A Strategic Imperative for Enterprise Post-Quantum Cryptography Readiness

Written By Franklin Donahoe

This article discusses the urgent need for enterprises to adopt Post-Quantum Cryptography (PQC) due to the impending threat of cryptographically relevant quantum computers and the "harvest now, decrypt later" attack model. It outlines a comprehensive PQC readiness approach, including cryptographic agility, a phased migration framework, robust governance, and third-party risk management. The article details PQC algorithms and the NIST standardization process, provides a phased migration framework with data prioritization tiers, highlights the role of Hardware Security Modules (HSMs), and addresses the impact of PQC on applications, browsers, transmissions, and storage. Finally, it covers global compliance frameworks and regulatory landscapes, and acknowledges the challenges in PQC adoption, such as resource overhead, interoperability, expertise gaps, and cost implications.

Navigating the Quantum Horizon

I. Executive Summary

The digital landscape is on the cusp of a profound transformation, driven by the imminent advent of cryptographically relevant quantum computers (CRQCs). These machines, anticipated to materialize within the next decade, pose an existential threat to the foundational public-key cryptography (PKC) that currently secures global digital communications and data.1 The shift from a theoretical "if" to a practical "when" for CRQCs fundamentally alters the strategic calculus for cybersecurity planning. This urgency is further compounded by the "harvest now, decrypt later" (HNDL) attack model, where adversaries can collect currently encrypted sensitive data with the intent to decrypt it once quantum capabilities mature. This means data requiring long-term confidentiality is already at risk today, compelling immediate action.2

For global large enterprises, proactive engagement with Post-Quantum Cryptography (PQC) is no longer optional; it is a strategic imperative. This report outlines a comprehensive approach to PQC readiness, emphasizing the cultivation of cryptographic agility, the adoption of a phased migration framework, the establishment of robust governance, and diligent management of third-party risks. The overarching goal is to transition to quantum-safe algorithms and practices well before current encryption methods become vulnerable, safeguarding critical assets and ensuring long-term digital resilience.

II. The Impending Quantum Threat and Its Urgency

Understanding Cryptographically Relevant Quantum Computers (CRQCs) and Shor's Algorithm

Quantum computers harness the principles of quantum mechanics to perform computations far beyond the capabilities of classical machines.4 This computational power poses a direct threat to widely used asymmetric cryptographic algorithms such as Rivest-Shamir-Adleman (RSA) and Elliptic Curve Cryptography (ECC), which underpin much of today's digital security infrastructure.1 The vulnerability stems from Peter Shor's algorithm, developed in 1994, which demonstrates how a sufficiently powerful quantum computer could efficiently factor large numbers (breaking RSA) and solve discrete logarithm problems (breaking ECC).6

It is important to understand that this threat is primarily directed at asymmetric cryptography. Symmetric ciphers, such as the Advanced Encryption Standard (AES), are less vulnerable to quantum attacks. While Grover's algorithm can theoretically speed up attacks against symmetric ciphers, its primary effect is to halve the effective key length. This can be effectively counteracted by simply doubling the key size (e.g., moving from 128-bit to 256-bit AES).1 This distinction is crucial for resource allocation during the PQC transition. It indicates that PQC efforts should primarily focus on replacing asymmetric cryptography, allowing enterprises to prioritize their efforts and avoid overhauling their entire symmetric encryption infrastructure, provided sufficient key lengths are in use and robust key management practices are maintained.

The "Harvest Now, Decrypt Later" (HNDL) Attack Model: Protecting Long-Lived Data

A critical and immediate concern for organizations is the "harvest now, decrypt later" (HNDL) attack model. In this scenario, malicious actors collect currently encrypted sensitive data—such as financial records, healthcare data, intellectual property, or government secrets—with the intent to store it and decrypt it once CRQCs become available.2 This means that data encrypted today, if it needs to remain confidential for years or decades, is already at significant risk. The pervasive mention of HNDL across various expert discussions underscores that the quantum threat is not merely a future event but a present-day risk for any organization handling data with a long shelf-life. This fundamentally shifts the PQC timeline from a future security upgrade to an urgent, current risk management challenge. Consequently, organizations must immediately focus on data classification and prioritization based on data lifespan and sensitivity. This necessitates identifying and protecting long-lived, high-value data first, potentially through periodic re-encryption or the implementation of hybrid cryptographic solutions, even before full PQC deployment. This reframes the entire strategic approach, making a "business as usual" mindset unacceptable.

Mosca's Theorem: Quantifying the Urgency of Transition

The urgency of the PQC transition can be mathematically articulated through Mosca's Theorem. This theorem posits that if X represents the number of years sensitive data must be kept secure, Y is the estimated time required to complete the cryptographic transition, and Z is the expected length of time remaining before a cryptographically relevant quantum computer is built, then organizations must initiate their transition before X + Y > Z.1 Given that large organizations may require up to a decade to comprehensively update all their cryptography 3, the window for proactive action is rapidly narrowing. This theorem highlights that the complexity and time-consuming nature of a large-scale cryptographic migration mean that organizations cannot afford to wait until CRQCs are fully realized. The time to begin this complex, multi-year undertaking is now, to avoid a critical security gap in the near future.

III. Foundations of Post-Quantum Cryptography (PQC) and Standardization

Overview of PQC Algorithms: Lattice-based, Hash-based, Code-based, Isogeny-based

Post-Quantum Cryptography (PQC) encompasses a new generation of cryptographic algorithms specifically designed to resist attacks by future quantum computers. These algorithms rely on mathematical problems believed to be intractable even for quantum machines, offering a robust defense against this emerging threat.4 The National Institute of Standards and Technology (NIST) has strategically focused on diversifying the mathematical foundations of selected PQC algorithms to build resilience against potential unforeseen vulnerabilities that might emerge in any single family of algorithms.18

The primary approaches being explored and standardized include:

  • Lattice-based cryptography: These algorithms derive their security from the computational difficulty of solving problems in high-dimensional lattices. Examples include CRYSTALS-Kyber and CRYSTALS-Dilithium, which have undergone extensive study.14

  • Hash-based cryptography: This approach leverages the one-way nature of cryptographic hash functions. Algorithms like SPHINCS+, XMSS, and LMS fall into this category. While some hash-based schemes are stateful, requiring careful management of signing states to prevent reuse of private keys, they offer strong quantum resistance.14

  • Code-based cryptography: These methods rely on the mathematical properties of error-correcting codes. Classic McEliece and HQC (Hamming Quasi-Cyclic) are prominent examples. HQC has been selected by NIST as a backup algorithm due to its different mathematical basis, providing an additional layer of security diversity.15

  • Isogeny-based cryptography: This approach is built upon the complex relationships between elliptic curves. While some early candidates like SIDH/SIKE faced vulnerabilities in 2022, research continues on other isogeny-based constructions like CSIDH.15 The breaking of SIDH/SIKE during the PQC standardization process itself highlights the evolving nature of cryptographic research and the necessity for a multi-faceted approach to PQC.

