PQC Readiness Assessment
NIST published post-quantum cryptography standards in August 2024. CNSA 2.0 requires adoption for National Security Systems by 2030. Where does your organization stand? These 10 questions will tell you.
Why PQC Readiness Matters
PQC readiness is not a future concern — it is a current operational requirement. The combination of Harvest Now, Decrypt Later threats, finalized NIST standards, and building regulatory pressure means that organizations without a clear PQC posture are accumulating unmeasured risk.
The standards are published: FIPS 203 (ML-KEM for key encapsulation), FIPS 204 (ML-DSA for digital signatures), and FIPS 205 (SLH-DSA for hash-based signatures) were all finalized by NIST in August 2024. CNSA 2.0 sets the compliance timeline. NIST IR 8547 (November 2024) provides the formal deprecation roadmap for classical algorithms.
The question is no longer “should we migrate?” but “how far along are we?” This self-assessment framework helps you answer that honestly.
10 Questions Every Organization Should Answer
For each question, honestly assess whether your organization is in the “ready” or “not ready” state. Count your total to gauge your PQC readiness level.
Do you have a complete cryptographic inventory?
A Cryptographic Bill of Materials (CBOM) catalogs every algorithm, key length, protocol, and library in your infrastructure. Without it, you cannot assess what is vulnerable. This includes TLS endpoints, VPNs, databases, APIs, code signing certificates, key management systems, and third-party SaaS integrations.
You have a maintained, comprehensive CBOM covering all systems.
You do not know exactly which algorithms are in use across your infrastructure.
Can you identify every quantum-vulnerable algorithm in production?
RSA (all key sizes), ECDH, ECDSA, Ed25519, X25519, DH, and DSA are all vulnerable to Shor's algorithm. AES-128 and SHA-256 have reduced security margins under Grover's algorithm. You need to know exactly where each of these appears in your stack.
You can list every quantum-vulnerable algorithm and where it is deployed.
You are unsure which of your systems use RSA, ECDH, or other quantum-vulnerable algorithms.
Have you classified data by confidentiality lifespan?
The Harvest Now, Decrypt Later (HNDL) threat means data encrypted today with quantum-vulnerable algorithms can be decrypted once quantum computers mature. Data that must remain confidential for 10+ years (healthcare records, trade secrets, government data) is at immediate risk. Short-lived data (session tokens, ephemeral keys) has lower urgency.
You have classified data assets by required confidentiality period and mapped them to encryption methods.
You have not evaluated which data assets have long confidentiality requirements.
Are your systems cryptographically agile?
Cryptographic agility means the ability to change algorithms without redesigning systems. Can your TLS stack swap from X25519 to ML-KEM-768 through configuration? Can your code signing switch from ECDSA to ML-DSA? Hardcoded algorithms in firmware, embedded systems, or legacy applications are the highest migration risk.
Your systems support algorithm negotiation and can be reconfigured without code changes.
Algorithms are hardcoded in application logic, firmware, or vendor-locked systems.
Have you tested hybrid cryptography in a non-production environment?
Hybrid cryptography combines a classical algorithm with a PQC algorithm (e.g., X25519+ML-KEM-768 for TLS key exchange). This provides quantum safety while maintaining backward compatibility. NIST and industry consensus recommend hybrid mode during the transition period. Testing validates performance impact and compatibility.
You have tested hybrid TLS or hybrid encryption in staging/development environments.
You have not deployed or tested any PQC or hybrid cryptographic configurations.
Do you have a PQC migration timeline aligned with regulatory and customer transition horizons?
NSA CNSA 2.0 sets phased expectations for National Security Systems, and NSM-10 plus OMB guidance direct federal inventory and migration planning. Even outside those regimes, customer and vendor transition horizons make a dated migration plan important. Your timeline should have milestones for inventory, pilot, production rollout, and validation.
You have a documented migration timeline with milestones and assigned ownership.
