The window for “harvest‑now, decrypt‑later” attacks is open, and the clock is ticking. With NIST’s first three post-quantum cryptography (PQC) standards now finalized (FIPS 203/204/205) and HQC selected in 2025 as an additional encryption option, audit, risk and security teams have the clarity they need to start moving with intent. This blog post distills the core ideas from our ISACA Journal article into a pragmatic, one-year plan you can run inside any enterprise.
What Actually Changes with PQC (And What Doesn’t)
PQC replaces today’s quantum-vulnerable public‑key building blocks (RSA/ECC) with new math, e.g., lattice-based ML‑KEM (Kyber) for key establishment and ML‑DSA (Dilithium) or SLH‑DSA (SPHINCS+) for signatures. These schemes are designed to run on existing networks and hardware (unlike quantum key distribution, which needs special gear). Still, they do come with trade-offs: larger keys/signatures, heavier computation and new PKI “plumbing” during migration. That’s why agility, being able to add/swap algorithms without breaking systems, is the design goal.
Your 12-Month PQC Playbook
Q1 - Organize, inventory, scope
- Stand up a crypto transition working group. Include security architecture, PKI owners, identity, networking, DevOps and compliance. Give it an executive sponsor and a risk register entry labeled Quantum Risk.
- Inventory cryptography. Map where public‑key crypto lives: TLS, VPN, email, code‑signing, device firmware, mobile apps, third-party connections and long-lived archives. Capture algorithms, libraries, certs, key lengths and expirations.
- Classify “long‑secrecy” data. Identify datasets requiring 10–20+ years of confidentiality (financial records, healthcare data, intellectual property). Prioritize them for early protection.
Q2 - Pilot and measure (lab → limited production)
- Pilot hybrid handshakes. Where feasible, test hybrid key exchange that combines a classical algorithm with a PQC KEM (e.g., ML‑KEM + ECDHE) so an attacker would need to break both. Capture handshake latency, CPU impact and failure modes.
- Exercise crypto‑agility. Validate you can rotate algorithms and parameters through configuration, not code rewrites. Prove roll-forward/roll-back plans in CI/CD for services that terminate TLS.
- Start with developer trust chains. Establish a PQC-ready path for build signing and artifact attestation (code‑signing, container signing). Break-glass guidance must exist before broad rollout.
Q3 - Modernize PKI and contracts
- Prepare “dual‑stack” PKI. Issue test intermediates and policies for PQC and hybrid certificates. Plan revocation/expiration to phase out ECC-only certs on a timeline.
- Update procurement & partner requirements. Add language that new systems must support NIST‑standardized PQC (FIPS 203/204/205) and cryptographic agility. Require visibility into libraries and supported cipher suites.
- IoT/OT strategy. For constrained devices with decade-long lifetimes, decide: gateway‑termination now, firmware upgradeability or replacement windows. Document what cannot be upgraded and how you’ll segment/compensate.
Q4 - Expand deployment and bake into governance
- Scale by business service. Transition from pilots to prioritized services that manage long-secret data and external connectivity. Track coverage: endpoints, load balancers, APIs and machine-to-machine links.
- Institutionalize crypto lifecycle management. Policy, standards and runbooks for algorithm selection, parameter sets, certificate profiles, logging/monitoring and incident response for cryptographic failures.
- Plan for the next standard. NIST has selected HQC to diversify KEM options; watch draft timelines and keep room in your designs to add it if/when required.
What Good Looks Like - Success Criteria & KPIs
- Coverage: % of external-facing services supporting PQC or hybrid key exchange; % of code-signing pipelines using PQC-ready chains.
- Performance: Measured delta in TLS handshake time/CPU at peak; no material SLA breaches.
- Agility: Mean time to rotate algorithms/parameters; rollback success rate in controlled tests.
- Governance: Updated standards, partner clauses and audit evidence showing inventory, decisions and timelines.
Pitfalls to Avoid
- Boiling the ocean. Treat this as a multi-year program, starting with the highest-risk data paths first.
- Ignoring endpoints and firmware. PQC isn’t just a load‑balancer switch; plan for code‑signing and device updates.
- Underestimating PKI complexity. Hybrid certificates, revocation and chain validation across mixed fleets are non-trivial; test them early.
- Chasing shiny hardware. PQC is deployable software and protocols; quantum key distribution remains niche and hardware‑dependent for most enterprises.
Where to Point Your Team Next
- Standards: Read the plain‑language NIST updates and the FIPS specifications (203: ML‑KEM, 204: ML‑DSA, 205: SLH‑DSA) and align your profiles to them.
- Cross‑industry perspective: Finance, healthcare, telecom, and the public sector are already piloting quantum‑resilient patterns, borrowing their playbooks, especially around hybrid deployment and crypto‑agility.
Bottom line: The PQC transition is a marathon that starts with a single, well-planned sprint. Inventory your crypto, pilot hybrids, modernize PKI and scale with governance. If you can swap algorithms without drama a year from now, you’re already ahead.
