Getting Started With Quantum Security & PQC
Everything you need to understand the quantum threat to cryptography and how to prepare. From foundational concepts to practical migration strategies, this series builds your quantum security knowledge from the ground up.
-
Quantum Readiness / PQC Migration Is The Largest, Most Complex IT/OT Overhaul Ever – So Why Wait?
Preparing for the quantum era is arguably the largest and most complicated digital infrastructure overhaul in history. Yes, far bigger than Y2K, because back in 1999 we didn’t have millions of network-connected “things” to worry about. Yet despite clear warnings…
Read More » -
Cryptographic Inventory Vendors and Methodologies
Achieving a comprehensive cryptographic inventory often requires combining multiple tools and methodologies. Each solution above has blind spots: one might excel at catching code-level issues but miss network usage, another might see network traffic but miss dormant code, etc. Organizations…
Read More » -
Quantum Readiness Assessment (QRA)
A Quantum Readiness Assessment (QRA) is an in-depth review of an organization’s preparedness for the advent of quantum computing - especially its ability to withstand or adapt to the "quantum threat" posed by quantum computers that could render current cryptography…
Read More » -
PQC Is Necessary, But Not Sufficient – Building Quantum Resilience the Right Way
Simply "dropping in" PQC algorithms will not magically make systems quantum-safe. Real security hinges on how these new primitives are implemented, integrated, and layered into our systems. A quantum-resistant algorithm on paper can still fail in practice due to coding…
Read More » -
Hybrid Cryptography for the Post-Quantum Era
By combining classical and post-quantum cryptographic primitives in tandem, hybrid schemes provide defense-in-depth during this transition period. In practice, a hybrid approach might mean performing both a traditional elliptic-curve key exchange and a post-quantum key exchange inside the same protocol,…
Read More » -
Cryptographic Bill of Materials (CBOM) Deep-Dive
Cryptographic Bill of Materials (CBOM) represent the next evolution in software transparency and security risk management. As we have explored, a CBOM provides deep visibility into an application’s cryptographic underpinnings – an area that has often been opaque to security…
Read More » -
How to Perform a Comprehensive Quantum Readiness Cryptographic Inventory
A cryptographic inventory is essentially a complete map of all cryptography used in an organization’s systems – and it is vital for understanding quantum-vulnerable assets and planning remediation. In theory it sounds straightforward: “list all your cryptography.” In practice, however,…
Read More » -
Infrastructure Challenges of “Dropping In” Post-Quantum Cryptography (PQC)
Post-quantum cryptography (PQC) is moving from theory to practice. NIST has now standardized several PQC algorithms - such as CRYSTALS-Kyber for key exchange (now known as ML-KEM) and CRYSTALS-Dilithium and SPHINCS+ for digital signatures - and major tech companies like…
Read More » -
Telecom’s Quantum‑Safe Imperative: Challenges in Adopting Post‑Quantum Cryptography
The race is on to quantum‑proof the world’s telecom networks. With cryptographically relevant quantum computers (CRQC) projected to arrive by the 2030s, global communications providers face an urgent mandate to upgrade their security foundations. Today’s mobile and fixed‑line networks rely…
Read More » -
Rethinking Crypto-Agility
At its core, crypto-agility means being able to swiftly swap out cryptographic algorithms or implementations when weaknesses emerge. In an ideal world, an organization could “drop in” a new encryption algorithm as easily as a software patch, ensuring they stay…
Read More » -
The Skill Stack a CISO Needs for Crypto‑Agility and Quantum Readiness
The path to quantum readiness is navigable with the right combination of skills, planning, and proactive execution. By leveraging existing strengths - the people and processes you already have - an enterprise can evolve its cryptographic foundations without needing a…
Read More » -
Upgrading Operational Technology (OT) Systems to Post‑Quantum Cryptography (PQC): Challenges and Strategies
Operational Technology (OT) environments, such as industrial control systems and critical infrastructure, are especially at risk due to their long-lived devices and infrequent updates. Many OT systems deployed today will still be in use a decade or two from now,…
Read More » -
Cryptographic Stack in Modern Interbank Payment Systems
International interbank payments rely on multiple layers of classical cryptography to ensure security from end to end. When a user initiates a cross-border transfer at their local bank, cryptographic mechanisms protect the transaction at every stage - from the customer’s…
Read More » -
Post-Quantum Cryptography (PQC) and Network Connectivity: Challenges and Impacts
PQC brings new dependencies between cryptography and network connectivity. Unlike the relatively small and efficient crypto of the past, post-quantum algorithms force us to consider link capacity, latency, and device limitations as first-class concerns in security design. Some network environments…
Read More » -
Harvest Now, Decrypt Later (HNDL) Risk
"Harvest Now, Decrypt Later" (HNDL), also known as "Store Now, Decrypt Later" (SNDL), is a concerning risk where adversaries collect encrypted data with the intent to decrypt it once quantum computing becomes capable of breaking current encryption methods. This is…
Read More »
