Most CISOs can tell you they have a quantum problem. Very few can tell you which of their systems are most exposed, which assets need to move first, and whether their current migration timeline is realistic given their data longevity requirements. That gap between awareness and specificity is exactly what the Post-Quantum Risk Assessment closes. It takes your actual cryptographic asset profile and produces a scored, prioritised output you can act on, and defend in a board meeting. Run the free assessment now

What the Post-Quantum Risk Assessment Tool Does

The assessment works by mapping your specific cryptographic assets against a risk model that accounts for algorithm vulnerability, data sensitivity, and the time dimension introduced by what Q-Day means for your timeline.

You provide four categories of input:

Asset types. The tool covers TLS endpoints, code signing infrastructure, data-at-rest encryption, PKI, and authentication systems. You identify which categories apply to your organisation and estimate the scale of each.

Data classification. Each asset category is assigned a sensitivity level. This affects the risk weighting, a TLS endpoint protecting public-facing marketing content scores differently from one protecting classified financial records.

Current algorithm suite. You identify which algorithms each asset category relies on: RSA, ECDSA, AES-128, AES-256, DH, and others. The algorithm choice directly determines quantum vulnerability. RSA-2048 and ECDSA face complete cryptographic failure under Shor's algorithm on a sufficiently large quantum computer, while AES-128 is weakened rather than broken by Grover's algorithm.

Data longevity. This is the input most organisations underestimate. The question is: how long does this data need to remain confidential? If the answer is 10 years or more, the data is already at risk under the Harvest Now, Decrypt Later threat model, regardless of when a cryptographically relevant quantum computer actually arrives.

The tool processes these inputs in under 10 minutes and produces a scored exposure report with a ranked migration order. You do not receive a generic maturity score, you receive a prioritised list of your specific assets, ordered by migration urgency.

Post-quantum risk assessment framework: three input dimensions combined into an aggregate PQC risk rating with risk bands PQC RISK SCORE COMPOSITION THREAT LIKELIHOOD CRQC Timeline Estimate Expert consensus range Mosca x + y vs z 35% score weight VULNERABILITY Algorithm dependency RSA / ECDSA / AES-128 vs quantum-safe baseline 35% score weight IMPACT Data sensitivity classification level Regulatory exposure NIS2 / DORA / CNSA 30% score weight AGGREGATE PQC RISK RATING Weighted composite score per asset category Asset longevity applied as multiplier HIGH EXPOSURE Migrate within 6-12 months Document risk acceptance MEDIUM EXPOSURE Include in primary migration window, not deferred LOW EXPOSURE Schedule in second phase AES-256 / short longevity
Post-quantum risk score composition. Threat likelihood (CRQC timeline, 35%) and vulnerability (algorithm dependency, 35%) carry equal weight; impact (data sensitivity and regulatory exposure, 30%) completes the model. Asset data longevity is applied as a multiplier across all three dimensions. The aggregate score places each asset into a migration priority band.

Why This Assessment Matters for Your Organisation

NIST published FIPS 203, FIPS 204, and FIPS 205 on 13 August 2024. These are the finalised post-quantum cryptographic standards for key encapsulation and digital signatures. The transition clock is no longer theoretical.

NSA CNSA 2.0, published in September 2022, sets compliance windows for National Security Systems that are now within the active transition period. These are ongoing windows with different endpoints by system type, organisations within scope should be actively migrating now, not planning to begin.

Beyond the US government context, NIS2 entered enforcement in October 2024. Under Article 21, it requires essential and important entities to implement proportionate cryptographic security measures. NIS2 does not mandate specific PQC algorithms, but quantum-vulnerable cryptography left unaddressed is a demonstrable gap in an Article 21 risk management assessment. DORA became applicable in January 2025 for EU financial entities and imposes ICT risk management obligations that include cryptographic controls. UK organisations are not subject to EU NIS2 directly, they follow UK NIS Regulations (2018) and NCSC post-quantum cryptography migration guidance, which sets a three-phase timeline running to 2035. The regulatory direction across all these frameworks is consistent: manage cryptographic risk proportionately, and document that you have done so.

The more immediate driver for most organisations is the HNDL threat. Data being exfiltrated today (from financial systems, government networks, healthcare records, communications infrastructure) will be readable once a cryptographically relevant quantum computer exists. A cryptographic inventory tells you what you hold; this assessment tells you which of those assets are already at risk under the retrospective decryption model.

