African AI companies are at an all-time data breach risk, especially those building AI infrastructure with classical cryptography. This is why Clinton Abadaike built SecureGRC, a governance, risk, and compliance platform designed to secure AI companies against future quantum computing threats.
Quantum computing, an emerging field in cybersecurity, has been discovered to potentially break current encryption, such as classical cryptography like Rivest–Shamir–Adleman (RSA), the backbone of most modern digital security, such as bank logins, encrypted emails, and software updates. While a classical computer would take trillions of years to crack an RSA-2048 key, a quantum computer running Shor’s Algorithm can do so in hours or minutes, and this has led to the development of post-quantum cryptography.
The use of full-scale quantum computing is still developing, but the data threats associated with it, which may reveal themselves in years to come, are an emerging threat even now in 2026. Adversaries can harvest encrypted data now, to decrypt it years from now when quantum computing is at scale.
To guard against this, in 2025, the White House announced an allocation of $7.1 billion over the next decade to secure its non-national security systems behind well-protected cryptographic infrastructures. With Post-Quantum Cryptography or PQC, companies can guard their data systems against decryption either by classical computers or quantum computers. This is where Secure GRC comes in.
Through the SecureGRC compliance framework, Abadaike, a cybersecurity expert and DISH Accelerator (Barclays x Plexal) cohort 6 alumnus, is ensuring African AI companies are protected from the ‘harvest now, decrypt later’ threat looming in post-quantum computing.
The SecureGRC solution
For many African startups, the path to global markets, especially the EU, requires ISO 42001 certification, the international standard for AI management systems. Yet, manual compliance can cost between £6,000 and £20,000 for smaller to mid-size firms, or £100,000 and £200,000 for larger enterprises and take up to 18 months to achieve. This price tag and time hurdle was not one he found companies were willing to follow.
“I spent six years in IT management watching organisations deploy AI without supply chain security,” Abadaike said.
In his thesis, which focused on quantum cryptography, he examined how this oversight opens the door for quantum threats during his master’s program in cybersecurity management at the University of Law.
To solve for this loophole in AI security systems, Abadaike designed SecureGRC as a tool to browse through a company’s tech stacks and seamlessly collect evidence that its AI models are being governed according to the standard
Aside from automating ISO 42001 compliance— an AI management systems standard—SecureGRC adopts CRYSTALS-Dilithium for cryptographic verification to protect AI supply chains against current threats and future quantum attacks.
In 2022, the National Institute of Standards and Technology, dedicated to promoting the U.S. economy and public welfare by providing technical leadership, released a report on Post-Quantum Cryptography that identified the first primary standards for global quantum-resistant security.
In the report, the NIST details CRYSTALS-Dilithium as one of the four signatures selected for standardisation. While NIST selected several algorithms, they explicitly recommended Dilithium as the primary signature to be implemented globally.
SecureGRC is not just using novel technology; it is built on the exact foundation that the U.S. government and global experts have mandated for the next generation of digital security. In December 2025, Abadaike validated SecureGRC’s framework through the DISH Accelerator, a three-month accelerator designed to fast-track the growth of digital startups in Great Manchester, UK
How does SecureGRC work?
- Quantum-safe signatures: The platform uses NIST-approved encryptions like CRYSTALS-Dilithium to protect assets before they become a threat in 2030.
- Supply chain integrity: Many companies download AI models or datasets from Hugging Face, an open-source AI community, so they can integrate them into their products. Such instances can leave companies open to compromise if there’s a backdoor in these models or datasets. SecureGRC monitors the origin of AI models, such as Hugging Face, to ensure the data used for training is reliable and secure.
- Automated compliance: It generates the Machine Learning Bill of Materials (ML-BOM), which is an inventory of components used to create an AI model, and continuous audit trails using Merkle trees, which serve as the “mathematical seal” that ensures the components have not been swapped or tampered with.
- Cryptographic provenance: If any AI component is modified anywhere from creator to deployment, the cryptographic chain breaks, triggering an immediate alert.
SecureGRC is preparing for its Minimum Viable Product (MVP) launch in Q2 2026, and the company is currently recruiting five founding pilot partners from across Nigeria, Kenya, South Africa, Ghana, and Egypt. By adopting NIST standards early, African founders can avoid expensive future migrations to post-quantum computing cryptography.
“I’m encouraging African tech space to grab this opportunity while the world is still behind,” Abadaike said. “We can jump on this place and make sure every infrastructure we’re building right now in Africa is quantum-ready”.
Founding partners will receive:
- Free implementation of the SecureGRC platform to protect their AI infrastructure.
- Early access to quantum-safe AI compliance tools.
- Direct support from the founder to shape the future of AI security in Africa.
For African Chief Technology Officers and Chief Information Security Officers deploying AI for credit scoring, chatbots, or risk assessment, you can secure your supply chain against future vulnerabilities by participating in SecureGRC’s pilot programme. To get started, send an email directly to Clinton@securegrc.io, or to learn more about quantum-safe compliance, visit securegrc.io/africa-pilot.
