Agencies Release Quantum Readiness Factsheet

Roadmap aims to help critical infrastructure migrate to post-quantum cryptographic standards
Berenice Baker
Berenice Baker

August 23, 2023

A chemical plant
The roadmap aims to help critical infrastructure sectors to prepare for PQC. Getty

Three U.S. government agencies have released a factsheet that aims to guide organizations through the process of migrating to post-quantum cryptography (PQC) standards.

The Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA) and National Institute of Standards and Technology (NIST) set out their recommended approach in the document, 

Quantum-Readiness: Migration to Post-Quantum Cryptography


The guide aims to inform organizations, especially those that support critical infrastructure, of the threat of quantum computers to the public key encryption they rely upon to transmit data securely.

It includes recommendations to establish a quantum-readiness roadmap, steps to prepare a useful cryptographic inventory, considerations for understanding and assessing the supply chain, how organizations should engage with their technology vendors to discuss PQC, and the responsibilities of technology vendors.

“A successful post-quantum cryptography migration will take time

to plan and conduct,” the document states.

“CISA, NSA and NIST urge organizations to begin preparing now by creating quantum-readiness roadmaps, conducting inventories, applying risk assessments and analysis and engaging vendors.”

It adds that early planning is necessary as cyber threat actors could be targeting data today that would still require protection in the future as it has a long secrecy lifetime. This theft of data that hackers cannot currently decrypt but which future quantum computers could enable them to do so is known as a harvest now, decrypt later approach.

NIST is in the process of selecting quantum-resistant public-key cryptographic algorithms through its post-quantum cryptography standardization process. It aims to

publish its standardization documents in 2024

According to CISA, the critical infrastructure sectors are chemical, commercial facilities, communications, critical manufacturing, dams, defense industry, emergency services, energy, financial services, food and agriculture, government facilities, health care, information technology, nuclear, transportation and water.

Read more about:

Enter Quantum Newsletter

To get the latest quantum computing news, advice and insight, sign up to our newsletter

This site uses cookies to provide you with the best user experience possible. By using Quantum Business News, you accept our use of cookies.