NIST Standardization Process and Selected Algorithms

NIST has been at the forefront of global PQC standardization, initiating a public, competition-like process in 2016 to solicit, evaluate, and select quantum-resistant public-key cryptographic algorithms.18 This rigorous, multi-round process has involved extensive scrutiny from researchers and experts worldwide.

In August 2024, NIST published the first three PQC standards, known as Federal Information Processing Standards (FIPS) 203, 204, and 205, based on the selections from the third round of their competition 13:

  • ML-KEM (Module-Lattice-Based Key-Encapsulation Mechanism) | FIPS 203: This algorithm is designed for secure key exchange, serving as a quantum-resistant replacement for algorithms like Elliptic Curve Diffie-Hellman (ECDH).13 It establishes shared secret keys over insecure channels, a fundamental component of secure communications.

  • ML-DSA (Module-Lattice-Based Digital Signature Algorithm) | FIPS 204: This standard provides quantum-resistant digital signatures for authentication, data integrity, and non-repudiation. It is intended to replace algorithms like RSA and Elliptic Curve Digital Signature Algorithm (ECDSA) in digital certificates and token signing.13

  • SLH-DSA (Stateless Hash-Based Digital Signature Algorithm) | FIPS 205: Offering an alternative digital signature method based on hash functions, SLH-DSA is suitable for systems requiring strong security assurances independent of lattice-based schemes.13

NIST's standardization efforts are ongoing. The agency continues to evaluate candidate algorithms in a fourth round and beyond to ensure cryptographic diversity and resilience. Notably, HQC (Hamming Quasi-Cyclic) has been selected as a backup Key Encapsulation Mechanism (KEM) to ML-KEM. HQC is based on different mathematical principles (error-correcting codes versus lattices), which is a critical safeguard should unforeseen vulnerabilities be discovered in ML-KEM. A final standard for HQC is expected by 2027.18 Additionally, a draft for FALCON (FIPS 206), another digital signature algorithm, is anticipated shortly.18

NIST's decision to select multiple algorithms and to continue evaluating alternatives (such as HQC as a backup) reflects a strategic hedging against potential future vulnerabilities in any single PQC algorithm. This acknowledges that even "finalized" PQC algorithms are relatively new and have not undergone decades of "battle-testing" like their classical predecessors. This implies that enterprises should not adopt a "set it and forget it" mentality with PQC. Instead, their PQC strategy must incorporate continuous monitoring of cryptographic research, the ability to rapidly swap out algorithms (a concept known as cryptographic agility), and potentially implement hybrid solutions that provide a safety net during the transition period. This reinforces the fundamental need for modular, agile systems that can adapt to an evolving threat landscape.

Key NIST PQC Algorithms and Their Applications

For global large enterprise technology leaders, understanding the core PQC algorithms standardized by NIST is essential for informed decision-making regarding algorithm selection and vendor evaluations. The following provides a concise overview of the currently finalized NIST PQC algorithms.

  • ML-KEM

    • FIPS Standard: FIPS 203

    • Cryptographic Type: Key Encapsulation

    • Mathematical Basis: Lattice-based

    • Primary Application: Key Exchange

    • NIST Status: Finalized

  • ML-DSA

    • FIPS Standard: FIPS 204

    • Cryptographic Type: Digital Signature

    • Mathematical Basis: Lattice-based

    • Primary Application: Authentication, Data Integrity, Non-repudiation

    • NIST Status: Finalized

  • SLH-DSA

    • FIPS Standard: FIPS 205

    • Cryptographic Type: Digital Signature

    • Mathematical Basis: Hash-based

    • Primary Application: Authentication, Data Integrity, Non-repudiation

    • NIST Status: Finalized

  • HQC

    • FIPS Standard: (Future FIPS)

    • Cryptographic Type: Key Encapsulation

    • Mathematical Basis: Code-based

    • Primary Application: Key Exchange (Backup to ML-KEM)

    • NIST Status: Selected (Draft Standard Expected 2027)

  • FALCON

    • FIPS Standard: FIPS 206

    • Cryptographic Type: Digital Signature

    • Mathematical Basis: Lattice-based

    • Primary Application: Digital Signatures

    • NIST Status: Draft Expected Shortly

The list serves as a quick reference, enabling technology leaders to grasp the fundamental "what" of PQC, differentiate between the selected algorithms, and understand their specific roles in securing enterprise systems. This clarity is invaluable for strategic discussions, resource allocation, and engaging effectively with technology vendors.

NIST's PQC Transition Timelines: Deprecation by 2030, Disallowance by 2035

NIST has established clear and assertive timelines for the transition to PQC, particularly for US Federal systems. Existing encryption methods, especially those relying on 112-bit security, are slated for deprecation by 2030.1 Furthermore, by 2035, all traditional cryptographic algorithms, including widely used ones like RSA-2048 and ECC-256, will be completely disallowed for secure communications within US Federal systems.1 The White House National Security Memorandum 10 (NSM-10), published in 2022, explicitly set this 2035 target for US Federal systems.1 For practical planning purposes, industry analysts like Gartner advise treating 2029 as the operational deadline for organizations to begin their PQC transition.2

These deadlines are not merely recommendations; they represent hard targets, particularly for governmental entities, and signal a strong regulatory push that will inevitably influence the private sector. The immense influence of NIST standards and US government procurement on global technology markets means that what begins as a federal requirement often becomes a de facto industry standard. Therefore, global large enterprises, especially those with US operations or federal contracts, cannot afford to disregard these timelines. Even for organizations without direct federal ties, aligning with these globally recognized standards will be crucial for maintaining interoperability, ensuring supply chain security, and demonstrating due diligence to stakeholders. The user's observation about "chasing to 2029" directly reflects the market's awareness of this pressing urgency.

