Skip to main content
Explore our brands An Informa TechTarget Publication
close search
site logo
Sponsored

Building organizational readiness for post-quantum cryptography

Published March 30, 2026
3D illustration of a working quantum computer.
adventtr via Getty Images

The window for quantum-safe readiness is closing fast. Security experts estimate that quantum computers capable of breaking current cryptography could emerge as early as 2030. Yet 91% of organizations still lack a post-quantum cryptography roadmap. 

“Migrating to a quantum-safe world is the most significant cryptographic transition in history. It’s not as simple as swapping one algorithm for another,” explains Richu Channakeshava, Senior Product Manager who leads quantum security initiatives at Palo Alto Networks. “A successful transition requires navigating tough hurdles.”

One hurdle is overcoming organizational inertia. Migration calls for multi-year operational investment and C-suite alignment, not just technical changes. And delaying puts data security, compliance, and business continuity at risk.

Before organizations can overcome these hurdles, they must first define quantum readiness and understand that achieving it involves more than technology upgrades.

What is quantum readiness?

Quantum readiness is a state of both organizational and infrastructure preparedness. It means security teams can safely replace their current public-key encryption with post-quantum cryptography (PQC). As the first step toward quantum security, it ensures the IT environment can support PQC.

From a technical perspective, achieving quantum readiness includes several key steps:

  • Conducting a comprehensive cryptographic inventory
  • Prioritizing systems and data by quantum risk and data lifetime
  • Designing cryptographically agile architectures
  • Piloting and integrating NIST-standard post-quantum algorithms (often in hybrid modes)

Yet these technical steps cannot succeed without the organizational foundation to support them. Getting there requires a systematic transformation that extends beyond deploying new technology. Organizations must build the capacity to sustain this extensive effort, starting with foundational readiness.

Building the foundation: Organizational readiness

Most cybersecurity practitioners understand the risks posed by quantum computing. According to a recent ISACA poll, 63% believe it will increase or shift cybersecurity risks, and 62% worry that it will break today’s encryption before browsers and websites implement PQC. 

However, this concern has not yet reached the boardroom. Over half of surveyed organizations cite the lack of executive support as a major barrier to the quantum-safe transition. Resource constraints add to the issue, as quantum readiness competes for budget and attention with AI adoption, cloud migration, and other strategic priorities.

Preparing the organization for quantum-safe systems requires leadership support. This transition touches every part of the business. It needs commitments only the C-suite can make, such as sustained budgets, clear governance, and the authority to prioritize this project over others.

“Cryptographic modernization doesn’t fall under innovation because its purpose is to protect the infrastructure. At the same time, you can’t prove the threat because it’s invisible,” Channakeshava says. “So it becomes a behemoth of a conversation at the board level. Yet you need their buy-in because this is going to be top of mind for at least three to five years.”

Preparing your organization

To prioritize quantum readiness, the board and C-suite must understand the business risks. Security leaders should educate decision-makers about these risks and emphasize compliance exposure, regulatory deadlines, and the long-term value of data that threat actors are harvesting now to decrypt later.

Most enterprises will need three to five years to achieve quantum readiness. Securing executive buy-in and multi-year funding will help sustain progress. For organizations starting on their PQC migration roadmap, tools such as Palo Alto Networks’ Quantum Readiness Assessment can clarify exposure and support planning.

Once the budget is in place, organizations need structure to execute. PQC migration entails coordination across multiple business units, teams, and stakeholders. A governance framework helps set goals, assign ownership, define accountability, and track progress. 

Beyond internal alignment, organizations face external challenges. Vendors, cloud providers, and technology partners are adopting PQC on different timelines, which can create interoperability risks. Engaging early with vendors, from SaaS providers to hardware manufacturers, helps spot dependencies and prevent bottlenecks during migration.

The time to act is now

While cryptographically relevant computers may seem like a distant threat, many organizations are underestimating the effort needed to prepare. As NIST emphasized, “regardless of whether we can estimate the exact time of the arrival of the quantum computing era, we must begin now to prepare.”

Quantum readiness is only the initial step toward quantum security, where PQC is fully deployed, configured, and enforced across all data, sessions, and devices. Organizations that act now can avoid the risks of rushed implementation and ensure their systems adapt safely to quantum-resistant standards.

“The quantum era brings the most significant cryptographic challenge of our generation. Quantum computing will fundamentally transform the way we secure information,” Channakeshava says. “Organizations that don’t meet the new cryptographic standards are putting data, business continuity, and regulatory compliance at risk. Those that start preparing now will be the ones that remain trusted and resilient in the years ahead.”

Filed Under: Security

Editors' picks

  • An analyst uses a computer and dashboard for data business analysis and Data Management System with KPI and metrics connected to the database for technology finance, operations, sales and marketing.
    Image attribution tooltip
    Getty Images
    Image attribution tooltip

    The CIO agenda for 2026

    The technology outlook for the year suggests CIOs will retain their status within the board of directors. IT chiefs have become essential for enterprise success.

    By Roberto Torres • Jan. 30, 2026
  • an office building
    Image attribution tooltip
    Getty Images
    Image attribution tooltip

    AI is changing how work gets done. Here’s how CIOs can help

    Operations are rapidly evolving amid AI adoption, shifting job categories and responsibilities in the process. CIOs can rely on their tech know-how to usher in change.

    By Roberto Torres • Jan. 30, 2026
Editors' picks
  • An analyst uses a computer and dashboard for data business analysis and Data Management System with KPI and metrics connected to the database for technology finance, operations, sales and marketing.
    Image attribution tooltip
    Getty Images
    Image attribution tooltip

    The CIO agenda for 2026

    The technology outlook for the year suggests CIOs will retain their status within the board of directors. IT chiefs have become essential for enterprise success.

    By Roberto Torres • Jan. 30, 2026
  • an office building
    Image attribution tooltip
    Getty Images
    Image attribution tooltip

    AI is changing how work gets done. Here’s how CIOs can help

    Operations are rapidly evolving amid AI adoption, shifting job categories and responsibilities in the process. CIOs can rely on their tech know-how to usher in change.

    By Roberto Torres • Jan. 30, 2026
Latest in Security
This website is owned and operated by Informa TechTarget, a global network that informs, influences and connects the world's technology buyers and sellers.

© 2025 TechTarget, Inc. or its subsidiaries. All rights reserved. An Informa PLC company.
Privacy policy | Terms of use | Take down policy | Cookie Preferences / Do Not Sell