Post-quantum cryptography: Why businesses should set the course now
The EU has presented a roadmap for the transition to quantum-secure cryptography, and Google plans to migrate its core security mechanisms by 2029. The real challenge, however, doesn’t lie in the future, but in the decisions businesses make today.
Tobias Fehenberger
Post-quantum cryptography (PQC) was long considered a topic for the future. Powerful quantum computers were expected to arrive at some point, and companies would have to adapt their cryptography. This perspective is now beginning to shift.
Security authorities are developing concrete migration plans, standardization bodies are advancing new procedures and major technology providers are preparing their platforms for the post-quantum era. What was once a research topic is becoming a practical task for IT and security managers.
The migration has begun
An important signal is coming from Europe: with the new PQC roadmap from the NIS Cooperation Group, a joint framework for migration to quantum-secure cryptography is now available for the first time. National roadmaps and pilot projects are expected in 2026, with high-security applications targeted for migration by 2030.
Momentum is also building outside the public sector. Google has announced plans to migrate its core security mechanisms to PQC by 2029, based on the view that advances in quantum hardware could occur more quickly than previously assumed.
For businesses, this is a clear signal: preparation does not begin with the first powerful quantum computer. The transition is already underway.
The risk exists today
Many discussions focus on when quantum computers will be able to break current encryption methods. In practice, this view is too narrow.
Even today, encrypted data can be intercepted and stored for later decryption. This scenario, known as “store now, decrypt later,” particularly affects information that requires long-term protection.
Public authorities, operators of critical infrastructure and companies in regulated sectors should therefore not wait until quantum computing becomes a reality. For sensitive data, preparation begins today.
At the same time, the challenge goes beyond keeping information confidential. Digital signatures, certificates and authentication methods must also be prepared for a world beyond classical public-key cryptography.
The transition to the post-quantum era has already begun – organizations must prepare now to protect their data and infrastructure.
The challenge is migration
The transition to post-quantum cryptography is often described as the replacement of individual algorithms. In practice, it’s significantly more complex.
The extent to which cryptography is embedded in existing infrastructures is often underestimated. It is embedded in applications, certificates, network protocols, identity solutions and numerous operational processes, affecting a correspondingly large number of systems and responsibilities.
This is why crypto-agility is gaining importance. Security architectures should be designed in such a way that cryptographic methods can be adapted or expanded in the future without having to rebuild entire systems from scratch.
The crucial question, therefore, is not which algorithm will prevail in the long term, but whether one’s own infrastructure is flexible enough to respond to new standards.
Why the network infrastructure is a good starting point
For many companies, the network infrastructure offers a pragmatic entry point into PQC migration. This is where central communication links converge, where sensitive data is transmitted, and where security measures can often be implemented with relatively little effort.
A key advantage is that communication channels can be secured at an early stage, while applications and higher-level systems can be brought up to speed gradually. Hybrid methods combining classical and quantum-secure cryptography can already be deployed today. This creates a viable migration path without having to fundamentally alter existing security architectures.
Anyone investing in cybersecurity and network infrastructure today should therefore consider the question of whether solutions currently deployed are PQC-capable or at least PQC-ready. Investments that already take this development into account create greater flexibility in the long term and avoid the need for retrofitting projects later on.
Laying the foundations now
For most companies, a complete migration isn’t yet on the agenda. Transparency is more important for now: Which cryptographic methods are being used? Which data needs to be protected in the long term? And where are there particular dependencies?
On this basis, priorities can be defined and initial migration paths developed. This is why security authorities are already recommending the creation of a cryptographic inventory and the development of corresponding roadmaps. The coming years offer the opportunity to prepare for the transition to post-quantum cryptography in a controlled manner. Those who start early can protect existing investments, reduce risks and manage the migration in stages.
Ultimately, the most important task over the coming years is to further develop security architectures so that they can withstand today’s threats while remaining prepared for the requirements of the post-quantum era.
Further information:
- BSI: NIS Cooperation Group publishes EU roadmap for quantum-secure cryptography:
https://www.bsi.bund.de/DE/Service-Navi/Presse/Alle-Meldungen-News/Meldungen/EU-Roadmap_Quantenkryptografie_250711.html