IV. Strategic Pillars for PQC Preparation and Implementation

A. Cultivating Cryptographic Agility

Definition and Business/Technical Imperatives

Cryptographic agility, often shortened to crypto agility, refers to the ability of an IT system to rapidly and effectively switch between different cryptographic primitives, algorithms, and protocols without disrupting system operations.5 This capability is paramount in the context of the emerging quantum computing threat, as it allows organizations to adapt swiftly to new quantum-resistant algorithms as they are standardized and deployed. Beyond PQC, crypto agility is also crucial for improving an organization's overall resilience to any unforeseen cryptographic vulnerabilities, thereby providing a broader cybersecurity benefit.28

From a business perspective, cryptographic agility directly impacts risk management. The capacity to rapidly deploy new cryptographic algorithms significantly reduces an organization's exposure to evolving threats and helps maintain a robust security posture.5 It also influences disaster recovery planning and can affect cyber insurance costs, as a clear PQC migration plan can mitigate future risks.5 Technically, public key cryptography is a foundational element of an organization's security, underpinning a vast array of critical functions, including Transport Layer Security (TLS), Secure Shell (SSH), document signing, and digital identity verification.5 The ability to seamlessly update these underlying cryptographic primitives without a complete system overhaul is vital for operational continuity and security. The investment in crypto agility, therefore, is not merely a one-time project for PQC compliance but an ongoing operational capability essential for future-proofing against any unforeseen cryptographic vulnerabilities, whether quantum-related or otherwise. This implies that technology leaders should frame crypto agility as a fundamental architectural principle for long-term security, justifying the upfront investment by its wider applicability and continuous value, rather than solely as a PQC compliance measure.

Architectural Principles for Agility: Modular Design, Algorithm Negotiation

Achieving true cryptographic agility requires a deliberate architectural approach. Systems should be designed with modular cryptography implementation, meaning that cryptographic choices are not hard-coded into software but can be easily swapped out.28 This necessitates ensuring that cryptographic libraries support multiple algorithms, allowing for flexible transitions. Furthermore, security protocols must support mechanisms for negotiating cryptographic algorithms. This enables different implementations and systems to communicate securely even as the underlying algorithms change or are updated, ensuring interoperability during the transition period and beyond.28 This architectural foresight minimizes disruption and facilitates a smoother, more secure migration to PQC and future cryptographic standards.

B. A Phased Enterprise Migration Framework

Transitioning to PQC represents a monumental undertaking for global large enterprises. It demands a strategic, phased approach, explicitly moving away from a "business as usual" mindset.3 Industry experts, such as Gartner, advise treating 2029 as the operational deadline for initiating significant PQC migration activities.2 The consensus among experts and government bodies is a resounding "no" to continuing with business as usual. The inherent complexity and long timelines associated with updating cryptographic infrastructure in large organizations mean that delaying action significantly increases risk and can lead to critical security vulnerabilities. This provides a clear mandate for immediate, structured action, underscoring that PQC readiness is a strategic imperative requiring dedicated resources and executive sponsorship, rather than a mere technical upgrade to be handled opportunistically.

Phase 1: Comprehensive Discovery and Quantum Risk Assessment

The foundational step in any PQC migration is a thorough discovery and assessment of the organization's entire cryptographic estate.

  • Inventorying Cryptographic Assets (PKI, applications, protocols, devices). This involves identifying all services, applications, systems, and hardware that rely on public-key cryptography. This includes, but is not limited to, Public Key Infrastructure (PKI) components, Internet of Things (IoT) devices, Operational Technology (OT) systems, mobile devices, servers, and networking hardware.8 Automated tools are highly recommended for this complex and often extensive task, as manual inventories quickly become outdated.10 The emphasis on comprehensive inventory and Cryptographic Bill of Materials (CBOM) generation highlights the often-hidden nature of cryptographic dependencies within large, complex enterprises. Many organizations may not fully understand where all their cryptographic elements are deployed, with legacy systems, shadow IT, and deeply embedded components often concealing vulnerable cryptography. This implies that the discovery phase itself is a significant project requiring dedicated tools and resources, not merely a simple audit. It is a prerequisite for any effective PQC strategy, as an organization cannot adequately protect what it does not know it possesses. This also underscores the need for continuous monitoring, not just a one-time inventory.

  • Data Classification and Prioritization for Quantum Risk (PII, IP, Financial, Government Data). Not all data carries equal risk, making prioritization a critical component of the PQC strategy.7 Organizations must classify data based on its sensitivity, business value, and expected lifespan.5 High-priority assets that demand urgent quantum-safe protection include digital identity management systems, financial systems, government communications, and cloud-based authentication mechanisms.7

  • Generating a Cryptographic Bill of Materials (CBOM). A CBOM is a comprehensive and structured record of all cryptographic algorithms, key lengths, tokens, certificates, protocols, and applications currently in use across the enterprise.8 This detailed inventory provides essential transparency, helps in identifying vulnerabilities, and streamlines the process of risk tracking and management throughout the PQC transition 17

Enterprise Data Classification and PQC Prioritization Tiers

To guide the prioritization of PQC migration efforts, a structured approach to data classification based on sensitivity, lifespan, and associated quantum risk is invaluable. The list provides a framework for technology leaders to make informed decisions about where to focus their initial PQC investments.

  • Tier 1: Highly Sensitive

    • Data Examples: PII, IP, Financial Data, Government/Legal Records

    • Lifespan (Expected Retention): Long-term (7-20+ years, often indefinite)

    • Quantum Risk (HNDL): High HNDL risk (data harvested today for future decryption)

    • PQC Priority: Urgent, Immediate Migration

    • Key Considerations: Strict regulatory compliance (GDPR, HIPAA, CCPA), geopolitical impact, competitive advantage

  • Tier 2: Moderately Sensitive

    • Data Examples: Internal Documents, Operational Records, Customer Communications

    • Lifespan (Expected Retention): Medium-term (1-7 years)

    • Quantum Risk (HNDL): Moderate HNDL risk

    • PQC Priority: Early Migration

    • Key Considerations: Business continuity, internal policy compliance

  • Tier 3: Low Sensitivity

    • Data Examples: Public-facing Data, Non-sensitive Internal Data, Session Tokens/Logs

    • Lifespan (Expected Retention): Short-term (days to months)

    • Quantum Risk (HNDL): Low HNDL risk (unless linked to sensitive systems)

    • PQC Priority: Later Migration, Continuous Monitoring

    • Key Considerations: Performance impact, resource allocation optimization

The tiering offers an actionable methodology for risk-based prioritization. It helps translate the abstract concept of "quantum risk" into concrete business decisions, ensuring that the most critical and long-lived data assets are protected first. This approach optimizes resource allocation and mitigates the most severe potential impacts of a quantum attack.

Phase 2: Strategic Planning and Hybrid Implementation

Following the comprehensive assessment, the next phase involves developing a strategic plan and implementing transitional solutions.

