Evidence signature
Public signals bind to governed proof.
QScout proof sequence. Evidence Handshake. public-to-private proof path. No customer data.
12-step framework for quantum-safe migration aligned with NIST FIPS 203/204/205, NSA CNSA 2.0, and sector-specific compliance mandates.
~13 min readQuantum computers capable of breaking RSA, ECC, and Diffie-Hellman encryption are projected to emerge between 2028 and 2035. The threat is not theoretical. Adversaries are executing Harvest Now, Decrypt Later (HNDL) attacks today, capturing encrypted data for future quantum decryption.
NIST finalized the first three post-quantum cryptography standards in August 2024:FIPS 203 (ML-KEM), FIPS 204 (ML-DSA), and FIPS 205 (SLH-DSA). The standards are done. Implementation must begin now.
This checklist synthesizes guidance from NIST, NSA, CISA, and sector-specific regulators into an actionable framework with timeline pressure, algorithm decision criteria, and maturity measurement.
Why 2026 is already late for many organizations:
Multiple regulators have issued quantum cryptography requirements. These hard dates should anchor your roadmap.
| Date | Authority | Requirement |
|---|---|---|
| Aug 2024 | NIST | FIPS 203, 204, 205 finalized. PQC standards official. |
| 2025 | OCC / FFIEC | Banks must inventory quantum-vulnerable cryptography. |
| 2025 | PCI DSS 4.0.1 | Crypto-agility requirements for payment card data. |
| 2027 | OMB M-23-02 | Federal agencies must complete crypto inventory. |
| 2030 | NSA CNSA 2.0 | NSS software must use PQC algorithms. |
| 2033 | NSA CNSA 2.0 | NSS firmware/hardware must use PQC algorithms. |
| 2035 | G7 CEG + NSA | G7 target for full PQC migration; NSA full quantum resistance for NSS. |
OCC Bulletin 2024-18, FFIEC crypto-agility, SOX audit committees
HIPAA Security Rule, lifetime PHI retention, OCR enforcement
FedRAMP PQC tracking, CMMC 2.0, CNSA 2.0 timelines
NERC CIP evolution, ICS/SCADA long upgrade cycles
NIST has standardized three algorithms. Each serves different use cases with distinct tradeoffs.
Default for TLS, VPN, encrypted communications. Smaller ciphertext than alternatives. Best general-purpose choice.
Default for code signing, certificates, authentication. Fast signing/verification. Larger keys than classical.
Conservative choice when lattice assumptions concern you. Hash-based security well understood. Large signatures but proven foundation.
Smallest signatures of lattice schemes. Requires careful implementation to avoid side-channel attacks. Wait for NIST finalization.
Implementation Note: Most organizations should start with ML-KEM for key exchange and ML-DSA for signatures. SLH-DSA serves as a fallback if future cryptanalysis weakens lattice-based schemes. Hybrid deployments (classical + PQC in parallel) provide defense-in-depth during transition.
Track your organization's progress toward quantum cryptography readiness.
Form a cross-functional quantum readiness team with C-suite sponsorship.
Deploy automated scanning tools to identify all cryptographic implementations.
Calculate your Mosca Inequality for each data category.
Create a phased migration plan working backward from regulatory deadlines.
Assess NIST-standardized algorithms against your use cases.
Architect systems for algorithm flexibility.
Survey all vendors on their PQC roadmaps.
Deploy PQC in non-production environments first.
Upgrade TLS implementations to support ML-KEM key exchange.
Address the HNDL backlog and re-encrypt high-value archived data.
Conduct post-migration audit to verify all identified vulnerabilities addressed.
Institute continuous monitoring of NIST announcements and cryptanalysis research.
Aligned with industry-leading regulatory and technical standards.
A phased approach from foundation through sustainment, with clear deliverables and maturity indicators.
Form a cross-functional quantum readiness team with C-suite sponsorship. Assign board-level or CISO ownership. Integrate quantum risk into existing enterprise risk management frameworks.
