Quantum computing is advancing faster than many organizations are prepared for, but the U.S. government has made it clear that the time for agencies to get ready for “Q-Day” is now.
Q-Day — the point at which quantum computers can break today’s widely used public-key encryption — is no longer just a theoretical concern for agencies and cybersecurity specialists. It’s becoming an urgent planning priority for business and technology leaders, especially those responsible for protecting sensitive data, modernizing legacy systems and managing enterprise risk.
Federal government agencies already operate under formal requirements for quantum readiness, and those same requirements offer a useful road map for private sector organizations that want — and need — to stay ahead of Q-Day risks.
The latest requirements from the U.S. government
The federal government’s approach to quantum readiness is grounded in several measures, including:
- NSM‑10: “Promoting United States Leadership in Quantum Computing While Mitigating Risks to Vulnerable Cryptographic Systems”
- Quantum Computing Cybersecurity Preparedness Act
- OMB Memorandum M‑23‑02
- Post‑quantum cryptography (PQC) standards and transition guidance from the National Institute of Standards and Technology (NIST)
These directives are aimed at federal agencies and also carry important implications for the technology vendors and partners that support them. Together, they establish a clear direction that reaches beyond government and points to several practical steps organizations should take now to prepare.
1. Conduct a full cryptographic inventory
Agencies must identify where public key cryptography is used across systems, applications, devices and data flows before they can make sound decisions about what to change, when to change it and how to manage the transition. This process can help surface dependencies that may exist across the cloud, legacy systems, third-party technologies and complex IT infrastructure where visibility is lacking.
It also aligns with guidance in the “Cybersecurity Information Sheet (CSI) Quantum‑Readiness: Migration to Post‑Quantum Cryptography” from the Cybersecurity and Infrastructure Security Agency (CISA), the National Security Agency (NSA) and NIST, which emphasizes the importance of understanding an organization’s cryptographic footprint before any migration steps begin.
2. Prioritize high-value, high-risk assets
Federal guidance also makes clear that not every asset should be treated the same. For example, OMB M2302 calls for agencies to classify and prioritize systems whose compromise would be most damaging. That same discipline is essential in the private sector. Systems tied to authentication, secure communications, software signing and long-term sensitive data are likely to demand earlier attention because the consequences of exposure are so much greater.
3. Adopt crypto-agile architectures
Crypto agility is another major theme in government-issued guidance for preparing for Q-Day. NSM‑10 directs federal systems to support modular, upgradable cryptographic components rather than architectures that hard code or deeply embed algorithms that make change difficult. Rigid design choices can quickly become liabilities in a PQC transition.
This is perhaps one of the most important lessons that private sector organizations can take from the federal approach. The transition won’t simply be about adopting new algorithms, but also whether systems were designed to adapt without excessive cost, disruption or delay.
4. Plan and communicate a phased PQC transition timeline
The federal government’s approach makes clear that the move to post-quantum cryptography will need to happen in phases, with room for testing, deployment sequencing and technology refresh cycles. It will also require coordination across agencies, vendors and other partners.
For private sector organizations, the message is clear: Expect quantum readiness to be a multiyear business effort, and not just a one-time technical upgrade or cybersecurity project.
The date may be uncertain, but the risk exposure is not
One reason some organizations have been slow to move forward with quantum readiness efforts is the lack of a precise date for Q-Day. Current estimates suggest the earliest plausible time frame could be around 2029, with many experts expecting cryptographically relevant quantum computing capabilities to emerge in the early-to-mid 2030s.
However, organizations don’t need to know the exact date for this moment because there is already urgency around the well-established concern of “harvest now, decrypt later” (HNDL) activity. Adversaries can collect encrypted information today and hold it until quantum tools make decryption possible. For organizations that manage data with long-term sensitivity, that changes the risk equation considerably.
This is why the publication of NIST’s final post-quantum cryptography standards in 2024, along with transition guidance such as NIST IR 8547, first published as an initial public draft in late 2024, marked an important shift. The future is still unfolding, but organizations now have a clearer runway for planning — short, but actionable.
A practical timeline for companies preparing now
No organization will make the shift to post-quantum cryptography overnight. For most, the transition will be gradual, with priorities evolving as standards mature, vendors advance their road maps and internal readiness improves. A practical timeline might look something like this:
2026: Awareness and inventory
- Build or update the organization’s cryptographic inventory.
- Assess crypto‑agility and identify “hard to migrate” systems.
- Begin supplier conversations; PQC will require full supply chain alignment.
2026–2028: Testing and hybrid deployment
- Pilot NIST‑standardized PQC algorithms such as ML-KEM (derived from Kyber) and ML-DSA (derived from Dilithium).
- Implement hybrid classical/PQC schemes for long‑lived or highly sensitive data.
- Update governance, architecture standards and contract requirements.
2028–2030 and beyond: Full migration
- Transition cryptographic systems as vendors reach PQC compliance.
- Replace vulnerable algorithms across communications, software signing, identity and access management (IAM), and data protection.
- Maintain crypto-agility — quantum resistant doesn’t mean static.
A broader test of enterprise readiness
The transition to post-quantum cryptography may reveal larger truths about an organization. It can expose where modernization has stalled, where governance is fragmented and where technical debt has made change harder than necessary. It also creates opportunity. Organizations that approach quantum preparedness thoughtfully may find they’re improving architectural flexibility, strengthening governance and building a more resilient technology foundation while reducing future cryptographic risk.
Q-Day isn’t a speculative or distant event — it’s coming and is likely just years away. Federal agencies are acting now to prepare. Adversaries are already harvesting encrypted data. And organizations with long‑life cycle systems — defense, aerospace, healthcare, energy and finance — face the highest urgency to undertake and amplify their readiness efforts.
Organizations that start preparing for Q-Day now will have more time to build visibility across their environments, prioritize tasks intelligently, collaborate with vendors and other key partners, and reduce the friction that inevitably comes with large-scale change initiatives. Those that delay may find themselves trying to compress a complicated enterprise transition into a much shorter window under greater pressure — with more risk to manage and far less room for error.