  • Developing a Multi-Year PQC Roadmap. A detailed, multi-year roadmap is essential for guiding the PQC transition. This roadmap should prioritize riskier targets identified in the assessment phase and align closely with evolving PQC standardization developments and broader business goals.8 The UK's National Cyber Security Centre (NCSC), for instance, outlines a three-phase timeline: 2028 for completing discovery, 2031 for migrating critical systems, and 2035 for achieving complete transition across all systems.23

  • Implementing Hybrid Cryptography Solutions (Classical + PQC): Benefits and Trade-offs. Hybrid cryptographic solutions, which combine both classical (vulnerable) and quantum-resistant algorithms, represent a key transitional strategy widely recommended by organizations such as NIST and the NSA.1 These solutions provide a crucial safety net by ensuring continued security even if one algorithm type is compromised, and they inherently support backward compatibility with existing systems.10 While hybrid approaches may incur additional computational costs and result in larger communication packets, studies and real-world trials by major tech companies like Cloudflare, Meta, and Google have shown that the performance impact is often modest and acceptable for most use cases.19 The widespread recommendation of hybrid solutions, even from leading agencies, acknowledges the relative immaturity of PQC algorithms compared to their decades-old classical counterparts. This implies that a "double-transition" might be necessary for enterprises: first to hybrid solutions, and then later to pure PQC. This necessitates careful planning for future upgrades and reinforces the need for cryptographic agility from the outset, as the hybrid phase is inherently temporary.

  • Establishing PQC Test Environments and Validation Protocols (Performance, Interoperability). Rigorous testing and validation are crucial to ensure the security, performance, and compatibility of PQC and hybrid systems in real-world scenarios.8 This includes assessing potential impacts on network latency, bandwidth consumption, and ensuring seamless interoperability with existing infrastructure, software, and security protocols, many of which were not designed initially with quantum resilience in mind. Establishing a robust assurance process with clear metrics, such as PQC adoption rates among software clients, is necessary for tracking progress and identifying areas for corrective action.

Phase 3: Incremental Migration and Full Transition

The final phase involves the systematic rollout and eventual full transition to PQC.

  • Prioritized Rollout of PQC Algorithms across Critical Systems. The migration should proceed incrementally, starting with the highest-priority systems identified in the risk assessment phase and gradually expanding to other areas of the enterprise.10 The 2030 deadline specifically focuses on replacing critical RSA/ECC-dependent encryption algorithms with quantum-safe alternatives.10 This phased approach allows organizations to learn from early deployments, refine their strategies, and manage the complexity of the transition more effectively.

  • Strategies for Deprecating Legacy Cryptography by 2035. By 2035, all non-PQC encryption standards are expected to be deprecated or disallowed.1 This necessitates a clear and deliberate plan for phasing out vulnerable algorithms and ensuring that no legacy cryptography remains in use for secure communications. This includes updating application-specific standards and guidelines, specifying earlier transitions where necessary.1

C. Robust Governance and Policy Frameworks

The success of a PQC migration hinges on establishing robust governance and policy frameworks.

  • Establishing a Dedicated PQC Working Group. A multi-disciplinary PQC working group is essential for navigating the complexities of the transition. This group should include key stakeholders such as security architects, cryptographers, auditors, compliance teams, and representatives from third-party vendors.34 This collaborative structure ensures that PQC readiness is addressed comprehensively across all relevant domains—from cryptographic key management and code deployment to vendor contracts and regulatory compliance.

  • Defining Enterprise-Wide PQC Policies and Standards. Comprehensive policies and standards must be defined to guide the PQC transition. These documents should specify which PQC algorithms are to be used, their required key sizes, and where they are to be applied (e.g., for TLS, email encryption, disk encryption).8 It is also crucial to establish clear exception and waiver processes for legacy systems or external partners that cannot immediately support PQC, ensuring a managed approach to non-compliance during the transition.34

  • Continuous Monitoring and Audit for PQC Compliance. PQC readiness is not a one-time project but an ongoing process, given the hyper-dynamic nature of enterprise infrastructures and the evolving threat landscape.10 Regular audits of cryptographic usage, continuous monitoring of cryptographic assets, and tracking progress against key performance indicators (KPIs) are vital to ensure compliance and adapt to emerging quantum threats.7 The slow adoption rate of PQC, despite clear urgency (with only 7% of US federal agencies having a formal PQC transition plan 28), points to significant organizational and resource challenges beyond purely technical solutions. This low adoption rate is not due to a lack of technical standards or awareness but indicates deep-seated organizational inertia, resource constraints, and a critical shortage of specialized skills.9 For a Fortune 20 company, this implies that the PQC transition requires not just a technical roadmap but a comprehensive change management strategy. This includes securing significant budget (with US federal agency migration costs estimated at over $7.1 billion by 2035 9), upskilling existing teams, potentially hiring external experts, and gaining strong, sustained executive buy-in to overcome internal resistance and competing priorities.

V. Addressing Specific Enterprise Components and Risks

A. Hardware Security Modules (HSMs) in the PQC Era

Hardware Security Modules (HSMs) play a critical role in securing cryptographic operations, acting as the bedrock of an organization's cryptographic foundation.2 However, the transition to PQC introduces specific challenges for HSMs.

PQC Challenges for HSMs: Key Sizes, Computational Demands, Stateful Algorithms

PQC algorithms often involve increased key sizes and higher computational demands compared to classical cryptography, which can strain HSMs, particularly constrained devices with limited memory and processing resources.2 Furthermore, the complexity of managing stateful hash-based algorithms, such as LMS and XMSS, within HSM environments presents operational challenges, especially when tracking states across distributed systems.2

Upgrade Strategies: Firmware Updates vs. Hardware Replacement

A significant concern for organizations is whether they will need to replace their existing HSM infrastructure. The consensus among leading HSM vendors is that, in most cases, organizations do not need to rip and replace their hardware to become PQC-ready.2 Instead, PQC readiness can often be achieved through firmware updates, trusted execution environments, or modular SDK extensions.2 This ability to upgrade HSMs via firmware rather than requiring full replacement offers a substantial cost and operational relief for large enterprises, as a "rip and replace" mandate would be financially prohibitive and operationally disruptive, significantly impeding PQC adoption. However, it is important to note that some legacy hardware may not be upgradeable 29, requiring careful assessment. This highlights that vendor engagement is critical for HSMs; enterprises must verify their current HSM vendors' PQC upgrade roadmaps, ensuring that firmware updates will support NIST-standardized algorithms and CNSA 2.0 compliance.19 This also emphasizes the importance of selecting crypto-agile HSMs for future procurements.

