PQC migration unpacked: Four focus areas to build momentum

Post-quantum cryptography (PQC) migration is often presented as a clean, linear process: inventory your cryptographic assets, prioritize them, build a roadmap, and migrate one by one.

In practice, it’s rarely that simple. You might think you’ve got crypto discovery covered – until you realize it’s a highly-dimensional, deeply-embedded, and often undocumented part of your infrastructure. Or perhaps you’re the one championing the cause, but you lack the mandate, budget, or executive support to move forward. Maybe there are just too many other priorities.

So how do you get started? The answer: start small, but think big. PQC migration doesn’t have to be overwhelming. You can start your PQC migration journey by focusing on four key areas. These aren’t sequential steps. You can begin where it makes the most sense for your business – and build momentum from there.

1. Develop readiness and capability

In my experience, most organizations already have someone who understands the urgency of PQC. If you’re reading this, that person might be you. But even with technical know-how, the biggest challenge is often organizational: no budget, no priority, and no clear mandate. Even when a small team is capable, implementing cryptographic upgrades across dozens of DevOps teams – each with its own backlog – is a different story. Ironically, the hardest systems to migrate may not be the crown jewels, but the forgotten legacy systems no one wants to touch. So where do you begin?

Before pushing for a full-on roadmap of strategy, create a short, compelling internal document that outlines the urgency and opportunity. Give people something to rally around. Identify what the quantum risk means to your industry and company, and formulate it in the language that resonates with leadership and practitioners. You may find it helps to get experts on board, too.

2. Rethink inventory: it’s not a prerequisite, it’s a process

There are two common misconceptions:

• One tool will give you full visibility.
• You need a complete inventory before you can start migrating.

Neither are true. Cryptographic assets have many dimensions. Their owner may be internal or vendor-supplied. They may be deployed on-premises or in the cloud. They may be legacy, active, or still in development. They may have different levels of exposure, risk characteristics, scope, and more. No single tool will capture everything. Doing so requires a combination of TLS traffic analysis, filesystem scans, cryptographic bills of materials (CBOMs), questionnaires, and more. Each method has its strengths and blind spots. Don’t expect one solution to be the holy grail, but instead, start where you already have visibility and build from there.

Second, cryptographic inventory is not a prerequisite. In one case, I worked with an organization that prioritized TLS traffic, only to find that 99% of assets were marked high priority. Denoting everything as a high priority nullifies the need for prioritization. Additionally, cryptographic inventory is never going to be finished, so waiting for it to be done won’t get you far. It’s not a one-time task either. It’s a continuous process that’s essential for prioritization, compliance, and incident response.

3. Begin migration where it makes sense

Another common misconception is that the technology isn’t there yet. It’s actually a nuanced picture. PQC algorithms were standardized in mid-2024 after years of global vetting. Since then, vendors have rapidly integrated PQC into OpenSSL, TLS, HSMs, and other products. Nonetheless, scrutiny continues. In 2022, side-channel vulnerabilities were found in Falcon, one of the PQC algorithms, after five years of development and vetting.  It’s a reminder that algorithms deemed secure may one day face vulnerabilities. Nonetheless, the same is true for any cryptographic algorithm. This doesn’t mean they aren’t secure.

There are also still wrinkles in software packages implementing PQC. For example, when testing BouncyCastle, we found it lacked native PQC support, requiring C-based implementations and custom compatibility layers. We also found a lack of standards, forcing us to define custom nomenclature. This raised an important question: would it have been easier to wait a few years for the technology to mature?

For some systems, perhaps it would have been. For new technologies and non-critical systems, one could wait until more documentation is available and more experience is available. But you can’t wait forever. By choosing not to wait, early adopters gain experience, influence standards, and uncover risks sooner.

There are also plenty of smart, low-risk actions you can take in the short term – steps that make sense regardless of where you are in your PQC journey. For example, organizations can adopt best practices related to automated key and certificate management and rotating keys regularly or automatically. They could also upgrade to TLS 1.3 or design modular, update-ready systems. Perhaps the most sensible thing is to look at what’s already on the roadmap. If a system is being upgraded, ensure it’s done with PQC and crypto agility in mind.

4. Engage your ecosystem and dependencies

PQC migration is an organizational problem, full of complex dependencies. You depend on vendors who may not yet support PQC, policies with customers that may assume cryptographic lifetimes of decades, and standards that vary by region. You may want to consider negotiating terms with your vendors but lack the capacity and knowledge to do so effectively. You may want to align with regulators and governments, but ambiguous and diverging polices complicate the matter. How should you get started?

Foremost, start the conversation. Talk to your peers. Collective pressure is more effective when negotiating with vendors or influencing standards. Talk to your vendors. Include crypto agility clauses in contracts – especially during renewals – and talk to policy owners to challenge assumptions about key lifetimes and update cycles.

Conclusion: action over perfection

PQC migration is complex, and it’s hard to see the full picture from the start. But one thing is clear: inaction is not an option. The good news? You don’t need to solve everything today. No-regret moves are possible. Rather than overcomplicating cryptographic discovery, start with existing visibility and build a more complete inventory from there. Oversee the migration roadmap. If a system is being upgraded, ensure it’s done with PQC in mind and adopt best practices around crypto agility. Finally, engage your ecosystem and initiate discussions with peers, vendors, and policy makers. Whatever you do, lean towards action instead of perfection. The time is ticking as quantum computers mature.