Generative AI, Industry 5.0, and post-quantum computing are converging rapidly, and enterprise cybersecurity risks are expanding from traditional cyberattacks to new challenges such as data governance, AI trustworthiness, and quantum encryption security. During CYBERSEC 2026, Daniel Toh, Vice President of Sales Engineering for Thales Asia Pacific and Japan, pointed out that as AI penetrates manufacturing and decision-making processes, data security becomes crucial for the implementation of Industry 5.0, and a security architecture with PQC agility is becoming a new line of defense for enterprises to build long-term cybersecurity resilience.

Industry 5.0 : AI Enters Production Lines and Decision-Making

Based on his years of experience visiting manufacturing clients in the Asia-Pacific region, Daniel points out that most companies have not yet truly completed Industry 4.0. Many manufacturing clients are still dealing with fundamental issues such as cloudification, automation, and OT integration, but generative AI has already entered the enterprise environment, forcing companies to confront new risk models.

Compared to Industry 4.0, which focuses on IoT, cloud computing, and process automation, Industry 5.0 emphasizes "human-machine collaboration." AI is no longer just an auxiliary tool but directly participates in production processes, supply chain analysis, and operational decisions. However, with the large-scale adoption of AI, the attack surface has also expanded. Daniel points out that the global data volume has now exceeded 180 ZB, and this massive increase in data mainly comes from AI-generated content. However, enterprises often cannot verify the source, authenticity, and sensitivity of the data, and lack comprehensive data classification and metadata management capabilities.

According to Thales' survey of the Asia-Pacific market, over 50% of new cybersecurity budgets have been allocated to AI-related projects, and approximately 70% of enterprises believe that AI will become the biggest cybersecurity challenge in the future. Furthermore, traffic monitoring of global data centers has revealed that an increasing number of attacks are no longer initiated manually by humans, but are instead automatically generated by AI to directly attack infrastructure.

Daniel emphasized that generative AI is still essentially a "black box." Without data classification and traceability mechanisms, companies face the risk of "garbage in, garbage out" (GIGO). Therefore, adhering to "human participation in the loop" is the core of AI governance, and companies must ensure that humans retain ultimate decision-making power in automated processes.

HNDL : The Post-Quantum Threat Emerges Ahead of Schedule

Besides generative AI, post-quantum cryptography (PQC) has become the next wave of security challenges for enterprises. Many hackers are adopting a "harvest now, decrypt later" (HNDL) strategy, collecting large amounts of existing encrypted data now and waiting for quantum computers to mature in the future before cracking them.

Daniel pointed out that state-sponsored hacker groups are leading this HDNL attack pattern, collecting data through methods such as undersea cable eavesdropping and traffic skimming. In the past, storing large amounts of encrypted data was too costly, but with the rapid decline in data center storage costs, long-term storage of massive amounts of encrypted data has become economically feasible.

High-tech manufacturing, government, and defense systems are considered high-risk targets. In particular, data involving semiconductor design, industrial blueprints, and diplomatic documents often have long-term value exceeding 10 years, and even if declassified years later, they can still cause significant commercial and national security impacts. However, fully implementing PQC (Programmable Quality Control) is not easy for enterprises. Many existing systems, medical devices, and industrial control systems heavily rely on existing architectures, and some devices may even have their manufacturer warranties voided due to the use of encryption.

In response to the quantum threat, Thales is pushing forward with a new generation of Hardware Security Module (HSM) architecture featuring "PQC Agility." This containerized platform can run traditional RSA and PQC algorithms in parallel on a single hardware platform and quickly switch encryption standards through software upgrades. Daniel believes this hybrid encryption model (Hybrid PQC) will become a protection strategy during the quantum transition, helping enterprises gradually complete their quantum security transformation within their existing infrastructure and build more resilient data defense capabilities.