When quantum computing is discussed in cybersecurity circles, cryptography usually takes centre stage, and rightly so. The prospect that quantum machines could one day break encryption is a serious concern. But beyond encryption lies another, less visible challenge: how we design and secure the software that will run on these machines.
So far, quantum computing has largely been the domain of specialist researchers such as physicists, mathematicians, and chemists. Programming in this space has been domain-specific and often unconstrained by the engineering practices that underpin modern software development. This echoes the early decades of classical computing, when software quality, scalability, and security lagged behind hardware.
If we are to avoid repeating history, quantum computing needs the structured expertise of software engineers, computer scientists, and cybersecurity specialists. In short, we need secure quantum software engineering.
In practice, this means developing systematic methods for designing, testing, and assuring quantum programs, just as we do in classical systems. It means building standards and tools, and creating educational pathways so the next generation of engineers can write reliable and secure code for quantum machines. Without such structures, the gap between breakthrough algorithms and trustworthy applications will widen.
For cybersecurity, the stakes could not be higher. Quantum software will underpin future infrastructures, from secure communications to optimisation engines managing energy grids and financial systems. If built on fragile or poorly tested code, the vulnerabilities will be profound.
Quantum software engineering is also about opportunity. Quantum inspired methods could transform cybersecurity: modelling complex threat landscapes, simulating attack–defence dynamics, and reimagining resilience itself. These opportunities demand imagination, but also the discipline of engineering practice.
This vision is gaining traction. The EU’s Quantum Flagship programme has committed over €5.7 billion to accelerate the transition from lab to market, while Ireland’s Quantum 2030 strategy aligns national priorities to position the country as a competitive hub. Private sector investment is surging too – venture capital and corporate funding in quantum computing reached $1.9 billion in 2024, a 138% year- on-year increase. These moves show quantum is no longer just a research frontier but a strategic commercial domain.
Yet the engineering of quantum software is still in its infancy, offering a first-mover advantage to those who invest early in tools, talent, and standards.
Quantum computing is often framed as a disruptive threat. The real challenge is not simply to watch it unfold but to shape how it enters the software and security landscape. By embedding security and quality from the start, we can avoid costly retrofits later. The post-classical world will not wait for us to catch up.