The practical value of a scored assessment is specific: it gives your security team a defensible basis for budget requests and a document the board can engage with. "We have identified 14 high-priority cryptographic assets requiring migration in the next 12 months" lands differently from "we have a quantum security programme in planning."

Our tools are designed as directional tools only. Advice and standards are changing rapidly and although we update tools as new information is periodically released they are not designed as a replacement for expert advice. If your organisation results show high-priority exposure the next step is to contact our team or speak to a qualified expert member.

How to Use the Post-Quantum Risk Assessment

Step 1. Navigate to the tool. The assessment opens with an organisation profile screen. You do not need an account. There is no data stored beyond your session.

Step 2. Enter your asset categories. The tool presents a taxonomy of cryptographic asset types. Tick all that apply to your organisation. If you are uncertain whether a category applies, include it, the tool is designed to handle "partial" or "estimated" inputs and will flag data confidence in the output. Open the assessment tool

Step 3. Classify data sensitivity. For each asset category you have selected, assign a sensitivity level: public, internal, confidential, restricted, or classified. Take this step seriously, it is the single input that most directly affects the migration priority ranking. An organisation that rates everything as "confidential" because it seems safer will receive a less useful output than one that genuinely differentiates.

Step 4. Select your current algorithm suite. For each asset category, identify the cryptographic algorithms currently in use. The tool provides a structured list including RSA (all common key sizes), ECDSA, ECDH, AES-128, AES-256, and DH. If you are unsure of the algorithm breakdown across your estate, note it as a gap, the output will flag this.

Step 5. Enter data longevity requirements. For each asset category, specify how long the data protected by that category needs to remain confidential. The options range from under 3 years to 20+ years. Most organisations discover during this step that their longevity assumptions are longer than they realised. HR records, intellectual property, financial histories, and legal documents often carry longevity requirements of 10 to 20 years.

Step 6. Submit and review. The tool generates your scored report within seconds of submission. The results screen shows your overall exposure score, a ranked list of asset categories, and a migration order recommendation.

How to Interpret Your Assessment Results

The exposure score operates on a high/medium/low scale that maps to migration urgency rather than technical severity.

High exposure means the combination of algorithm vulnerability, data sensitivity, and longevity requirements places this asset category at material risk under the HNDL model. Assets in this band should be in your first migration tranche, within 6 to 12 months.

Medium exposure means the risk is present but either the longevity requirement is shorter or the sensitivity classification is lower. These assets belong in your primary migration programme window, not deferred to a second phase.

Low exposure means either the algorithm is not quantum-critical (AES-256, for example, retains approximately 128 bits of security post-CRQC under Grover's analysis), the data longevity is short, or the sensitivity is minimal. Include these in your migration programme but do not resource them at the expense of higher-priority items.

What most organisations discover when they first run this assessment is that their cryptographic exposure is unevenly distributed. The highest-risk assets are rarely the most visible ones. Internet-facing TLS endpoints often score lower than internal authentication systems protecting long-lived HR and financial records, precisely because the longevity and sensitivity variables outweigh the exposure surface factor.

The migration roadmap the tool produces is a sequencing document. Take it to your procurement team and your technical leads. The next logical step from the exposure score is to understand how your assets rank against each other in detail using the Cryptographic Asset Prioritisation Matrix, and to understand your adversary-facing threat profile specifically with the Quantum Threat Exposure Assessment.

Discuss your results with a QSECDEF expert member. A directional assessment is the starting point, not the programme. If your results show high-priority exposure, the next step is a discussion about a structured migration programme with defined milestones. Request a consultation with our team or find a qualified expert member.

Frequently Asked Questions

How is this different from a generic security risk assessment?

A generic security risk assessment covers vulnerability management, configuration compliance, access controls, and a broad range of operational risk factors. This assessment is specifically scoped to cryptographic assets and quantum-specific risk drivers: algorithm vulnerability, data longevity, and the HNDL threat model. It does not replace a general risk assessment, it goes deeper on one specific and currently underserved dimension.

Does the tool store my data?

No. The assessment runs entirely within your browser session. No organisational data is transmitted or stored. The output is generated client-side.

How often should I run the assessment?

At minimum annually, and whenever your cryptographic posture changes materially, new infrastructure deployed, algorithms updated, or significant changes to your data classification or retention policy. Changes to the published CRQC timeline estimates, when they occur, are also a reasonable trigger for re-running.