Introduction
Gartner estimates that state actors and other malicious groups could have access to a cryptographically relevant quantum computer (CRQC) between 2029 through 2031. Attackers are already intercepting and storing encrypted information, planning to unlock it when quantum computers become powerful enough — a tactic known as “harvest now, decrypt later (HNDL).”
Most organizations lack a complete inventory of where cryptography is used across their systems, applications, and supply chain.1 This makes it difficult to prioritize and execute the upgrades needed to protect critical assets before the window for proactive action closes.
Fragmented or ad hoc cryptographic upgrades only add to the risk, creating technical debt and compliance gaps. The scale and complexity of the quantum threat demand a coordinated, enterprisewide response and an approach that is repeatable in the future (crypto-agility).
This research outlines what cybersecurity leaders, CIOs, and CSOs must do now to prepare for a quantum-safe future. By establishing a cryptographic center of excellence and following these top practices, leaders can reduce risk, protect valuable data, and ensure long-term digital trust.
Analysis
Build a Cryptographic Center of Excellence to Drive Quantum Security
A cryptographic center of excellence (CCOE) is the foundation for a successful, coordinated response to quantum risk. It’s responsible for maintaining a clear inventory of cryptographic assets, tracking progress on upgrades, defining how exceptions are managed and maintained, and ensuring that all parts of the organization follow consistent standards and timelines.
Gartner predicts that state actors will have access to cryptographically relevant quantum computers (CRQC) sometime around 2030, at which point, most data will need to be protected with PQC.
The CCOE also acts as the primary point of contact for external partners, regulators, and standards bodies, keeping the organization aligned with evolving requirements and best practices. By centralizing expertise and decision making, the CCOE enables faster, more confident responses to new threats and reduces the risk of costly mistakes through data security breaches and/or legal consequences through noncompliance with regulations. In addition, the CCOE needs to coordinate with any internal data governance, data security governance, or AI governance processes so that the policies are uniformly applied/coordinated.
While team structures can vary depending on size, scope, industry, and regulatory posture, Gartner recommends at least high-level representation from the following domains:
The CIO’s Office: This is in part to help with management issues, reporting, and budget, and also to speak with the Board of Directors. Gartner is seeing increasing interest in this topic from BoDs as the issue gains more visibility.
Data and Network Security: Both functions have asset protection requirements that are directly related to the regulatory compliance issues for data, access control, and governance.
Application Development: Changing cryptographic libraries is a complex task that affects application performance, security, and data protection. Because the new implementations are not drop-in replacements, performance and reliability can be an issue with new crypto libraries. This is especially the case in DevSecOps, where applications often undergo many rounds of performance optimization. Creating and using secure-by-design cryptographic replacement strategies to expedite adoption is a critical function.
Cryptography: While rare, some organizations have had individuals or small teams responsible for cryptography who should be centrally involved in the CCOE if not already part of the aforementioned teams.
Identity and Access Management: This includes key systems that depend heavily on changes to cryptography and digital signatures. Once it becomes possible to break existing digital signatures, attackers can use forged authentication tokens to access a wide variety of critical systems.
Regulatory and Compliance: While there are not many currently mandated compliance tasks, several jurisdictions are planning future-oriented requirements around PQC. PQC also has a direct impact on compliance with existing (industry) regulations for data protection, retention, and privacy.
Procurement: To the extent vendor risk management is not primarily associated with the CISO and/or CIO’s responsibilities, procurement and contract management must be involved to ensure a supply-chain-wide expansion of mitigating measures. This must simultaneously apply to existing vendor relationships and potential new ones.
Budgeting and operations: Without a discovery and inventory phase, it’s all but impossible to make a budget beyond the first year or so, but after this is completed, a strong, defensible budget is a must. See Justify, Build, and Launch a Postquantum Response for guidance.
Organizations that have successfully navigated previous large-scale technology transitions — such as Y2K or major regulatory shifts like GDPR — did so by creating empowered, cross-functional teams with clear mandates. In the same way, a CCOE is essential to avoid cryptographic chaos and build a quantum-safe future.
Case in Point: Y2K Lessons for Quantum Security
When organizations faced the Y2K challenge, success depended on creating empowered, cross-functional teams to coordinate action across business units and systems. A CCOE applies the same proven approach to quantum risk. By bringing together key stakeholders, optimizing scarce cryptographic expertise, and ensuring consistent action, a CCOE helps organizations avoid duplication, technical debt, and costly mistakes. Unlike Y2K, the exact “quantum deadline” is unknown, making a lasting, scalable CCOE even more critical for long-term resilience.
Source: Case in Point based on insights from Mark Horvath, VP Analyst, Gartner, and client presentations, 2025.
