NCSC Feed: Timelines for migration to post-quantum cryptography

Mar 20, 2025

—

Source URL: https://www.ncsc.gov.uk/guidance/pqc-migration-timelines
Source: NCSC Feed
Title: Timelines for migration to post-quantum cryptography

Feedly Summary: Activities which organisations must carry out to migrate safely to post-quantum cryptography in the coming years.

AI Summary and Description: Yes

Summary: The text discusses the transition to post-quantum cryptography (PQC) in response to future quantum computer threats, highlighting the significance of guidance provided by the NCSC for various sectors, particularly for organizations handling critical infrastructure. This is especially relevant for security professionals tasked with navigating the complexities of cryptographic adaptations amid evolving cyber threats.

Detailed Description: The text outlines the imperative of transitioning to post-quantum cryptography (PQC) and offers strategic guidance on how large organizations, particularly those managing critical infrastructure, should approach this migration. Key points include:

– **Threat Mitigation**: The migration to PQC is essential to safeguard against the potential future threats posed by quantum computing technologies, which could compromise traditional cryptographic mechanisms.
– **NCSC Guidance**: The National Cyber Security Centre (NCSC) plays a pivotal role by providing insights on early-stage migration activities and setting indicative timelines that various stakeholders, including industry, government, and regulators, should adhere to.
– **Target Dates for Migration**: The NCSC outlines core timelines for the adoption of PQC, emphasizing their relevance to all organizations while tailoring specific recommendations for larger entities with unique IT setups.
– **Sector-Specific Readiness**: Different industries exhibit varying levels of cryptographic maturity, hence the guidance suggests that the focus and intensity of migration activities will differ across sectors.
– **Investment Decisions and Cybersecurity Planning**: Emphasis is placed on the importance of these timelines for making informed investment decisions and for comprehensive cybersecurity strategy development.

Overall, the transition to PQC represents a significant shift in the cybersecurity landscape, necessitating proactive engagement and adaptation from organizations, especially those involved with critical infrastructure or bespoke IT systems. This guidance from the NCSC aims to help navigate these changes effectively while fostering a resilient cybersecurity posture.

a Act adaptation adoption AGI AI and art as by C CIA co compute computer Computing core critical critical infrastructure cross Crypto cryptographic cryptographic mechanisms cryptography cyber cyber security cyber threat cyber threats cybersecurit Cybersecurity cybersecurity landscape cybersecurity planning cybersecurity posture cybersecurity strategy D de decision decisions development e effective end engagement for future g Go government graph guidance H high Highlight HR http HTTPS in industry infrastructure insights investment investment decisions k Key l land large led Li making man maturity migration mitigation N nation National Cyber Security Centre NCSC no o of off on OPM opt organization organizations out over phi planning play point post post-quantum post-quantum cryptography potential pre proactive proactive engagement professionals quantum quantum computing quantum cryptography R rate RCE readiness recommendations response Ro Role s safe sec sector security security landscape security posture security professionals security strategy shift Sig source specific SSE stakeholders strategic Strategy system systems T Task tech technologies text the threat threat mitigation threats Time to Tor TP transition trie UI UK up ups US V Wi x