Quantum Security & PQC
Post-quantum cryptography, PQC migration, crypto-agility, cryptographic inventory, CBOM, and practical quantum readiness.
-
Post-Quantum, PQC, Quantum Security
Pinnacle Architecture: 100,000 Qubits to Break RSA-2048, but at What Cost?
Iceberg Quantum's Pinnacle Architecture paper claims RSA-2048 can be factored with fewer than 100,000 physical qubits - a genuine 10× reduction over the previous state of the art - by replacing surface codes with quantum LDPC codes. The result is…
Read More » -
Post-Quantum, PQC, Quantum Security
Payments and the Race to Quantum Safety / Post-Quantum Cryptography (PQC)
The payments industry has navigated big cryptographic transitions before. The migration from magnetic stripes to EMV chips took the better part of two decades and cost billions. The shift from SHA-1 to SHA-256 certificates was painful but bounded - it…
Read More » -
Post-Quantum, PQC, Quantum Security
120,000 Tasks: Why Post‑Quantum (PQC) Migration Is Enormous
When I tell fellow CISOs, board members, or even seasoned program managers that the integrated program plan for a comprehensive quantum security / post-quantum cryptography (PQC) migration I recently worked on contained over 120,000 discrete tasks, the reaction is almost…
Read More » -
Post-Quantum, PQC, Quantum Security
The Cryptographic Iceberg Inside a Mobile Banking Transaction
A single mobile banking payment triggers millions of cryptographic function calls across nine parties. Here's what actually happens - from silicon to settlement - and why it matters for quantum readiness. The Cryptographic Iceberg Inside a Mobile Banking Transaction 320…
Read More » -
Quantum Policies
NIS2, DORA, and the EU Post-Quantum Roadmap
If you are a CISO under NIS2 or DORA, you are already expected to run a risk-management system that tracks material, evolving threats - and to implement “state‑of‑the‑art” controls appropriate to the risk. The EU’s PQC roadmap is effectively saying: quantum…
Read More » -
Quantum Policies
The Complete US Post-Quantum Cryptography (PQC) Regulatory Framework in 2026
Three pillars anchor the US PQC framework: the Quantum Computing Cybersecurity Preparedness Act (federal law that no executive order can undo), NSM-10's 2035 migration target (still in force), and NIST's finalized FIPS standards (published August 2024). The Trump administration's June…
Read More » -
Quantum Policies
No Single Law, No Single Excuse: How Canada Regulates PQC Without Saying “Quantum”
Canada's visible PQC guidance - three documents published mid-2025 - is just the tip. Beneath it sits a layered enforcement framework spanning financial regulation, critical infrastructure law, privacy obligations, and securities disclosure that collectively creates binding pressure for quantum readiness.…
Read More » -
Post-Quantum, PQC, Quantum Security
Telecom Quantum Readiness: Why the Urgency and Where to Start
An increasing number of telecom leaders have been pinging me lately about quantum readiness. And frankly, that’s exactly what they should be doing. New regulations and mandates are emerging left and right (in various jurisdictions and across the industry) requiring…
Read More » -
Post-Quantum, PQC, Quantum Security
Quantum Key Distribution (QKD): Why Countries Differ on Its Future
Quantum Key Distribution (QKD) - a method of securing communications using quantum physics - has become a flashpoint of debate worldwide. Recent news (like Google’s announcement favoring post-quantum algorithms over QKD) highlights how divided opinions are. Some nations are investing…
Read More » -
Post-Quantum, PQC, Quantum Security
Rethinking CBOM
The simplest way to explain CBOM is still the best. If SBOM is the ingredients list for software, CBOM is the ingredients list for the security assumptions that software depends on. Where SBOM tracks components and dependencies, CBOM tracks cryptographic…
Read More » -
Quantum Computing
A Quantum Contrarian Con Artist
In the growing spotlight on quantum technology, a new kind of opportunist is taking the stage - the contrarian con artist. These are not the honest skeptics who ask hard questions in good faith. They are bad-faith actors cloaking themselves…
Read More » -
Post-Quantum, PQC, Quantum Security
Why We Need a Quantum Security ISAC
Quantum computing promises revolutionary capabilities, but it also poses unprecedented threats to cybersecurity. Experts warn of a looming “Quantum Apocalypse” scenario - the day when a sufficiently advanced quantum computer can crack encryption like RSA or ECC, exposing sensitive data…
Read More » -
Post-Quantum, PQC, Quantum Security
How ECC Became the Easiest Quantum Target
Elliptic curve cryptography (ECC) will likely fall to quantum computers before RSA does - a cruel irony, since ECC's smaller keys were considered an advantage. Shor's algorithm needs roughly 2,330 logical qubits and 126 billion Toffoli gates to break P-256…
Read More » -
Post-Quantum, PQC, Quantum Security
Securing Quantum Computers – Threat at the Quantum-Classical Interface
A global race is on to build cryptographically relevant quantum computers (CRQCs) - machines powerful enough to break current encryption. Governments and industry are pouring billions into quantum R&D, and intelligence analysts scrutinize whether a geopolitical rival might secretly be…
Read More » -
Post-Quantum, PQC, Quantum Security
Q-Day Isn’t an Outage – It’s a Confidence Crisis
Cybersecurity lore often paints Q-Day (the moment a quantum computer cracks RSA/ECC encryption) as an instant "Quantum Apocalypse" where every system gets hacked immediately. Planes falling from the sky, banks drained in seconds, an overnight digital Armageddon - if that…
Read More »
