sakkmesterke - stock.adobe.com
Quantum risk to quantum readiness: A PQC roadmap
No one knows exactly when quantum computing will arrive, but accelerating progress is prompting security and IT leaders to recognise the potential risks. So how do organisations begin implementing post-quantum cryptography?
No one knows exactly when quantum computing will arrive, but accelerating progress is prompting security and IT leaders to recognise the potential risks. With near-weekly breakthroughs in large-scale quantum computing, and with regulators and large cyber security players treating the issue as urgent, quantum-driven threats are now starting to appear on boardroom agendas.
So how do organisations begin implementing post-quantum cryptography (PQC)? In this article, I’ll outline a roadmap to post-quantum readiness and highlight the most common pitfalls senior decision makers encounter along the way.
Firstly, don’t wait to be told. Bodies such as NIST, NCSC, ANSSI, BSI and the NSA have already set the direction for post-quantum cryptography. As RSA and ECC are phased out, formal PQC mandates are in place and critical infrastructure will be first in line. Quantum-safe protection shouldn’t be treated as a compliance checkbox but as a built-in product feature that strengthens long-term security. As customers increasingly explore quantum-ready solutions, the market is signalling that readiness is becoming a strategic advantage, not just an obligation.
Assess your infrastructure by vendor. Organisations need to assess their vendor ecosystem now, identifying where post-quantum vulnerabilities exist, and how PQC will fit into the existing architecture. Procurement should be used as a lever to make PQC the default requirement across browsers, datacentres, email systems and critical services – particularly as large-scale providers are already moving in this direction, with Cloudflare estimating that around 50% of global web traffic on its network is now PQC-secure. Any suppliers that are not actively planning this transition should be challenged, and the conversation must be pushed across partner ecosystems to accelerate readiness at scale.
Prioritise and plan. When quantum-enabled attacks eventually emerge – likely from nation-states or other well-resourced actors – organisations will need to prioritise defence by focusing first on the systems with the longest exposure windows. That means securing core infrastructure and long-lifecycle products where cryptography can’t easily be replaced, and ensuring that SaaS platforms adopt quantum-safe standards early so they don’t become weak links in the chain. By protecting the components that are hardest to upgrade or most central to operations, organisations can meaningfully reduce their long-term vulnerability.
The idea of ripping out legacy components and retrofitting quantum-ready replacements can seem daunting, but in practice, existing systems can still be secured. Highly optimised cryptographic libraries – designed for embedded environments with tight constraints – allow software-based countermeasures that bring existing hardware up to a quantum-safe standard without wholesale replacement.
Assemble a team. Start by building a cross-functional team that can spot supply-chain vulnerabilities and guide your PQC plan. You don’t need to hire a whole new group of specialists, but you do need to help your existing teams – especially in DevOps – evolve their understanding of cryptographic and security risks and why they matter now. When both the technical side and the board grow their knowledge together and stay aligned, you create the foundation for a coordinated rollout.
The challenges
- Supply chain complexity: NIST and the NCSC’s target of a full transition to post-quantum cryptography by 2035 are already accelerating action across governments and standards bodies. While 2035 may seem distant, the reality of modern digital supply chains – spanning hardware, software, cloud services, and IoT – makes this a massive, time-intensive transformation. Cryptographic change is not a simple “lift and shift.” It demands a carefully phased, end-to-end approach that touches every layer of the ecosystem, with existing change programs reviewed to incorporate PQC transition requirements.
- Long product life cycles: The hardware and software being deployed today across critical sectors will remain in operation for the next five to 10 years – or longer. Any insecure endpoints introduced now will become deeply embedded in complex environments that are difficult and expensive to retrofit. Organisations therefore need to act now across existing procurement, development, and deployment projects to build in PQC transition requirements. If systems going to market today are not PQC-compatible, organisations risk accumulating long-term cryptographic debt that becomes increasingly hard to unwind.
- “The two CEO, three CISO” problem: The risks created today will not fall to a distant successor several leadership cycles from now. For current goods and services, the threat window is closer than the operational lifespan of the products being deployed, meaning the responsibility – and consequences – will sit with today’s leadership, not tomorrow’s. Strong threat management and governance prepare organisations for today’s risks, but great leadership ensures the organisation is also prepared for the risks that emerge long after the leader has left their post.
- The evolving threat landscape: The conversation around the quantum cyber threat is maturing, and it is now clear that there are two distinct threat types. The first is confidentiality attacks, commonly referred to as “Harvest Now, Decrypt Later” (HNDL), which focus on collecting high-value data today for future decryption, often for ransom or resale, particularly in sectors such as financial services. The second is authenticity attacks, which target credentials and trust mechanisms to disrupt operations and cause widespread damage across critical infrastructure, including energy grids and hospitals.
Read more about post-quantum cryptography
- Quantum computers threaten to break today's encryption protocols. Post-quantum cryptography aims to develop new algorithms resistant to quantum attacks before it's too late.
- Quantum specialist Arqit will provide specialised post-quantum migration planning services to organisations preparing to address the imminent risks to traditional cryptography.
- Quantum computing threatens public-key encryption, which organizations use to secure communications and data. Migrating to quantum-safe cryptography harkens back to the Y2K threat.
When it comes to practical steps developers can take in 2026, the priority is treating security as a flexible feature rather than something hard-coded, so organisations can maintain agility as their security posture evolves. This mindset becomes even more important as innovation accelerates. With the rapid growth of AI and increasingly complex models pushing more activity to the edge, development speed is driving behaviour faster than traditional security processes can keep up. The challenge now is ensuring that security remains adaptable enough to evolve alongside that pace of change.
For existing systems, it’s essential to act now. Don’t let perfect get in the way of good – securing the most mission-critical systems early gets your PQC journey underway without waiting to overhaul the entire ecosystem at once. The aim is risk mitigation, not total risk elimination.
Ben Packman is chief strategy officer at PQShield