FIPS 140-3 Validation and CNSA 2.0 Compliance for HSMs

Certified compliance, particularly FIPS 140-3 validation with PQC algorithms, is rapidly becoming a non-negotiable requirement for secure cryptographic modules.2 The NSA's Commercial National Security Algorithm Suite 2.0 (CNSA 2.0) outlines specific PQC requirements for National Security Systems, including approved algorithms like ML-KEM, ML-DSA, and SLH-DSA, and recommends robust symmetric algorithms like AES-256 and SHA-384/512.25 PQC implementation extends beyond the hardware boundary of HSMs, necessitating updates to middleware, drivers, and APIs (e.g., PKCS#11, Microsoft CNG, Java crypto libraries) to fully support the new algorithms. Without a comprehensive full-stack upgrade strategy, even a PQC-ready HSM can become a bottleneck within the broader cryptographic ecosystem.2

B. PQC Impact on Applications, Browsers, Transmissions, and Storage

The pervasive nature of cryptography across all layers of the IT stack means PQC is not a siloed security project but a fundamental enterprise-wide transformation. This widespread impact indicates that PQC cannot be addressed by a single team or a single solution; it requires coordinated efforts across development, infrastructure, network, data management, and identity teams. Enterprises must adopt a holistic, enterprise-architecture-level approach to PQC, integrating it into existing security programs and development lifecycles (e.g., Secure SDLC). This necessitates cross-functional collaboration and clear ownership for PQC readiness across all affected domains.

Securing Data in Transit (TLS, VPNs) with PQC

Data in flight, such as web traffic secured by Transport Layer Security (TLS), relies on public-key algorithms vulnerable to quantum attacks.6 A quantum attacker could retroactively unravel past sessions if the encrypted traffic has been harvested and stored.6 To counter this, hybrid PQC TLS solutions are already in production, with major players like Chrome and Cloudflare implementing them.19 Standardization of PQC within TLS by the Internet Engineering Task Force (IETF) is expected around 2027.24 Similarly, Virtual Private Network (VPN) connections must be upgraded to quantum-resistant cipher suites to protect data in transit.11 This includes following RFC 6379 for IPsec and implementing RFC 8784, RFC 9242, and RFC 9370 for IKEv2 VPNs to resist quantum attacks.11

Protecting Data at Rest: Mitigating HNDL with Periodic Re-encryption, Key Rotation, Data Minimization

Data at rest, whether in databases, cloud storage, backups, or archives, faces a significant HNDL risk, particularly sensitive data with long retention requirements, such as legal records or intellectual property.6 Best practices for mitigating this risk include:

  • Periodic re-encryption: Implementing a lifecycle policy that mandates regular re-encryption of long-lived data using quantum-safe or hybrid algorithms as new standards emerge.7

  • Key rotation: Regularly rotating encryption keys and utilizing quantum-safe key management practices to limit the damage if a single key is compromised or becomes vulnerable to future quantum attacks.7

  • Data minimization: Regularly auditing stored data and securely deleting information that is no longer needed to reduce the overall attack surface.7

  • Segmentation by sensitivity and lifespan: Segmenting stored data based on how long it needs to remain secure, prioritizing the most critical and long-lived information for PQC protection.7

Implications for Digital Signatures, Authentication, and Identity Management

Quantum algorithms could compromise digital signatures, which are fundamental to authentication systems, potentially enabling unauthorized access, the forging of digital tokens, and the manipulation of identity data.13 This directly impacts digital identity management systems, code signing processes, and both user and machine authentication protocols.1 NIST's FIPS 204 (ML-DSA) and FIPS 205 (SLH-DSA) directly address these vulnerabilities by providing quantum-resistant digital signature algorithms specifically designed for these applications, ensuring the integrity and authenticity of digital interactions in the quantum era.13

C. Managing Third-Party and Supply Chain Quantum Risk

An enterprise's quantum readiness is only as strong as its weakest link in the supply chain. This implies that third-party risk is a critical, often overlooked, bottleneck in PQC migration. Even if an enterprise implements PQC internally, its exposure remains if its vendors, partners, or software supply chain components are not quantum-safe, creating a cascading risk. This means that vendor management and supply chain security become integral components of the PQC strategy. Enterprises must proactively engage with their entire ecosystem, demanding transparency on PQC roadmaps, incorporating PQC requirements into contracts, and potentially collaborating on testing and implementation. This is a shared responsibility that extends beyond the enterprise's direct control.

Assessing Vendor Quantum Readiness and Cryptographic Resilience

Organizations must diligently identify all third-party suppliers and vendors that handle sensitive data and rigorously assess their quantum readiness and cryptographic resilience.8 This assessment should include a thorough evaluation of their cryptographic procedures, planned update schedules, and explicit commitments to transitioning to PQC algorithms.8

Updating Contracts and Service Level Agreements (SLAs) for PQC

Existing third-party contracts, policies, procedures, roles, and responsibilities must be reviewed and updated to explicitly require future-proof encryption measures.4 This contractual reinforcement is essential to ensure that vendors meet updated PQC standards and proactively address any potential supply chain vulnerabilities that could arise from quantum threats.8

Collaborative Strategies for Supply Chain Security

PQC migration is a global-scale change that transcends individual organizational boundaries, necessitating broad collaboration between industry, standards organizations, and other stakeholders.1 Governments can also play a role by introducing quantum-safe requirements into public procurement processes, thereby driving market adoption.38 This collaborative approach ensures a more harmonized and secure transition across the interconnected digital ecosystem.

VI. Global Compliance Frameworks and Regulatory Landscape

The global convergence around PQC standards, largely driven by NIST, simplifies the landscape for multinational enterprises but also underscores the universal urgency. While each country may have its specific mandates, a clear trend towards adopting or harmonizing with NIST-standardized algorithms and similar timelines (e.g., 2030/2035) is evident. This indicates that there is no "safe haven" for delaying PQC adoption; the imperative is truly global. Enterprises must monitor regional nuances but can build a core PQC strategy around internationally recognized standards.

A. United States PQC Mandates

The US federal government is not merely recommending but actively mandating PQC adoption, creating a powerful ripple effect across critical infrastructure and the private sector.

  • NIST Standards and Guidance. NIST serves as the primary driver for PQC standards in the United States. It has published critical Federal Information Processing Standards (FIPS) including FIPS 203 (ML-KEM), FIPS 204 (ML-DSA), and FIPS 205 (SLH-DSA) in August 2024.13 NIST also provides extensive guidance through documents like NIST IR 8547, which details timelines and recommendations for transition, and Special Publication 800-227, offering guidance on Key Encapsulation Mechanism (KEM) implementation.1

  • White House National Security Memorandum 10 (NSM-10). Published in May 2022, NSM-10 established a clear target for US Federal systems to complete their PQC transition by 2035.1 This memorandum underscores the national security imperative behind the PQC migration.

