Expert Membership FAQ
Common questions from prospective QSECDEF expert members: which category applies, what the application process looks like, what happens at each tier…
Blog
Insights & News
Expert analysis, quantum security news, and industry developments from QSECDEF. 88 articles across insights and news.
Articles — page 1 of 3
How Expert Membership Works
QSECDEF runs a structured vetting process before listing any organisation in its directory. This post explains the categories, the question sets, the…
What Makes RSA and ECC Vulnerable to Quantum Attack
RSA relies on integer factoring. ECC relies on elliptic curve discrete logarithms. Shor's algorithm solves both efficiently. Here is why, and what to…
Why 2030 Is Not the Safe Deadline Most Enterprises Think It Is
Most enterprises that have engaged with quantum risk planning have encountered 2030. It appears in NIST's deprecation schedule. It appears in NSA CNSA…
Crypto Agility: The Architecture Principle That Future-Proofs Your Stack
The term 'crypto agility' appears in procurement documents, vendor briefings, and RFP responses with a frequency that has outpaced its precision. In…
How to Start a PQC Migration Programme in Your Organisation
NIST finalised its first post-quantum algorithm standards on 13 August 2024 — FIPS 203 (ML-KEM), FIPS 204 (ML-DSA), and FIPS 205 (SLH-DSA). The…
How a Post-Quantum Risk Assessment Scores Your Cryptographic Exposure
Most CISOs can tell you they have a quantum problem. Very few can tell you which of their systems are most exposed, which assets need to move first,…
Q-Day Timeline Risk Calculator: How Long Does Your Organisation Have?
The question 'will quantum computers break encryption?' has an answer: yes, with a sufficiently large cryptographically relevant quantum computer, the…
Harvest Now Decrypt Later Risk Calculator: Quantify Your HNDL Exposure
Understanding the Harvest Now, Decrypt Later threat is not the same as knowing which of your data is already at risk. Most organisations that have…
Cryptographic Asset Prioritisation Matrix: Which Assets to Migrate First
PQC migration cannot happen across all systems simultaneously, resources are finite, and the wrong migration order leaves your highest-risk assets…
Algorithm Sunset Timer: When Do Your Current Cryptographic Algorithms Expire?
Algorithm deprecation is not a future risk — it is a current compliance requirement with documented timelines published by NIST, NSA, and ETSI. The…
PQC Migration Decision Tree: Where Should Your Organisation Start?
PQC migration is not a bounded project with a clear entry point — it is a programme that cuts across every layer of infrastructure, with…
PQC Readiness Checklist: 40-Point Assessment for Security Teams
Readiness in the context of PQC migration means something more specific than awareness of the quantum threat. Most organisations that consider…
Quantum Threat Exposure Assessment: Score Your Organisation Across Five Threat Vectors
Most quantum security tools ask how ready your organisation is to migrate to post-quantum cryptography. This tool asks a different question: across…
NIST PQC Algorithm Selector: Which Algorithm Is Right for Your Use Case?
NIST finalised three post-quantum cryptographic standards in August 2024: FIPS 203 (ML-KEM), FIPS 204 (ML-DSA), and FIPS 205 (SLH-DSA). For a security…
OT Cryptographic Asset Prioritisation Matrix: Sequencing Quantum-Safe Migration for Industrial Systems
The conversation about OT quantum security migration tends to start in the same place: an asset with no upgrade path. The OT Cryptographic Asset…
OT Protocol Quantum Vulnerability Scanner: Which Industrial Protocols Are Most at Risk?
Most quantum security discussions in operational technology focus on the systems. The scanner works at a lower layer: the communication protocols…
Blockchain PQC Migration Effort Estimator: How Complex Is Your Quantum-Safe Upgrade?
Every blockchain operator knows migration to quantum-resistant cryptography is coming. What most do not know is how complex their specific migration…
Blockchain Quantum Exposure Assessment: Is Your Chain Prepared for Post-Quantum Cryptography?
There are two ways to assess blockchain quantum exposure. The technical approach scans at the protocol layer. The strategic approach asks: how…
Blockchain Quantum Exposure Scanner: Which Wallet Types and Signature Schemes Are Vulnerable?
The Blockchain Quantum Exposure Scanner operates at the technical layer: it identifies which specific signature schemes, wallet address types, and…
PQC Opportunity Qualifier: Identify Which Prospects Are Ready to Buy Quantum Security Solutions
Quantum security is an emerging solution category with a large but unevenly distributed market. A pre-sales team without a structured qualification…
QKD Network Readiness Qualifier: Is Your Infrastructure Ready for Quantum Key Distribution?
An organisation considering quantum key distribution has already moved past asking whether quantum security matters. They are asking: is QKD the right…
SATCOM C2 Cryptographic Readiness Assessor: Quantum-Safe Status for Satellite Command and Control
NSA CNSA 2.0 sets specific cryptographic transition requirements for national security systems, including satellite command and control. Most space…
What Is Q-Day and Why Your Security Team Needs a Plan Now
Q-Day is the threshold at which public-key cryptography ceases to provide security against a quantum adversary. Most enterprises are not preparing.…
NIST FIPS 203, 204, and 205: What Each Standard Requires
NIST published FIPS 203, 204, and 205 in August 2024. The algorithm selection phase is over. What security architects need to understand is which…
Harvest Now Decrypt Later: The Threat That Is Already in Motion
HNDL is not a theoretical risk. The NSA said in 2021 that adversaries are collecting encrypted data today. Here is what the evidence shows, what it…
NIST Post-Quantum Cryptography Standards: The Enterprise Summary
NIST published four post-quantum standards in August 2024. This is the reference a CISO or architect needs to understand what each standard does,…
How to Brief Your Board on Quantum Security Risk
Most board quantum security briefings produce awareness, not decisions. The CISO's challenge is translation. This is a practical guide to structuring…
Quantum Security Risk in Financial Services: A Sector Guide
Financial services faces a structurally higher quantum security exposure than most sectors. Regulatory retention requirements, interconnected…
Quantum Security in the Supply Chain: Why Third-Party Risk Is Now a Quantum Problem
Most PQC migration programmes treat the perimeter of the problem as the perimeter of the organisation. It is not. Every supplier that exchanges…
Stay Informed
Subscribe to the QSECDEF newsletter for weekly updates on quantum security, new lecture recordings, and upcoming events.
Subscribe to Newsletter