Likelihood: MODERATE
Impact: HIGH
Treatment: MITIGATE
Confidence: Moderate
Likelihood is moderate because no quantum computer capable of breaking RSA/ECC at operational key sizes exists today, but HNDL collection of AI agent traffic is low-cost and already attributed to nation-state actors, meaning the harvest phase may be underway now against exposed organizations; impact is high because AI agent communications frequently carry proprietary model logic, embedded credentials, and business-sensitive workflow data that would be fully exposed upon future decryption, with no retroactive remedy once keys are broken.
Treatment rationale: The threat has a defined technical remediation path — NIST FIPS 203/204/205 — with a regulatory-backed deprecation timeline, making mitigation via cryptographic modernization the only treatment that reduces both current harvest exposure and future decryption risk; acceptance is inappropriate given the compliance trajectory and irreversibility of already-captured traffic.
Third-Party / Supply-Chain Risk
AI infrastructure commonly relies on third-party LLM API providers, cloud-hosted agent orchestration platforms, and shared tool-integration middleware (e.g., vector databases, retrieval services, MCP servers) — all of which conduct encrypted agent-to-agent or agent-to-tool communication over classical TLS using RSA/ECC key exchange. Under NIST SP 800-161 framing, an organization that migrates its own endpoints but whose vendors retain classical cryptography remains fully exposed at the boundary; supply-chain cryptographic posture must be assessed and contractually addressed across the entire AI toolchain.
Loss Exposure (illustrative)
Magnitude: High — illustrative $5M–$50M+ per major decryption event, driven by proprietary AI model exposure, embedded credential compromise enabling downstream access, and potential regulatory penalties; range is wider for organizations with customer-sensitive data transiting AI pipelines
Frequency: Low-to-moderate on a 5–10 year horizon for organizations with nation-state exposure; HNDL collection events may already be occurring silently with loss crystallizing only upon quantum capability maturation
Annualized: Annualized framing is structurally inappropriate for a deferred-realization threat; the more meaningful frame is expected loss at quantum maturity, weighted by harvest exposure accumulated between now and the organization's PQC migration completion date
Basis: Loss magnitude derived from categories of exposed asset value: proprietary AI model interaction logs and business logic (competitive harm), credentials embedded in agent workflows (operational and financial harm from downstream access), and regulatory exposure for any personal or regulated data in transit; frequency reflects public reporting on nation-state HNDL programs targeting strategic sectors and the low incremental cost of bulk encrypted traffic collection; annualized framing declined because the loss event is non-annual in structure — it is a single future decryption event whose probability scales with adversary quantum timeline and organizational migration lag
Illustrative estimate — not actuarially derived.
Insurance / Contractual / Legal — Potential Obligations
Potential triggers, not legal determinations. Verify with counsel/broker before acting.
• Confirmed future decryption of AI agent traffic containing customer or employee data may invoke state and federal breach-notification obligations — verify with counsel.
• Failure to align with the NIST PQC transition timeline (RSA/ECC deprecation trajectory) may constitute a material deviation from cybersecurity representations in vendor contracts, customer agreements, or cyber-insurance policy warranties — verify with counsel and broker.
• Harvest-now-decrypt-later scenarios involving data subject to sector-specific retention and confidentiality rules (e.g., HIPAA, GLBA, ITAR) may trigger prospective regulatory obligations even before decryption occurs — verify with counsel.
