What’s Your Most Important Question When It Comes to Quantum Safe Migration?

In this article, I would like to focus on the critical questions typically raised by the industry leaders on quantum safe migration.

In my discussions with CISOs, industry leaders, and ecosystem players about quantum safe migration, I’ve noticed three distinct attitudes: Pioneers, Fence Sitters, and Skeptics. Each group’s perspective is shaped by their interpretation of the current technological landscape and their organizational priorities. The positive takeaway is that awareness of quantum threats is widespread, albeit to varying degrees of understanding.

Regardless of where you or your organization stands—whether as a Pioneer, Fence Sitter, or Skeptic—there are many common questions about quantum safe migration. These questions span a range of concerns, from the immediate feasibility of addressing quantum threats to the strategic planning required for long-term cryptographic resilience.

Here are some of the most common questions I’ve encountered (some have easy answers and while others demand deep thinking):

• Do we have quantum computers capable of breaking the current encryption used in our systems?

• Given other pressing issues and priorities, why should we allocate resources to this concern?

• With so much uncertainty about the availability of quantum computers that can break current encryption, why should we care about this issue now?

• What solutions are available to mitigate this threat? Are there any recommendations or guidelines?

• Do we have new standards for algorithms, protocols, and industry specifications for adopting quantum safe cryptography? [Note: The first part of this question is answered to some extent by NIST’s publication of PQC standards ]

• Are the proposed Post-Quantum Cryptography (PQC) algorithms proven? Can they withstand attacks from quantum computers?

• How do we ensure that the new algorithms are truly safe and worth the investment? How do we manage the risk if these algorithms are also broken?

• I understand crypto agility at an application level with the right design and architecture. But how can we implement crypto agility at an enterprise scale?

• Do we have any tools to assist in the migration to quantum safe cryptography?

• How do we ensure we are making the right decisions regarding algorithms, protocols, architecture, and implementations?

• Quantum safe migration seems like a significant investment for my organization. How can I build a strong business case for this migration?

• What should be the first step in this process of migration?

Of course, these are just a few of the many questions surrounding quantum safe migration. Every organization will face its unique challenges and considerations.

• What are your questions?

• What challenges are you facing or anticipating in your journey toward quantum safe migration?

Your insights and perspectives are invaluable as we pursue effective solutions for quantum safe migration. Let’s discuss and navigate this complex yet crucial transition together.

I would be glad to explore any of the above questions and beyond in detail. Please feel free to reach out.

Most Important Question When It Comes to Quantum Safe Migration?