Navigating the Quantum Transition

Navigating the Quantum Transition: Why 2026 is the Critical Year for PQC Adoption

Intro

Post-Quantum Cryptography (PQC) is a suite of newly designed algorithms intended to be resistant to attacks from both classical and future quantum computers. Unlike „quantum cryptography,“ which requires specialized hardware, PQC is designed to run on existing classical infrastructure like standard servers and cloud platforms.

Why It Matters: The "Quantum Cliff"

The urgency for PQC is driven by the fact that a Cryptographically Relevant Quantum Computer (CRQC) will be capable of breaking the asymmetric encryption (like RSA and ECC) that secures nearly all modern digital communication.

Harvest Now, Decrypt Later (HNDL): Adversaries are currently collecting encrypted data to decrypt it once quantum technology matures, creating an immediate risk for data with long-term confidentiality needs, such as medical records or trade secrets.
Trust Now, Forge Later (TNFL): Future quantum computers could forge digital signatures on long-lived artifacts like PKI root certificates or firmware updates, undermining trust retroactively.

Companies and organizations should prioritize transitioning to post-quantum cryptography (PQC) now because the internet is rapidly adopting it as the new security baseline. According to Cloudflare Radar (see chart below), the share of human-initiated HTTPS traffic using post-quantum key exchange has surged dramatically – from roughly 38% a year ago to around 65-70% today. This explosive growth, driven by browser support (Chrome, Edge, Firefox) and Cloudflare’s default hybrid implementations, means that a majority of web connections are already protected against „harvest now, decrypt later” attacks.

By delaying migration, organizations risk leaving sensitive data (customer information, intellectual property, credentials, or long-lived secrets) exposed to future quantum decryption, while competitors and industry leaders move ahead. Early adoption is low-disruption with hybrid schemes, future-proofs infrastructure, maintains compliance and trust, and aligns your security posture with the accelerating global standard.

PQC Adoption, wordlwide, src: https://radar.cloudflare.com/post-quantum?dateRange=52w

European Compliance and Mandates

For corporations operating in Europe, PQC is transitioning from a theoretical concern to a regulatory requirement.

EU Coordinated Roadmap: Member States are expected to complete the first steps—including awareness, inventories, and initial pilots—by the end of 2026.
Sector-Specific Rules: Regulations like NIS2, DORA (for financial services), and the Cyber Resilience Act (CRA) create supervisory expectations for robust risk management and supply chain security that include quantum readiness.
Hybrid Requirements: National agencies like the BSI (Germany) and ANSSI (France) strongly recommend or mandate hybrid approaches—combining classical and PQC algorithms—to ensure security during the transition.

Suggested Adoption Timeframe: Why 2026 is Critical

Best practice dictates that corporations must begin formal adoption no later than 2026 to satisfy converging regulatory deadlines and avoid a last-minute crisis.

Phase 2: Implementation and the Learning Curve

Starting implementation and pilots in 2026 is considered a best practice because PQC migration is not a simple „switch,“ but a complex, multi-year transition.

Developing Muscle Memory: Early pilots in 2026 allow security teams to experience the learning curve of PQC, such as handling larger handshake sizes and signature formats that may break existing middleboxes like firewalls or load balancers.
Identifying Gaps: Starting early reveals which infrastructure (like HSMs or PKI) needs firmware upgrades or hardware replacement, which often have 6-to-12-month procurement lead times.
Vendor Governance: Beginning in 2026 gives corporations the necessary time to demand PQC roadmaps from third-party vendors, who are often the longest segment of the migration critical path.

Summary of Best Practice Timelines

By End of 2026: Complete cryptographic inventories, establish governance, and launch initial hybrid TLS/VPN pilots.

2030 Horizon: Retire highly vulnerable 112-bit security public-key algorithms.

2035 Deadline: Full migration of all systems to a quantum-safe state.

European Compliance Requirements

Under European regulations such as NIS2 (Network and Information Security Directive 2) and DORA (Digital Operational Resilience Act), Post-Quantum Cryptography (PQC) requirements are framed as part of a broader mandate for robust risk management and supply chain security. While these regulations may not explicitly name specific PQC algorithms in their primary text, they create supervisory expectations that organizations must address the „quantum cliff“ to remain compliant.

