What's Happening?
Federal agencies are mandated to implement post-quantum cryptography (PQC) strategies by 2035, as part of a broader move towards quantum-resistant cybersecurity solutions. This transition is driven by the
Quantum Computing Cybersecurity Preparedness Act of 2022, which requires agencies to assess their current cryptographic systems and develop a timeline for transitioning to PQC. The Department of Defense (DOD) has issued guidelines phasing out certain technologies and requiring cryptographic intake and deployment approval for quantum-resistant technologies. The Defense Advanced Research Projects Agency (DARPA) is leading a significant PQC-related program with a $282 million budget for fiscal 2026, focusing on research and development.
Why It's Important?
The shift to post-quantum cryptography is crucial for maintaining national security in the face of advancing quantum computing capabilities, which could potentially break current cryptographic systems. This transition presents significant opportunities for IT vendors to support federal agencies in updating their cybersecurity infrastructure. Vendors can engage with PQC migration leads and assist in the inventory and reporting of cryptographic systems. The emphasis on using National Institute of Standards and Technology (NIST) approved algorithms for PQC solutions highlights the need for vendors to align their offerings with federal standards, opening new avenues for business growth.
What's Next?
As federal agencies work towards the 2035 deadline, IT vendors are encouraged to develop strategies to support the PQC transition. This includes engaging with PQC migration leads, assisting in the inventory phase, and ensuring solutions are based on NIST-approved algorithms. The ongoing research and development efforts, particularly those led by DARPA, will continue to shape the landscape of quantum security, providing further opportunities for vendors to contribute to the development and implementation of quantum-resistant technologies.
