Post-Quantum Security Standards Exist, Migration Remains the Challenge
Published
Question: Governments and industries are accelerating investment in quantum computing. What challenges do you see facing organizations that are preparing for a post-quantum security future?
CEO & Co-Founder of QuSecure, Rebecca Krauthamer
The administration's $2 billion equity stake across nine quantum companies marks the moment Washington stopped treating quantum as a speculative bet and started treating it as critical national infrastructure, accelerating both the timeline for quantum capability and the urgency of the cybersecurity migration that has to run alongside it.
What the deal signals about quantum development timelines: Equity stakes are not grants. The federal government does not take ownership positions in technologies it considers speculative. This is Washington pricing in a quantum timeline that is years shorter than the previous conventional wisdom.
The U.S. versus China model: China is running a strategic and centralized state program. The U.S. just placed nine parallel bets across competing architectures to let the market sort the winners. Both countries are saying the same thing about urgency, but they are saying it in very different languages.
The gap most people miss: As quantum investment accelerates, so too does the quantum threat to cybersecurity. Most people are aware of this, and people should be very concerned, but not for the reasons that most think.
The quantum threat is largely a solved problem on paper.
- The standards exist,
- They run on the infrastructure that organizations already have.
- The real danger is not the physics; it is governments and enterprises failing to migrate in parallel with the technology they are investing in.
What comes next in Washington: This is the offense side of the ledger getting funded. The defense side, including the federal migration deadlines, is currently phased from 2027 to 2035.
There is a growing gap between these timelines that the U.S. had previously put in place and those that other countries have been issuing in the last year. Expect the next move out of Washington to compress those timelines.
Also expect additional capital to follow into private quantum companies, as well as the companies doing the quantum security migration work. Thursday's news funds nine companies building quantum capability. It does not fund the migration required to defend against it. Washington is well aware, and that second story is the one to watch next.
Who actually has to act: Federal dollars build quantum computers. They do not migrate a bank, a hospital, or a power grid. Every board in the country should be asking one question this quarter:
Are we moving on post-quantum cryptography at the same speed our government is moving on quantum itself? For too many of them, the honest answer right now is still no.
Related
