att.com via Reddit

AT&T launches quantum-safe SD-WAN for AI workloads

cybersecurity cybersecurity post-quantum networking

Key insights

  • AT&T and Cisco's SD-WAN now uses NIST-standardized post-quantum algorithms to protect AI data moving between enterprise sites.
  • The harvest-now-decrypt-later threat means adversaries collecting encrypted AI model weights today could expose them within a decade.
  • NIST finalized its first post-quantum cryptography standards in August 2024, triggering a compliance clock for regulated industries.

Why this matters

AI model weights and training data are long-lived intellectual property that can be exfiltrated now and decrypted later once quantum computing matures, making network-layer PQC protection a genuine near-term risk management decision, not a speculative one. Federal and financial regulators are expected to issue PQC compliance mandates in the next 1-3 years, and enterprises that have not upgraded their WAN encryption will face both legal exposure and rushed, expensive retrofits. For AI infrastructure architects, SD-WAN is the single highest-leverage upgrade point because it governs all inter-site traffic, meaning one product decision covers model distribution, inference routing, and training data movement simultaneously.

Summary

AT&T Business is now selling post-quantum cryptography protection baked into enterprise SD-WAN, built on Cisco infrastructure, making it one of the first major carriers to commercialize harvest-now-decrypt-later defenses at the network layer. The threat model here is specific: adversaries are already collecting encrypted AI model weights and sensitive inference traffic today, banking on quantum computers being able to crack current encryption within the decade. Enterprises running distributed AI workloads across data center fabrics are the primary exposure, since model weights and training data have long-term confidentiality value that outlasts current encryption guarantees. Essentially: (AT&T, Cisco) are racing ahead of expected federal and financial regulator mandates that will follow NIST's 2024 PQC standard finalization. - The product targets compliance-driven buyers in finance, defense contracting, and healthcare before mandates force their hand. - NIST finalized its first PQC standards in August 2024, giving vendors a specification to build against. - SD-WAN sits at exactly the right chokepoint: all inter-site AI traffic passes through it, making it a single upgrade surface for quantum-hardening. For enterprises already committed to multi-year AI infrastructure buildouts, the window to retrofit quantum-safe networking is narrowing as regulators move from guidance to requirements.

Potential risks and opportunities

Risks

  • Enterprises in financial services and federal contracting that delay PQC SD-WAN adoption could face retroactive compliance penalties once CISA and FIPS mandates extend to WAN encryption, likely within 18-24 months.
  • Competing carriers (Verizon, Lumen) and SD-WAN vendors (VMware, Fortinet) without PQC offerings risk losing enterprise AI infrastructure contracts to AT&T in renewal cycles over the next 12 months.
  • If the AT&T/Cisco implementation uses non-hybrid PQC only (dropping classical algorithms entirely), early adopters face interoperability failures connecting to partners and cloud providers still running pre-quantum TLS.

Opportunities

  • PQC key management vendors (Thales, Entrust, Keyfactor) gain a direct sales motion into AT&T enterprise customers who will need certificate lifecycle tooling to support PQC certificate rotation at scale.
  • Cloud networking providers (Equinix, Zayo) can differentiate colocation and interconnect offerings by adding PQC-capable cross-connects, positioning alongside AT&T's SD-WAN as an end-to-end quantum-safe fabric.
  • Quantum risk assessment consultancies and Big Four advisory practices can monetize the compliance readiness gap, as most enterprises lack internal expertise to audit whether their full network stack meets emerging PQC requirements.

What we don't know yet

  • Which specific NIST PQC algorithms (ML-KEM, ML-DSA, SLH-DSA) are implemented in the AT&T/Cisco solution, and whether hybrid classical+quantum key exchange is used during the transition period.
  • Pricing and contract structure relative to standard SD-WAN offerings, which will determine whether mid-market enterprises can adopt this before mandates force their hand.
  • Whether the solution covers encrypted traffic inspection at the SD-WAN edge or only tunnel encryption, a critical distinction for enterprises running AI workloads through security appliances.

Originally reported by att.com

Read the original article →

Original headline: AT&T Business Launches First Post-Quantum Cryptography Secure SD-WAN Powered by Cisco, Targeting Enterprise AI Data in Transit