Quantum Security & PQC
Post-quantum cryptography, PQC migration, crypto-agility, cryptographic inventory, CBOM, and practical quantum readiness.
-
Post-Quantum, PQC, Quantum Security
Why the Quantum Attack on ECC Keeps Getting Cheaper, and Where It Stops
An open competition has driven the logical qubits for one secp256k1 point addition into the high 1,100s. The arithmetic says how much further circuit tricks can go, and exactly where they stop.
Read More » -
Post-Quantum, PQC, Quantum Security
PQC Migration – What No One Tells You Until You’re Already in It
What happens when PQC migration advice meets real infrastructure at government and enterprise scale? Lessons from leading programs with 120,000+ tasks, delivered at the inaugural Q-Day Summit in Paris.
Read More » -
Post-Quantum, PQC, Quantum Security
Nobody Should Be Buying Proprietary Post-Quantum Cryptography (PQC) Algorithms
Five LinkedIn pitches in one day, each promising provably unbreakable encryption. A tour through cryptography's graveyard shows why unvetted algorithms fail, and how to check any vendor's claims in one afternoon.
Read More » -
Post-Quantum, PQC, Quantum Security
The GRC Playbook for Quantum Security
Quantum risk sits awkwardly in most enterprise risk frameworks — too long-horizon for the security team, too technical for the risk committee, too uncertain for the actuaries. This article gives GRC teams the KRIs, governance structures, and regulatory monitoring processes…
Read More » -
Post-Quantum, PQC, Quantum Security
The SOC Quantum Playbook: Detection Rules, Threat Intelligence, and Incident Response
Your SOC already monitors for TLS downgrades and data exfiltration. Quantum security extends those capabilities with new detection rules, threat intelligence requirements, and incident response playbooks that most teams have not yet built.
Read More » -
Post-Quantum, PQC, Quantum Security
The PQC Migration Framework Is Free. Attribution Is Not Optional.
The Applied Quantum PQC Migration Framework is the first published methodology covering the complete PQC migration lifecycle at operational depth. It is free under CC BY 4.0. Some consulting firms have stripped the attribution and presented it as proprietary work.…
Read More » -
Post-Quantum, PQC, Quantum Security
PQC Migration Frameworks: What Changed Between March and June 2026
The PQC migration conversation shifted from "how do we prepare?" to "how do we deploy?" between March and June 2026. Google set a 2029 completion target, Let's Encrypt committed to Merkle Tree Certificates for post-quantum Web PKI, and the FIPS…
Read More » -
Post-Quantum, PQC, Quantum Security
Canada’s PQC Framework: Sound Design, Stalled Execution — What the Bill C-8 Senate Debate Reveals
Four years after Bill C-26 was introduced, its successor Bill C-8 has finally passed the Senate. Quantum got one question in the debate. The enforcement layer that makes Canada's PQC framework work remains years away from addressing quantum risk.
Read More » -
Post-Quantum, PQC, Quantum Security
The PQC Migration’s Biggest Risk Isn’t Quantum Computers
The largest cryptographic transition in history is replacing battle-tested code with brand-new implementations under deadline pressure. Hybrid ECC+PQ deployment is the engineering-prudent response, and the ML-DSA bug evidence now quantifies the cost of skipping it.
Read More » -
Post-Quantum, PQC, Quantum Security
The Quantum Random Number Generator (QRNG) Gold Rush
Everyone is selling quantum randomness. Most buyers can't tell the difference between genuine quantum entropy and a rebranded noise source with a quantum sticker on the box. This guide fixes that.
Read More » -
Post-Quantum, PQC, Quantum Security
Post-Quantum Deadlines Are Likely About to Compress. Here’s What I’m Seeing.
Governments spent 2025 publishing PQC roadmaps. In 2026, they started giving those roadmaps teeth. A draft US executive order, the EU's first binding PQC law, and vendor deadlines from Google and AWS are collapsing the compliance horizon from 2035 to…
Read More » -
PQC Governance
The CISO’s Role in PQC Migration: Organizational Models, Three Lines of Defence, and the Authority Question
The CISO role varies enormously across organizations. That variation determines whether CISO-led PQC governance works, and this article maps six real-world models to explain when and why.
Read More » -
Global PQC Migration Timelines
The Global PQC Migration Clock: Where Every Country Stands and Why the Gaps Between Them Matter More Than the Deadlines Themselves
Fifteen countries have now set PQC migration timelines. They all agree the migration must happen. They disagree on when, how, and with which algorithms. This capstone maps the convergence, the conflicts, and the compliance reality for organizations operating across borders.
Read More » -
Post-Quantum, PQC, Quantum Security
“They’ll Just Rent One”: The Quantum Threat Model Nobody Bothered to Check
Every article about quantum threats includes the throwaway line: criminals won't need their own quantum computer, they'll just rent one. The actual evidence says otherwise.
Read More » -
PQC Governance
PQC Governance: Who Should Lead Your Post-Quantum Migration, and How to Structure the Program
PQC migration is the most complex cryptographic transformation in enterprise history. Getting the governance model right determines whether it succeeds or stalls. Here's how to structure it.
Read More »