  • NSA Commercial National Security Algorithm Suite 2.0 (CNSA 2.0). Released in September 2022 and updated in April 2024, CNSA 2.0 outlines specific PQC requirements for National Security Systems. It includes approved algorithms such as ML-KEM, ML-DSA, and SLH-DSA, and recommends the use of robust symmetric algorithms like AES-256 and SHA-384/512.25

  • CISA's PQC Initiative and Federal Agency Requirements. The Cybersecurity and Infrastructure Security Agency (CISA) has established a dedicated PQC Initiative to unify and drive federal agency efforts. This initiative focuses on risk assessment, strategic planning, policy and standards development, and stakeholder engagement.32 Federal agencies are explicitly mandated to inventory their cryptographic technologies and prioritize high-risk systems for transition.25 The scale of this undertaking is substantial, with a White House report estimating the cost for US federal agency migration alone at over $7.1 billion by 2035.9 These various federal mandates indicate that PQC is a serious and imminent requirement, compelling global enterprises, particularly those with US federal contracts or operating in critical infrastructure sectors, to align their PQC strategies with these mandates to ensure compliance and maintain operational continuity.

B. International PQC Initiatives

The global landscape shows a clear trend towards PQC readiness, with many nations and international bodies actively developing their own guidance and standards, often harmonizing with NIST's efforts.

  • UK National Cyber Security Centre (NCSC) Timelines and Guidance. The NCSC has released updated guidance, providing a clear roadmap for complete PQC migration by 2035. Key milestones include completing cryptographic discovery by 2028 and migrating critical systems by 2031.23 The NCSC explicitly endorses NIST-standardized PQC algorithms for widespread adoption.24

  • European Union Directives (NIS 2, Coordinated Implementation Roadmap, ENISA). The EU's NIS 2 Directive provides a framework for addressing supply chain risks and expanding cybersecurity requirements across essential and non-essential sectors.38 In April 2024, the European Commission published a Coordinated Implementation Roadmap for PQC, which mandates member states to develop robust strategies and recommends the establishment of a sub-group to synchronize efforts.38 The European Union Agency for Cybersecurity (ENISA) has also published studies on PQC integration, further contributing to the regional framework.39

  • Overview of Other National Strategies. Many other countries have active PQC programs and timelines, often aligning with NIST standards or developing their own specific guidance 39:

  • Australia: Aims for complete transition to quantum-resistant cryptography by 2030.39

  • Canada: Advises starting planning and inventory, with standards-based PQC introduction from 2025-26.39

  • Germany: Recommends initiating PQC planning.39

  • Japan: Is monitoring NIST developments and has begun initial planning.39

  • South Korea: Has selected its own PQC algorithms and has a roadmap for completion by 2035, with pilot transitions planned for 2025-2028.39

  • China: Is actively developing its own China-specific PQC algorithms and programs.39

  • International Standards Organizations (ISO/IEC 18033-6, 19790:2025). International efforts, such as those by ISO/IEC 18033-6, are crucial for establishing global quantum-resilient cryptographic standards and ensuring seamless interoperability across different systems and regions.40 Furthermore, ISO/IEC 19790:2025 and 24759:2025 represent the latest updates to internationally recognized standards for cryptographic module security and testing, incorporating PQC considerations into their frameworks.41 These international initiatives highlight a global recognition of the quantum threat and a collective effort to establish harmonized standards for PQC adoption.

Key PQC Compliance Frameworks and Timelines (US & International)

Understanding the complex regulatory landscape is vital for global large enterprises to ensure compliance and inform strategic PQC decisions. The following list consolidates critical PQC compliance frameworks and their associated timelines.

  • United States

    • NIST

      • Key Regulation/Guidance: FIPS 203, 204, 205 (Standardized PQC Algorithms)

      • Relevant Dates/Requirements: Published Aug 2024

      • Scope: Global (de facto standard), US Federal

    • NIST

      • Key Regulation/Guidance: IR 8547 (Transition Timelines)

      • Relevant Dates/Requirements: Deprecate 112-bit security by 2030; All traditional algorithms disallowed by 2035

      • Scope: US Federal, influencing private sector

    • White House

      • Key Regulation/Guidance: NSM-10 (National Security Memorandum 10)

      • Relevant Dates/Requirements: Target completion by 2035

      • Scope: US Federal Systems

    • NSA

      • Key Regulation/Guidance: CNSA 2.0 (Commercial National Security Algorithm Suite 2.0)

      • Relevant Dates/Requirements: Published Sep 2022 (updated Apr 2024); Specifies PQC requirements

      • Scope: National Security Systems, influencing critical infrastructure

    • CISA

      • Key Regulation/Guidance: PQC Initiative

      • Relevant Dates/Requirements: Ongoing (Risk Assessment, Planning, Policy, Engagement)

      • Scope: US Critical Infrastructure, Federal Civilian Executive Branch

  • International

    • UK NCSC

      • Key Regulation/Guidance: Timelines for Migration to Post-Quantum Cryptography

      • Relevant Dates/Requirements: Complete discovery by 2028; Migrate critical systems by 2031; Complete transition by 2035

      • Scope: UK Organizations

    • EU Commission

      • Key Regulation/Guidance: Coordinated Implementation Roadmap for PQC

      • Relevant Dates/Requirements: Published Apr 2024; Mandates member states to create strategies

      • Scope: EU Member States

    • EU ENISA

      • Key Regulation/Guidance: Post-Quantum Cryptography – Integration Study

      • Relevant Dates/Requirements: Published Oct 2022

      • Scope: EU Cybersecurity

    • EU

      • Key Regulation/Guidance: NIS 2 Directive

      • Relevant Dates/Requirements: Framework for supply chain risk, expanded cybersecurity

      • Scope: Essential and Non-Essential Sectors in EU

    • ISO/IEC

      • Key Regulation/Guidance: 18033-6 (Quantum-Resilient Cryptographic Standards)

      • Relevant Dates/Requirements: Ongoing efforts to ensure interoperability

      • Scope: Global

    • ISO/IEC

      • Key Regulation/Guidance: 19790:2025 & 24759:2025 (Cryptographic Module Security/Testing)

      • Relevant Dates/Requirements: Published 2025; Incorporates PQC considerations

      • Scope: Global Cryptographic Module Validation

    • Australia

      • Key Regulation/Guidance: ACSC Guidance

      • Relevant Dates/Requirements: Complete transition by 2030

      • Scope: Australian Organizations

    • Canada

      • Key Regulation/Guidance: Cyber Centre Guidance

      • Relevant Dates/Requirements: Start planning/inventory; Introduce standards-based PQC from 2025-26

      • Scope: Canadian Organizations

    • South Korea

      • Key Regulation/Guidance: KpqC Competition, National Quantum Strategy

      • Relevant Dates/Requirements: PQC algorithms selected; Roadmap for completion 2035; Pilot transition 2025-2028

      • Scope: South Korean Organizations

The above provides a centralized view of compliance frameworks, enabling technology leaders to identify key compliance drivers, prioritize efforts, and demonstrate due diligence to auditors and regulators. This ensures that the enterprise's PQC strategy is legally sound and globally aligned.

