Let me assume your question is about the impact on IT users. If you want to think about cryptography as a mechanism to achieve a business / user value, you can see it as a means to extend “trusted environment”.
Let me start with a question - why do banks believe that 4 digit PIN on your credit card is secure when a random guess have a chance of 1 in 10,000 to be correct. Does 3496 sound that much more secure than “password123” ?
I don’t think anyone can answer this question.
It is not so hypothetical question as ROCA attack gave as a taste of that in Autumn 2017. A lot of stuff was happening behind the scenes and I believe there are many enterprises yet to realise some important vulnerabilities (e.g., encrypted documents without proper protection).
If you’re interested in technical details, the best really is to read relevant standards. However, it’s relatively easy to give you a good idea of what they are.
I have been closely following authentication methods over the last 10 years or so and here’s a short list of my thoughts: