that has only 10 more qubits, then that new machine can handle problems 1,000 times larger.

For the past seven years, the number of new qubits of commercially available quantum computers has roughly doubled, and one qubit doubles the capability. Nature used the interesting term 'double exponential' to describe this growth. This term makes Moore's law look like an old Model-T in comparison.

Caltech professor John Preskill coined the term 'NISQ' for 'noisy intermediate-scale quantum' computing in 2018. Many believe we are still in -- or near the end of -- the NISQ era of quantum computers.

This [assumption] is because quantum computers still have a higher error rate for a qubit than compared to classical computer bits. While the number of qubits has increased, the error rate has improved less so. There are new performance benchmarks coming out every month, enabling us to enter the 'fault-tolerant quantum computing' era. This new era would allow for working on ultrahard problems, such as code breaking.

How close or real is quantum computing for use by organizations, and what would be the driving motivations to do so?

Ludlow: There are likely dozens of difficult unsolved problems right now that any organization could use quantum computing to improve. Airbus is using quantum computers to design their new aircraft. The German auto industry is using quantum computers to plan, schedule and route hundreds of autonomous vehicles. And multiple companies are using them to design better batteries to meet the need of electric vehicles.

If someone thinks, 'I will wait for quantum computing to mature,' they are already in the late-adopter category.

The driving motivation is overcoming the mental hurdle of thinking a quantum computer is similar to a classical computer and will give an organization X percentage of improvement. [A quantum computer has] a radically different computer architecture and makes previously impossible problems solvable.

What are the regulatory or policy concerns around quantum computing?

Ludlow: The reality is there is not much established regulatory policy. Think of the current situation of regulatory oversight or policy development around the use, and ethical use, of AI. Regulations around quantum computing are even less developed.

What are the most critical issues around quantum computing as they relate to data risk and security?

Ludlow: I serve on the IEEE subcommittee (SC10) for Cybersecurity for Quantum Computers and also on the Scientific Working Group for Artificial Intelligence for the FBI, where we discuss best practices, concerns and ethics about using these technologies. Trying to minimize risk is key to using these new technologies. AI is often brittle and can give a good answer within its training domain. But AI may make wild and perhaps catastrophic choices when dealing with new or unforeseen scenarios and data.

As this field is rapidly developing, I would look to the following three things:

1. NIST is developing new encryption standards as everything from military secrets to banking and company proprietary information may be vulnerable with quantum computing. Look for post-quantum cryptography (PQC) methods. NIST intends to publish new PQC methods in 2024.
2. IEEE is working on publishing cybersecurity for quantum practices. Vulnerabilities and new risks occur when we introduce new technologies. Not only can some quantum algorithms create a threat to classical computers and security, but potentially, even classical computers can attack quantum computers, as we recently demonstrated in breaking the quantum SIKE [Supersingular Isogeny Diffie-Hellman] algorithm last year.
3. Look to experts, consultants and new companies that specialize in helping companies protect assets and minimize risk when implementing quantum technologies. It is no longer a question of if companies will need to implement quantum capabilities, but rather when and how to do it safely.

What are thought to be the top benefits for businesses trying to invest in quantum computing?

Ludlow: Don't look for problems where you will provide 5% to 15% improvement, but focus on the problems that were previously impossible to solve. In mathematics, these difficult-to-solve problems are often called 'NP' for 'nondeterministic polynomial time' problems.

Good choices for quantum computing include logistics, scheduling, finance, market prediction, designing of new materials, medicines and energy transport. Any problem where optimizing the outcome involves millions of possible choices to get the best solution is an ideal problem for quantum computing.

What are the top overall risks to organizations for embracing quantum computing?

Ludlow: Some potential risks include the following:

1. People. The difficulty in finding trained personnel. Finding cybersecurity, IT and computer scientists is a constant challenge. Finding people to program, develop and understand quantum computers and quantum algorithms is even harder.
2. Off-site and cloud computing. Most realistic uses of quantum computers are via the cloud, where someone else operates and manages the supercooled and expensive environment of running and tuning quantum computers. Some organizations have specific data protection requirements that are unable or unwilling to run those applications on a cloud environment.
3. Doing nothing and saying quantum won't affect our organization. A willingness to forego the upside of new quantum algorithms and applications does not protect an organization from new threats from those who do implement quantum technologies.

How sensitive are private sector organizations to the risks associated with quantum computing?

Ludlow: All companies will be affected -- if nothing else, by the need to implement new NIST-approved encryption methods.

What measures should organizations embracing quantum technology take to protect their data?

Ludlow: Big companies offer quantum cloud services. Microsoft offers Quantum Azure and Amazon offers Braket via AWS, which are methods that your organization can implement quantum computing using the leading companies' quantum computers, such as D-Wave, IonQ, OQC [Oxford Quantum Circuits] and Rigetti. Google offers quantum services on their quantum hardware. IBM is the world leader in selling quantum computers and offering online access to their quantum computers.

Some steps organizations can take to safeguard data include the following:

1. Send your staff to get quantum training and receive certifications.
2. Hire people with quantum information science or quantum computing degrees.
3. Ask for help; hire for an outside consultation to get started.
4. Pick a good first problem, and use a small in-house team to develop a quantum project.

What is your top advice to IT leaders on quantum computing investments?

Ludlow: Try to stay balanced and realistic. I worked in the IT sector in the military when the Y2K problem happened. Some of the responses to the potential threat were over the top. We don't want the medicine to be worse than the disease.

There is also a short time frame of limited risk because it is a new technology. When cellphones were first introduced, some virus protection companies were selling upgrades to identify and block cellphone viruses, even though there were close to zero viruses at that time. What were those companies selling other than false protection?

The bottom line is that the time for embracing quantum computing is now. It is real, it is here, and it will grow and be adopted faster than most people will feel comfortable with. Look to NIST, IEEE and other standards organizations to help identify best practices. Ask for and hire expert consultants to help protect your organization's data and computing systems.