VII. Overcoming Challenges in PQC Adoption

Despite the clear urgency and the availability of standardized algorithms, the transition to PQC faces significant challenges that organizations must proactively address.

Resource and Performance Overhead of PQC Algorithms

PQC algorithms generally require larger key sizes and more complex computations compared to traditional cryptographic methods. This often translates into higher demands for processing power, increased memory usage, and greater network bandwidth.9 These increased resource requirements can impact system performance, particularly in resource-constrained environments such as Internet of Things (IoT) devices or real-time systems, where latency and throughput are critical.14 Organizations must carefully plan for infrastructure upgrades and software optimizations to accommodate these characteristics.

Interoperability and Backward Compatibility Complexities

A major challenge lies in ensuring that new PQC algorithms function seamlessly across existing infrastructure, software applications, and security protocols.9 Many current systems were not designed with quantum resilience in mind, and a significant portion of enterprise IT relies on older cryptographic standards. Maintaining backward compatibility with legacy devices and protocols during the transition period is difficult but essential to avoid operational disruptions.28 This often necessitates hybrid approaches, which, while beneficial, introduce their own complexities in terms of integration and management.

Addressing the Expertise Gap and Organizational Priorities

A significant barrier to PQC adoption is the widespread lack of specialized PQC knowledge and expertise within enterprises.14 Cybersecurity professionals, who are typically tasked with this responsibility, often lack a background in quantum cryptography. Furthermore, many organizations are currently preoccupied with other pressing priorities, such as adapting to artificial intelligence (AI) and other new technologies, which frequently leads to limited engagement with quantum security implications.14 The stark reality that only 7% of US federal agencies have a formal PQC transition plan underscores this challenge.28 This indicates that the "expertise gap" and competing "organizational priorities" are systemic issues that will likely determine the success or failure of PQC adoption for many enterprises. This is not merely a technical problem solvable by new algorithms; it is a human capital and strategic alignment problem. Technology leaders must recognize that PQC migration is as much about people and processes as it is about technology. Building internal cryptographic expertise, fostering a culture of continuous learning, and securing top-down commitment to prioritize PQC will be crucial for overcoming these internal barriers.

Cost Implications of a Global PQC Transition

Converting all cryptographic systems to PQC is an enormously expensive and time-consuming undertaking. A White House report estimates that migrating US federal agencies alone will cost over $7.1 billion by 2035.9 This substantial cost, coupled with potential performance impacts and the necessity for new hardware in some cases, presents a significant financial challenge for global large enterprises. Securing the necessary budget and resources for this multi-year, enterprise-wide transformation will require strong business cases and sustained executive sponsorship.

VIII. Conclusion and Call to Action

The quantum threat is no longer a distant theoretical concept but an imminent reality that demands immediate and strategic action from global large enterprises. The potential for cryptographically relevant quantum computers to break current public-key cryptography poses a fundamental risk to data confidentiality, integrity, and authentication across all digital operations. The "harvest now, decrypt later" attack model, in particular, underscores that long-lived sensitive data is already vulnerable today, compelling organizations to act proactively rather than reactively.

A successful PQC transition requires a multi-faceted and sustained approach. Enterprises must prioritize the cultivation of cryptographic agility, enabling their systems to rapidly adapt to new algorithms and evolving threats. This necessitates a comprehensive, phased migration framework, starting with a thorough discovery and risk assessment of all cryptographic assets, followed by strategic planning, hybrid implementation, and incremental rollout across critical systems. Robust governance and policy frameworks, including dedicated PQC working groups and continuous monitoring, are fundamental to guide this complex transformation. Finally, diligent management of third-party and supply chain quantum risks is paramount, as an enterprise's overall security posture is intrinsically linked to the quantum readiness of its entire ecosystem.

The challenges of resource overhead, interoperability, expertise gaps, and significant costs are substantial, but they are not insurmountable. The slow adoption rate observed in some sectors highlights the need for strong executive leadership and a comprehensive change management strategy to overcome organizational inertia and competing priorities. By embracing continuous monitoring, fostering cross-functional collaboration, and prioritizing adaptability, large global enterprises can navigate this complex and evolving landscape, ensuring their long-term digital resilience in the quantum age. The time to prepare is now; the future of digital security depends on it.

Works cited

  1. NIST recommends timelines for transitioning cryptographic algorithms | PQShield, accessed June 12, 2025, https://pqshield.com/nist-recommends-timelines-for-transitioning-cryptographic-algorithms/

  2. Prepare for NIST's Post-Quantum Cryptography deadline | Sectigo ..., accessed June 12, 2025, https://www.sectigo.com/resource-library/nist-move-towards-post-quantum-cryptography-pqc

  3. Why Organizations Need To Start Developing Post-Quantum Cryptography Strategies Now, accessed June 12, 2025, https://www.forbes.com/councils/forbestechcouncil/2025/04/09/why-organizations-need-to-start-developing-post-quantum-cryptography-strategies-now/

  4. Securing future with quantum-safe cryptography - Guidehouse, accessed June 12, 2025, https://guidehouse.com/insights/advanced-solutions/2025/quantum-safe-cryptography

  5. Cryptographic Agility & Post Quantum Cryptography (PQC) – Why ..., accessed June 12, 2025, https://www.fortanix.com/blog/cryptographic-agility-pqc-why-being-adaptable-matters

  6. Why you need post quantum cryptography at the storage layer | NetApp Blog, accessed June 12, 2025, https://www.netapp.com/blog/post-quantum-cryptography-storage-layer/

  7. Prioritizing data for post-quantum cryptography (PQC) - HashiCorp, accessed June 12, 2025, https://www.hashicorp.com/blog/prioritizing-data-for-post-quantum-cryptography-pqc

  8. Internal audit can help mitigate Q-day quantum risks | Grant Thornton, accessed June 12, 2025, https://www.grantthornton.com/insights/articles/advisory/2025/internal-audit-can-mitigate-qday-quantum-risks

  9. From the Frontlines of Post-Quantum Cryptography - Booz Allen, accessed June 12, 2025, https://www.boozallen.com/insights/velocity/from-the-frontlines-of-post-quantum-cryptography.html

  10. Getting Quantum-Ready: Why 2030 Matters for Post-Quantum Cryptography - Keyfactor, accessed June 12, 2025, https://www.keyfactor.com/blog/getting-quantum-ready-why-2030-matters-for-post-quantum-cryptography/

  11. Best Practices for Resisting Post-Quantum Attacks, accessed June 12, 2025, https://docs.paloaltonetworks.com/network-security/quantum-security/administration/quantum-security-concepts/best-practices-for-resisting-post-quantum-attacks

