Building a Quantum-Safe Future: Key Recommendations from QSFF and 5G Americas

Quantum computing advancements pose significant risks to current cryptographic systems, threatening the security of financial transactions, telecommunications, and critical infrastructures. Recognizing this, key industry groups such as the Quantum-Safe Financial Forum (QSFF) and 5G Americas have outlined recommendations to ensure a smooth and proactive transition to quantum-safe cryptography (QSC) through "Call for action: urgent plan needed to transition to post-quantum cryptography together" and "A 5G Americas White paper - Post Quantum Computing Security" respectively.

Why Quantum-Safe Migration Matters

Quantum computers have the potential to break widely used encryption algorithms, making sensitive data vulnerable to decryption attacks. The risk is not just theoretical—“harvest now, decrypt later” strategies are already in play, where attackers store encrypted data today, anticipating future quantum decryption capabilities. Both QSFF and 5G Americas emphasize the urgent need for businesses to act now rather than wait for quantum computers to mature.

Key Recommendations from QSFF

QSFF focuses on the financial sector’s preparedness and the recommend steps required for a successful quantum-safe transition:

• Prioritize Transition to Quantum-Safe Cryptography Raise awareness about cryptographic risks and the need for quantum-safe solutions. Upskill IT teams to manage new cryptographic challenges. Dedicate resources for transition management with leadership support.

• Foster Collaboration Across Stakeholders Align roadmaps and implementation strategies with vendors, policymakers, and financial institutions. Ensure coordination among key industry players to identify dependencies and critical migration paths. Promote knowledge-sharing to unify risk management approaches.

• Establish a Voluntary Framework Instead of New Regulations Existing regulations like DORA and GDPR provide sufficient operational resilience measures. Regulators and private sectors should jointly develop guidelines and standardization efforts. Hybrid cryptographic approaches (combining classical and post-quantum algorithms) should be encouraged to facilitate a smooth transition.

• Enhance Cryptographic Management Practices Integrate cryptography management into IT asset management frameworks. Maintain an updated cryptographic inventory. Implement checks for compliance with policies and develop contingency plans for crypto-agility.

• Promote Global Collaboration and Experimentation Engage in cross-jurisdiction partnerships for quantum-safe projects. Participate in industry initiatives, proof-of-concept (PoC) trials, and working groups.

Key Recommendations from 5G Americas

While QSFF emphasizes financial sector resilience, 5G Americas highlights the telecom sector’s role in quantum-safe migration:

• Develop and Implement PQC Migration Plans Educate executives and stakeholders about quantum risks and migration urgency. Establish clear roadmaps and transition strategies for post-quantum cryptography (PQC). Conduct cryptographic inventory assessments, including security protocols and versions.

• Perform Quantum Risk Assessments and Prioritize High-Risk Assets Identify assets most vulnerable to “harvest now, decrypt later” attacks. Prioritize the protection of critical infrastructure and sensitive data that, if compromised, could cause significant damage.

• Invest in Cryptographic Agility and Performance Testing Implement interoperability testing for quantum-safe solutions. Leverage cryptographic agility tools to ensure a seamless transition without system disruptions.

• Engage with Vendors and Align Supply Chain Migration Plans Initiate discussions with technology vendors to integrate quantum-resistant solutions. Align supply chain security measures with post-quantum cryptographic standards.

• Monitor Quantum Computing Advancements and Participate in Industry Groups Keep track of emerging quantum-resistant technologies. Actively engage in quantum security working groups to stay ahead of evolving threats.

Importance of Education and Upskilling

Both papers highlight the importance of education and upskilling to navigate the complexity of quantum-safe transitions:

• Raising Awareness & Educating Stakeholders: Financial institutions and telecom organizations must educate executives, policymakers, and technical teams on the urgency of quantum threats and the necessity of adopting quantum-safe cryptography.

• Training IT Teams on Cryptographic Transitions: IT professionals need specialized training to understand cryptographic dependencies, emerging quantum-resistant algorithms, and hybrid approaches to encryption.

• Developing Quantum Risk Assessment Expertise: Organizations should build internal capabilities to assess and mitigate quantum risks by integrating cryptographic asset inventories, security protocol evaluations, and migration roadmaps.

Recognizing these critical needs, we at AvinyaSQ have designed Quantum-Safe Migration Training and Workshops to equip organizations with the skills and knowledge required for a seamless transition.

Quantum security is a shared responsibility, and preparedness starts with education. If you are looking to upskill your teams, develop a quantum risk assessment strategy, or integrate quantum-safe cryptography into your security roadmap, our Quantum-Safe Migration Training and Workshops are designed to help.

🚀 Get in touch to explore our training programs and secure your organization’s future!