Identify Cryptographic Assets to Understand Risk
Most organizations underestimate the complexity and scope of their cryptographic footprint, often missing critical systems, legacy applications, disparate disconnected technologies, and third-party integrations. A comprehensive, current, and ongoing discovery and inventory initiative is essential for the CCOE to assess current cryptographic risk and establish long-term cryptography management as new PQC standards1 emerge and new data security risks appear. The inventory also serves as a burn-down list showing existing classical cryptography and new PQC-compliant systems as they come online.
What to include in your cryptographic inventory:
All IT and cyber-physical systems (CPS)
Cloud environments and SaaS applications
Custom and off-the-shelf software
Data stores, pipelines, and data security platforms
Vendor and supply chain integrations
IAM systems, including nonhuman identities.
Shadow IT, legacy systems, and unmanaged devices
Common pitfalls to avoid:
Focusing only on obvious or modern systems
Overlooking legacy, custom, or third-party components
Treating inventory as a one-time project instead of an ongoing process
Building and maintaining a cryptographic bill of materials (CBoM) gives organizations the visibility needed to prioritize upgrades, allocate resources, and demonstrate compliance. This can be done through a variety of cryptographic discovery/inventory tools, CMDBs, and even existing Application Security Testing tools that consume software bills of materials (SBOMs) and CBOMs. Without a complete and current inventory, critical data and processes remain exposed to quantum-enabled attacks.
Hidden cryptography is a hidden risk — what you can’t find, you can’t secure.
Centralize Cryptography Policies for Agility and Compliance
Fragmented enterprise key management policies (EKM) create confusion, slow down upgrades, and increase risk as organizations prepare for quantum threats. To avoid these pitfalls, leaders should move from scattered, ad hoc rules to a single, unified policy that sets clear standards across the enterprise.
The CCOE can centralize policies across the organization to help ensure every team follows the same requirements for algorithm selection, key life cycle management, data retention, and incident response. This unified approach also promotes crypto-agility, making it easier to adapt quickly when new vulnerabilities, standards, or regulations appear. The CCOE also provides consistency when upgrading to test new implementations of the PQC algorithms, allowing teams to move quickly with upgrades and testing.
It also provides a way to centralize development guidance for adding crypto-agility to existing systems. By sharing architectural plans, creating policies on libraries and implementations, and providing agreed-upon testing and acceptance procedures, the CCOE helps development teams avoid the problem of “reinventing the wheel” and reduces time to production. Include responsibility to track cryptanalysis claims, regulators, and standards bodies in the content of PQC and continually reflect this back in policies as required. Without crypto-agility, organizations risk being bombarded by hyperbole and competing claims around cryptography, process, and development. They end up being stuck with outdated algorithms or unable to respond to emerging threats, and remain without the needed repeatable process.
Examples of policies covered by the CCOE can include:
Deprecation dates for vulnerable algorithms,
Approval of PQC replacements and certificate management. Examples could include:
Mandated PQC security levels (incl AES)
Key elements of effective policy include:
Clear standards for approved algorithms and key lengths
Defined processes for cryptographic upgrades and deprecation
Requirements for inventory maintenance and regular reviews
Guidance for incident response, data retention, and compliance reporting
Lessons Learned: The Slow Retirement of SHA-1
When the SHA-1 cryptographic hash algorithm (once widely used for digital signatures and certificates) was found to be vulnerable, many organizations struggled to update their systems. Years after industry and regulatory warnings, a surprising number of websites and applications still relied on SHA-1, exposing themselves to avoidable risk and compliance failures. A lack of automation, centralized policy and inventory made it difficult to coordinate upgrades, resulting in last-minute scrambles and lingering vulnerabilities.
The lesson: centralized, agile cryptography policy is essential to avoid repeating history as quantum threats emerge.
Include Vendors and Partners in Quantum-Safe Planning
Many critical business systems depend on third-party software, cloud services, and supply chain partners, each with its own approach to cryptographic upgrades and independent cryptographic technologies, which often don’t easily integrate with each other. If vendors and partners are not prepared for quantum risk, your organization’s defenses may be undermined, regardless of your internal progress. The CCOE acts as a central point of management for its vendors with products that impact the organization’s cryptographic posture. This leads to a smoother, more consistent approach for onboarding vendors.
To reduce risk, organizations should:
Engage vendors, suppliers, and service providers early to understand their plans for postquantum cryptography (PQC) support — that is, their ability to upgrade products and services to use quantum-safe algorithms.
Request clear timelines for PQC support, and ask for cryptographic bills of materials (CBoMs) or equivalent documentation.
Align procurement and contract language with quantum-safe requirements to support future upgrades and potential new vendor engagements.
Monitor regulatory guidance and industry standards to ensure your entire value chain remains compliant.
Coordinating with external partners ensures that cryptographic upgrades are consistent, timely and effective across your ecosystem. Without this step, organizations risk leaving gaps that attackers or auditors could exploit as quantum threats evolve.
Your cryptography is only as strong as the weakest link in your supply chain.