Create A Cross-Functional Q-Day Team Or Suffer A Hard Day’s Night
Summary
Quantum security requirements, driven by the impending "Q-day," will impact diverse organizational areas, including public key infrastructure (PKI) upgrades, quantum-safe software releases, and hardware refreshes for IoT devices. A successful quantum security roadmap necessitates a cross-functional team to inventory cryptography, prioritize systems, and manage remediation. Key technology stakeholders, as outlined in a Forrester report, include security, infrastructure, innovation, development, risk, and procurement leaders. Security leaders will orchestrate migration, educate teams, and drive cryptographic discovery. Infrastructure leaders must assess readiness across all environments, from data centers to cloud and edge, evaluating vendor PQC adoption and upgrading networking components. Procurement leaders are crucial for embedding quantum security requirements into RFPs and contracts, assessing vendor PQC roadmaps and maturity.
Key takeaway
For technology leaders preparing for "Q-day" and the transition to post-quantum cryptography, your organization must establish a dedicated, cross-functional team. This team should include security, infrastructure, and procurement to ensure comprehensive cryptographic inventory, vendor assessment, and system upgrades. Prioritize embedding quantum security requirements into all new contracts and evaluating third-party platform providers' PQC commitments to mitigate future risks.
Key insights
Preparing for quantum security requires a coordinated, cross-functional organizational effort across technology leadership.
Principles
- Cryptography is embedded everywhere.
- Vendor maturity impacts quantum-safe security.
Method
Assemble a cross-functional team to review cryptographic inventory, prioritize systems, and oversee remediation, tracking progress and addressing exceptions.
In practice
- Embed quantum security into RFPs.
- Evaluate vendor PQC adoption timelines.
Topics
- Quantum Security
- Post-Quantum Cryptography
- Cryptographic Migration
- Organizational Readiness
- Public Key Infrastructure
Best for: VP of Engineering/Data, Executive, Security Engineer, IT Professional, CTO
Related on AIssential
Editorial summary, takeaway, and curation by AIssential. Original article published by Featured Blogs - Forrester.