Post-quantum cryptography is so far down the list of security concerns for older companies. Traditionally non-IT companies tend to have chronically underfunded tech teams to where they don't use...
Post-quantum cryptography is so far down the list of security concerns for older companies.
Traditionally non-IT companies tend to have chronically underfunded tech teams to where they don't use security guides like CIS, use legacy/unpatched software, and have a mountain of technical debt.
It's rarely stated in these articles but need to be emphasised that PQE is only relevant if you already have a mature security posture. If you can't prevent getting breached today, it doesn't make sense to focus on tomorrow.
For a more technical and pragmatic take on this subject (also with no sales pitch at the end) I’d recommend this article: neilmadden.blog/2025/06/20/are-we-overthinking-post-quantum-cryptography/
For a more technical and pragmatic take on this subject (also with no sales pitch at the end) I’d recommend this article:
Post-quantum cryptography is so far down the list of security concerns for older companies.
Traditionally non-IT companies tend to have chronically underfunded tech teams to where they don't use security guides like CIS, use legacy/unpatched software, and have a mountain of technical debt.
It's rarely stated in these articles but need to be emphasised that PQE is only relevant if you already have a mature security posture. If you can't prevent getting breached today, it doesn't make sense to focus on tomorrow.
For a more technical and pragmatic take on this subject (also with no sales pitch at the end) I’d recommend this article:
neilmadden.blog/2025/06/20/are-we-overthinking-post-quantum-cryptography/