Federal Agencies
Federal agencies are prioritizing post-quantum cryptography (PQC) in acquisitions to protect sensitive data from future quantum threats
The “harvest now, decrypt later” risk drives urgency, as adversaries may store encrypted data now to decrypt with quantum computers later
NIST, NSA, CISA, and the Office of the National Cyber Director are leading the push for PQC adoption across federal agencies
Agencies are advised to include PQC requirements directly in acquisition documentation as vendors adopt new standards
Bipartisan support exists for PQC, with national security objectives set to reduce quantum risk by 2035
The Office of Management and Budget (OMB) requires agencies to inventory critical IT assets and plan for PQC transition
A January executive order mandates CISA to publish a list of PQC-supporting product categories and agencies to update solicitations accordingly
NIST has finalized three PQC standards, and CISA is collaborating with vendors to assess cryptographic solutions
Despite awareness, only 5% of organizations have adopted quantum-safe encryption, according to a DigiCert poll
Implementation challenges include heavier PQC algorithms, integration issues, and the need for collaboration with vendors
For more details visit ovindhtech.com