You do not have a migration timeline, or it is not aligned with regulatory and customer transition horizons.
Have your vendors confirmed PQC support roadmaps?
Your quantum readiness is limited by your weakest vendor. Cloud providers, SaaS platforms, certificate authorities, VPN vendors, HSM manufacturers, and database vendors each have their own PQC timelines. If a critical vendor has no PQC roadmap, that is a gap in your migration plan.
You have received PQC roadmap commitments from all critical infrastructure vendors.
You have not asked vendors about PQC support or have received no commitments.
Does your team understand NIST PQC standards?
FIPS 203 (ML-KEM), FIPS 204 (ML-DSA), and FIPS 205 (SLH-DSA) are the foundational PQC standards. Your security team should understand which algorithms replace which (ML-KEM replaces RSA/ECDH for key exchange, ML-DSA replaces RSA/ECDSA for signatures), the performance characteristics (ML-KEM is fast but has larger keys; ML-DSA has larger signatures), and the parameter levels (512, 768, 1024 for ML-KEM).
Your security and engineering teams have been trained on NIST PQC standards and can make informed algorithm selection decisions.
Your team has limited awareness of PQC algorithms or how they differ from classical cryptography.
Do you have a quantum risk metric for board reporting?
CISOs need a quantified metric to communicate quantum risk to non-technical stakeholders. A Cryptographic Debt score — a composite of algorithm vulnerability, data sensitivity, compliance proximity, and migration progress — provides a trackable number that boards can understand and compare across reporting periods.
You report a quantified quantum risk metric to leadership on a regular cadence.
Quantum risk is discussed qualitatively, if at all, with no measurable tracking.
Have you validated PQC implementations with adversarial testing?
Deploying PQC algorithms is necessary but not sufficient. Implementation flaws — incorrect parameter selection, side-channel leaks, fallback to classical-only, interoperability failures — can undermine quantum safety. Adversarial testing validates governed quantum-risk scenarios against your migrated infrastructure to verify resilience under realistic conditions.
You have conducted quantum adversarial testing (e.g., QStrike) against PQC-migrated systems.
You have not tested PQC implementations under adversarial conditions.
Interpreting Your Score
8-10 Ready
Advanced
Your organization is well-positioned for the PQC transition. Focus on adversarial validation and continuous monitoring.
5-7 Ready
Progressing
Solid foundation with gaps to close. Prioritize the areas where you answered "not ready" and set 90-day milestones.
2-4 Ready
Early Stage
Significant work ahead. Start with cryptographic inventory and a QScout assessment intake to establish your baseline.
0-1 Ready
Not Started
Immediate action needed. Your organization is accumulating quantum risk without measurement or mitigation.
Next Steps Regardless of Score
Every organization, regardless of current readiness level, benefits from three immediate actions:
- Run a QScout assessment intake. Get an objective, automated assessment of your external quantum security posture. QScout identifies quantum-vulnerable algorithms, calculates your Cryptographic Debt score, and detects hybrid PQC support — all within minutes, no integration required.
- Start your cryptographic inventory. If you do not have a complete CBOM, that is the single highest-priority task. You cannot manage quantum risk you have not inventoried. Use our quantum risk assessment framework to prioritize what matters most.
- Engage a quantum security specialist. For a comprehensive QScout assessment covering your full infrastructure — internal systems, APIs, key management, third-party dependencies — Qtonic Quantum delivers a complete Cryptographic Debt report with prioritized migration roadmap aligned to NIST standards and CNSA 2.0 timelines.
Frequently Asked Questions
What is PQC readiness?+
How do I know if my organization is PQC-ready?+
What is cryptographic agility and why does it matter for PQC?+
What NIST standards should I align my PQC readiness to?+
Can I assess PQC readiness with QScout public intake?+
Measure Your Quantum Readiness
Start with a QScout assessment intake to get an objective baseline of your quantum security posture. For a full enterprise assessment, our QScout methodology covers every cryptographic surface.