The Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA) and National Institute of Standards and Technology (NIST) recently published a factsheet about the impacts of quantum capabilities. The agencies urge all organizations, especially those that support critical infrastructure, to begin early planning for migration to post-quantum cryptographic (PQC) standards by developing their own quantum-readiness roadmap.
The first set of PQC standards to protect against future, potentially adversarial, cryptanalytically-relevant quantum computer capabilities are being developed by NIST and planned for release in 2024. Having a roadmap and inventory enables an organization to begin the quantum risk assessment processes and provides needed visibility of application and functional dependencies on public-key cryptography that exist within their operational environment.