Summary
A new peer-reviewed study by independent researcher Robert Campbell in Computers (MDPI) sets a realistic clock on enterprise migration to post-quantum cryptography. Drawing on expert input and historical analogs, it estimates small enterprises will need 5 to 7 years to become fully quantum safe, medium enterprises 8 to 12 years, and large global organizations 12 to 15 plus years. Even these are baseline scenarios, far beyond the couple of years many leaders expected.
The paper argues PQC migration is not a routine crypto swap but a global synchronization exercise across hardware, software, vendors, partners, and regulators. It ties the effort to Zero Trust and crypto-agility and highlights the rising risk from quantum-enabled adversaries and harvest-now-decrypt-later exposure. The message for CISOs and security leaders is clear: start now with cryptographic inventory and risk mapping, engage suppliers and partners, pilot PQC in high-value workflows, and build governance and budgets for a multi-year transformation.
Read more
See the original article at: https://postquantum.com/security-pqc/enterprise-pqc-migration-study/