Quantum Security & PQC
Post-quantum cryptography, PQC migration, crypto-agility, cryptographic inventory, CBOM, and practical quantum readiness.
-
Post-Quantum, PQC, Quantum Security
The Quantum Random Number Generator (QRNG) Gold Rush
Everyone is selling quantum randomness. Most buyers can't tell the difference between genuine quantum entropy and a rebranded noise source with a quantum sticker on the box. This guide fixes that.
Read More » -
Post-Quantum, PQC, Quantum Security
Post-Quantum Deadlines Are Likely About to Compress. Here’s What I’m Seeing.
Governments spent 2025 publishing PQC roadmaps. In 2026, they started giving those roadmaps teeth. A draft US executive order, the EU's first binding PQC law, and vendor deadlines from Google and AWS are collapsing the compliance horizon from 2035 to…
Read More » -
PQC Governance
The CISO’s Role in PQC Migration: Organizational Models, Three Lines of Defence, and the Authority Question
The CISO role varies enormously across organizations. That variation determines whether CISO-led PQC governance works, and this article maps six real-world models to explain when and why.
Read More » -
Global PQC Migration Timelines
The Global PQC Migration Clock: Where Every Country Stands and Why the Gaps Between Them Matter More Than the Deadlines Themselves
Fifteen countries have now set PQC migration timelines. They all agree the migration must happen. They disagree on when, how, and with which algorithms. This capstone maps the convergence, the conflicts, and the compliance reality for organizations operating across borders.
Read More » -
Post-Quantum, PQC, Quantum Security
“They’ll Just Rent One”: The Quantum Threat Model Nobody Bothered to Check
Every article about quantum threats includes the throwaway line: criminals won't need their own quantum computer, they'll just rent one. The actual evidence says otherwise.
Read More » -
PQC Governance
PQC Governance: Who Should Lead Your Post-Quantum Migration, and How to Structure the Program
PQC migration is the most complex cryptographic transformation in enterprise history. Getting the governance model right determines whether it succeeds or stalls. Here's how to structure it.
Read More » -
Quantum Security & PQC
NIST Narrows the Field: Nine Post-Quantum Signature Candidates Advance to the Third Round
NIST just narrowed 14 post-quantum signature candidates to nine. The survivors span four distinct mathematical families, from isogeny-based compact signatures to multivariate schemes under active cryptanalytic fire. Here's what each candidate is, why NIST kept it, and what this means…
Read More » -
CNSA 2.0
CNSA 2.0: The Complete Guide to NSA’s Post-Quantum Requirements
The definitive vendor-neutral reference to NSA's Commercial National Security Algorithm Suite 2.0 — the most operationally specific post-quantum cryptography mandate in the world. This guide breaks down every component of CNSA 2.0 in one place: the complete algorithm suite with…
Read More » -
Quantum Threat to Cryptocurrencies
The Quantum Threat to Cryptocurrencies: What’s Real, What’s Hype, and What to Do About It
Google Quantum AI estimates that breaking the 256-bit elliptic curve cryptography protecting Bitcoin and Ethereum would require fewer than 500,000 physical qubits and roughly nine minutes of runtime on a superconducting architecture. The same day that paper landed, a separate…
Read More » -
Post-Quantum, PQC, Quantum Security
Pick One Layer: How to Choose the Post-Quantum Migration That Protects the Most
Recent research proves one post-quantum layer can protect all payload confidentiality. But which layer should you migrate first? Six enterprise architecture scenarios analyzed.
Read More » -
Quantum Snake Oil
Quantum Snake Oil: A Field Guide to Misleading Quantum Technology Marketing
Sixteen terms. Two tracks. One field guide. The quantum technology market has the exact conditions that produce fraud in every emerging sector: high buzz, big money, low buyer literacy, and complex underlying science that most decision-makers cannot independently evaluate. This…
Read More » -
Post-Quantum, PQC, Quantum Security
The Anatomy of Quantum Denial: What Bitcoin’s Response to the Quantum Threat Teaches Every CISO
At Bitcoin 2026, the same main stage hosted engineers building quantum-resistant upgrades and a trio claiming quantum computers can never work because Bitcoin proves time is discrete. The dysfunction that produced this scene plays out in every enterprise boardroom facing…
Read More » -
Quantum Security Reference
Quantum Security: A Complete Guide for Security Leaders
Sixteen concepts. One imperative. The quantum threat to cryptography is no longer a future concern — the deadlines for action are already set, and most organizations haven't started. This guide maps the complete quantum security landscape for CISOs and security…
Read More » -
Post-Quantum, PQC, Quantum Security
Crypto-Agility Is an Architecture Problem, Not a Library Swap
Every PQC migration guide tells you to "be crypto-agile." After leading migrations at Fortune Global 500 scale, I can tell you where that advice fails: HSMs that can't upgrade, protocols with hard-coded algorithms, and embedded devices that will outlive the…
Read More » -
Post-Quantum, PQC, Quantum Security
The Signature Supply Chain: How Deep Does Digital Trust Go?
From TPM attestation keys to container image signatures, modern systems depend on dozens of signature layers most security teams have never fully mapped. This deep dive exposes the full anatomy of the trust infrastructure a quantum computer would compromise.
Read More »