Specific Regulatory Mandates

According to the sources, the requirements for NIS2 and DORA include:

Risk Management Measures: Organizations must implement security measures proportionate to the risk they face. As the threat of „Harvest Now, Decrypt Later“ (HNDL) grows, failing to plan for PQC may be viewed as an inadequate risk posture.
Supply Chain Security: Both regulations emphasize the security of the third-party supply chain. This requires corporations to ensure their vendors have active PQC migration roadmaps and to include PQC requirements in procurement contracts.
Incident Response and Resilience: DORA specifically focuses on the digital operational resilience of the financial sector, requiring firms to manage technology risks proactively to ensure continued reliable operation.

Operational Requirements to Satisfy Compliance

To satisfy the supervisory expectations of NIS2 and DORA, the sources suggest that organizations must produce specific artifacts as evidence of compliance:

Cryptographic Bill of Materials (CBOM): A comprehensive inventory of all cryptographic assets is required to demonstrate that an organization knows where its quantum-vulnerable systems are located.
Governance Structure: Establishing a formal PQC governance team (including a SteerCo and a Program Manager) is necessary to oversee the multi-year transition.
Vendor Governance Program: Organizations must formally engage strategic vendors, send readiness questionnaires, and track GA dates for PQC-capable products.
Evidence Dossier: For audit purposes, corporations should maintain a package containing CBOM snapshots, pilot test reports, and risk registers that specifically include quantum risk entries and mitigation statuses.

What to do now

Building a Cryptographic Bill of Materials (CBOM) that prioritizes externally reachable services is a critical best practice for managing immediate „Harvest Now, Decrypt Later“ (HNDL) risks. By focusing on the external attack surface, organizations can gain rapid visibility into their most vulnerable data flows before committing to deeper, more complex internal discovery.

The "Outside-In" Approach: An Easy First Step

The most effective way to initiate a CBOM is to scan and inventory from the outside. This approach utilizes External Attack Surface Management (EASM) tools and active network scanning to identify internet-facing endpoints from an adversary’s perspective.

Initial Visibility: This step identifies subdomains, services, and forgotten „shadow IT“ that may not be registered in a central CMDB.
Negotiated Realities: Unlike internal configuration reviews, external scanning reveals what is actually negotiated in production (e.g., specific TLS versions and cipher suites) rather than just what is configured.
Public Record Audits: Organizations should supplement scans by monitoring Certificate Transparency (CT) logs, which provide a comprehensive record of every certificate issued for their domains, exposing reachable services regardless of internal documentation.

Prioritizing Externally Reachable Services (Priority A)

External services are classified as Discovery Priority A because they are easily accessible to adversaries seeking to harvest encrypted traffic. Key targets include:

Web Applications: Such as online banking platforms, which handle high-value, long-lived secrecy data like financial records.
VPN and Access Gateways: These serve as the primary entry points for remote work and partner connectivity, often relying on vulnerable RSA or ECC key exchanges.
Email Gateways: Critical for protecting long-term confidential communications.

The Minimum Viable CBOM (MV-CBOM) Layer 1

Focusing on these services allows an organization to complete Layer 1 of the MV-CBOM (Infrastructure Cryptography). This layer covers TLS/SSH/IPsec configurations on load balancers, firewalls, and VPN concentrators. It represents the largest harvestable attack surface and is the most amenable to early hybrid PQC deployments.

Drilling Deeper: The Path to Maturity

Once the external overview is established (target: 30–60 days), the program can drill deeper into the technology stack:

Layer 2 (Platform): Querying cloud APIs and HSM logs for internal encryption-at-rest settings.
Layer 3 (Application): Using static code analysis (SAST) to find hardcoded algorithms within the webapp’s underlying code.
Layer 4 (Third-Party): Reviewing vendor documentation for black-box appliances where source code is unavailable.

Summary of Benefits

Starting with an external-facing CBOM provides immediate security value by surfacing „classical“ vulnerabilities—such as deprecated TLS 1.0/1.1 versions or weak RSA-1024 keys—that can be remediated instantly. This phased approach avoids „inventory paralysis,“ delivering 70–80% risk coverage with only 20–30% of the total discovery effort.

Infos & Contact

Cover Image: zeroBS

Navigating the Quantum Transition