  12. Cybersecurity in the Quantum Risk Era - Booz Allen, accessed June 12, 2025, https://www.boozallen.com/insights/ai-research/cybersecurity-in-the-quantum-risk-era.html

  13. Addressing the Quantum Threat in the US Federal Government ..., accessed June 12, 2025, https://www.pingidentity.com/en/resources/blog/post/quantum-threat-us-fed-gov.html

  14. Industry News 2025 Post Quantum Cryptography A Call to Action, accessed June 12, 2025, https://www.isaca.org/resources/news-and-trends/industry-news/2025/post-quantum-cryptography-a-call-to-action

  15. What is Post-Quantum Cryptography (PQC)? - Palo Alto Networks, accessed June 12, 2025, https://www.paloaltonetworks.com/cyberpedia/what-is-post-quantum-cryptography-pqc

  16. Post-quantum cryptography - Wikipedia, accessed June 12, 2025, https://en.wikipedia.org/wiki/Post-quantum_cryptography

  17. PQC Risk Assessment | Acubed.IT, accessed June 12, 2025, https://www.acubed.it/pcq-risk-assessment

  18. NIST Selects HQC as Fifth Algorithm for Post-Quantum Encryption, accessed June 12, 2025, https://www.nist.gov/news-events/news/2025/03/nist-selects-hqc-fifth-algorithm-post-quantum-encryption

  19. Trust Starts in the Hardware: Inside the HSM Strategy for Post-Quantum Security | RSA 2025, accessed June 12, 2025, https://pqshield.com/trust-starts-in-the-hardware-inside-the-hsm-strategy-for-post-quantum-security-rsa-2025/

  20. Selected Algorithms - Post-Quantum Cryptography | CSRC, accessed June 12, 2025, https://csrc.nist.gov/projects/post-quantum-cryptography/selected-algorithms

  21. Status Report on the Fourth Round of the NIST Post-Quantum Cryptography Standardization Process, accessed June 12, 2025, https://www.nist.gov/publications/status-report-fourth-round-nist-post-quantum-cryptography-standardization-process

  22. Post-Quantum Cryptography Standardization - NIST Computer Security Resource Center, accessed June 12, 2025, https://csrc.nist.gov/projects/post-quantum-cryptography/post-quantum-cryptography-standardization

  23. Timelines for migration to post-quantum cryptography - NCSC.GOV.UK, accessed June 12, 2025, https://www.ncsc.gov.uk/guidance/pqc-migration-timelines

  24. The UK's National Cyber Security Centre Presents Timeline and ..., accessed June 12, 2025, https://www.appviewx.com/blogs/the-uks-national-cyber-security-centre-presents-timeline-and-roadmap-for-pqc-migration/

  25. Preparing Federal Systems for Post-Quantum Security: A Strategic Approach - Carahsoft, accessed June 12, 2025, https://www.carahsoft.com/wordpress/thales-preparing-federal-systems-for-post-quantum-security-a-strategic-approach-blog-2025/

  26. Post-quantum cryptography (PQC) - Google Cloud, accessed June 12, 2025, https://cloud.google.com/security/resources/post-quantum-cryptography

  27. NIST advances post-quantum cryptography standardization, selects HQC algorithm to counter quantum threats - Industrial Cyber, accessed June 12, 2025, https://industrialcyber.co/nist/nist-advances-post-quantum-cryptography-standardization-selects-hqc-algorithm-to-counter-quantum-threats/

  28. NIST Outlines Strategies for Crypto Agility as PQC Migration Stalls, Available for Public Comment - The Quantum Insider, accessed June 12, 2025, https://thequantuminsider.com/2025/03/07/nist-outlines-strategies-for-crypto-agility-as-pqc-migration-stalls-available-for-public-comment/

  29. Mitigating Quantum Threats Beyond PQC - PostQuantum.com, accessed June 12, 2025, https://postquantum.com/post-quantum/mitigating-quantum-threats-pqc/

  30. Crypto agility in the Post-quantum Era: The Key to the IT Security of the Future, accessed June 12, 2025, https://www.infoguard.ch/en/blog/crypto-agility-in-post-quantum-era-the-key-to-it-security-of-future

  31. Preparing for the Quantum Future: When and How to Transition to Post-Quantum Cryptography | 10xDS, accessed June 12, 2025, https://10xds.com/blog/when-and-how-to-transition-to-post-quantum-cryptography/

  32. Post-Quantum Cryptography Initiative | CISA, accessed June 12, 2025, https://www.cisa.gov/quantum

  33. Post Quantum Readiness to Secure Your Data Now | Fortanix, accessed June 12, 2025, https://www.fortanix.com/resources/solution-briefs/secure-your-data-now-from-the-inevitable-quantum-risks

  34. 10 Enterprise Must-Haves for a Successful Post-Quantum ..., accessed June 12, 2025, https://www.encryptionconsulting.com/must-haves-for-a-successful-pqc-migration/

  35. Post-Quantum Cryptography (PQC) - Challenges and obstacles to adoption | IDEMIA, accessed June 12, 2025, https://www.idemia.com/insights/key-obstacles-post-quantum-cryptography-pqc-adoption

  36. draft-reddy-pquip-pqc-hsm-00 - IETF Datatracker, accessed June 12, 2025, https://datatracker.ietf.org/doc/html/draft-reddy-pquip-pqc-hsm-00

  37. New PQC Migration Roadmap offers actionable guidance for transitioning to quantum-safe cryptography - Industrial Cyber, accessed June 12, 2025, https://industrialcyber.co/threats-attacks/new-pqc-migration-roadmap-offers-actionable-guidance-for-transitioning-to-quantum-safe-cryptography/

  38. A quantum cybersecurity agenda for Europe II - AWS, accessed June 12, 2025, https://epc-web-s3.s3.amazonaws.com/content/Cybersecurity_2.pdf

  39. PQTN_1_Doc_006 PQTN White Paper CLEAN - GSMA, accessed June 12, 2025, https://www.gsma.com/newsroom/wp-content/uploads//Post-Quantum-Government-Initiatives-by-Country-and-Region-02-Mar-2025.pdf

  40. Post-Quantum Cryptography and Global Compliance - ExeQuantum ..., accessed June 12, 2025, https://www.exequantum.com/regulations

  41. Exciting News: The Publication of ISO/IEC 19790:2025 and ISO/IEC ..., accessed June 12, 2025, https://www.atsec.com/the-publication-of-iso-iec-197902025-and-iso-iec-247592025/

Franklin Donahoe
Previous

Charting the Course for Next-Generation AI-Enabled Cybersecurity GRC
Next

The Rise of Ambient Guardians