Quantum Risk Governance Charter with named accountable executive
Executive receives quarterly quantum risk briefings
Deploy automated scanning tools to identify all cryptographic implementations across applications, infrastructure, and third-party dependencies. Build a Cryptographic Bill of Materials (CBOM).
Complete CBOM with quantum vulnerability classification
95%+ coverage of enterprise systems in inventory
Calculate your Mosca Inequality for each data category. Identify data with secrecy requirements exceeding the quantum threat timeline. Prioritize M&A records, litigation holds, healthcare PHI, financial archives.
HNDL exposure matrix with risk-ranked data categories
Board-approved prioritization of crown jewel data
Create a phased migration plan working backward from regulatory deadlines. Map CNSA 2.0 dates for government work. Align with sector-specific requirements (OCC, PCI, HIPAA).
Board-approved PQC migration roadmap with budget
Roadmap milestones incorporated into IT strategic plan
Assess NIST-standardized algorithms against your use cases. Test ML-KEM for key exchange, ML-DSA for signatures. Evaluate performance impact on latency-sensitive applications.
Algorithm selection matrix with performance benchmarks
Lab testing completed on candidate algorithms
Architect systems for algorithm flexibility. Implement abstraction layers that allow cryptographic modules to be swapped without application changes. Design for negotiable cipher suites.
Crypto-agility architecture specification
Reference implementation in development environment
Survey all vendors on their PQC roadmaps. Obtain written timelines for when products will support NIST standards. Update procurement requirements to mandate PQC readiness.
Vendor PQC readiness assessment with risk ratings
PQC requirements in new contract language
Deploy PQC in non-production environments first. Test hybrid TLS configurations. Validate certificate chain handling with PQC signatures. Measure performance overhead.
Pilot deployment report with performance metrics
Successful hybrid TLS handshakes in test environment
Upgrade TLS implementations to support ML-KEM key exchange. Deploy hybrid cipher suites that combine classical and post-quantum algorithms. Prioritize external-facing endpoints.
Production TLS upgrade completion report
100% of external endpoints support PQC cipher suites
Address the HNDL backlog. Re-encrypt high-value archived data with post-quantum cryptography (PQC) algorithms. Update key management systems. Rotate certificates to PQC-signed versions.
Data-at-rest migration completion with exceptions documented
Crown jewel data protected with PQC algorithms
Conduct post-migration audit to verify all identified vulnerabilities addressed. Run governed validation against PQC implementations. Validate compliance with applicable regulations.
Independent audit report confirming PQC implementation
Clean audit findings on cryptographic controls
Institute continuous monitoring of NIST announcements, cryptanalysis research, and quantum computing progress. Keep CBOM current. Drill crypto-agility procedures annually.
Crypto monitoring program with defined triggers for action
Annual crypto-agility drill completed successfully
Score each dimension 1-5 to assess your current state and track progress.
| Dimension | 1 - Initial | 2 - Aware | 3 - Planned | 4 - Active | 5 - Optimized |
|---|---|---|---|---|---|
| Governance | No ownership | CISO aware | Charter approved | Board reporting | Integrated ERM |
| Inventory | None | Partial manual | Automated scan | Full CBOM | Continuous update |
| Risk Assessment | Not started | Ad hoc review | HNDL mapped | Prioritized plan | Quantified risk |
| Crypto-Agility | Hardcoded | Some flexibility | Architecture spec | Implemented | Tested annually |
| Vendor Mgmt | Not addressed | Some inquiries | All surveyed | Contract terms | Ongoing validation |
| Implementation | No PQC | Lab testing | Pilot deployed | Production live | Full migration |
QScout delivers first findings in 72 hours, complete assessment in 7 days with board-ready reporting. QStrike provides comprehensive 4-month testing with proof-of-concept demonstrations.
Enterprise playbook for post-quantum cryptography migration.
ExploreBuild a complete CBOM to identify quantum-vulnerable encryption across your enterprise.
ExploreVerified executive snapshot and primary entry point for cryptographic risk assessment.
ExplorePQC migration planning with CISO-led engagements.
ExploreInteractive tool to calculate your quantum risk exposure.
Explore10-question framework to evaluate your post-quantum cryptography readiness.
Explore