A Journey Guide to Postquantum Readiness

13 March 2026 - ID G00843746 - 13 min read
By Sarah Almond, Mark Horvath
Cybersecurity leaders responsible for postquantum programs are on a journey to understand the quantum computing threat, the related timeline and how to mitigate postquantum cryptography risk. This guide assists leaders in how to map that journey and achieve postquantum readiness.

Strategic Planning Assumption

By 2030, advances in quantum computing will make conventional asymmetric cryptography unsafe to use.

Analysis

In less than five years, most of today’s cryptographic algorithms, which are used extensively and increasingly to protect data and applications, will be deprecated as a result of the quantum computing threat.
Cybersecurity leaders have very little time to respond to this threat and migrate to postquantum cryptography (PQC) or other resilient methods, given the complexity involved, the immediate risk of “harvest now, decrypt later” (HNDL), and the legacy of protracted algorithm migrations from previously deprecated algorithms. But responding to these threats also provides an opportunity to resolve existing cryptographic debt and modernize the way cryptography is implemented and managed, in the name of postquantum safety.
Cybersecurity leaders must start now to build visibility of their cryptographic usage and prioritize crypto-agility to support migration to PQC and ensure seamless cryptographic transitions that can be recreated over time. Crypto-agility will be critical for resilience against new attack vectors as they emerge, as well as supporting more frequent cryptographic asset change and the adoption of more efficient algorithms as they are developed.
The journey guide in Table 1 outlines the critical steps to take on your postquantum readiness journey:
A Journey Guide to Postquantum Readiness: Click Links to Jump to Profiles

A Journey Guide to Postquantum Readiness

Step 1: Gain Foresight and Get Grounded
Step 2: Build the Value Case and Gain Executive Buy-In
Step 3: Execute and Implement
Step 4: Scale Up and Manage Change
What are quantum computers and what threat do they pose?
How do I justify a postquantum project for a quantum threat that feels years away?
What are the key stages of a postquantum program?
Who must collaborate to deliver postquantum migration consistently across my organization?
What timeline should we work to for postquantum readiness?
How can I secure investment for a postquantum response?
How do I build cryptographic visibility to understand my postquantum exposure?
How can I be more crypto-agile and make change more seamless and repeatable?
What changes should I make to internal policies and standards to reflect the quantum threat?
Can I rely on vendors for postquantum upgrades and will they be ready in time?
What cryptography use cases should I prioritize for postquantum migration and how should I execute?
Source: Gartner (March 2026)

Research Highlights

Some recommended content may not be available as part of your current Gartner subscription.

Step 1: Gain Foresight and Get Grounded

What are quantum computers and what threat do they pose?

Back to Top
Quantum computers are a specialty computing platform that does some specific kinds of computing that classical systems are not capable of addressing. They are currently used for various kinds of optimization and physical science research and development problems.
One of the concerns about the rise of quantum computers is their ability to enable key breaking for the asymmetric cryptography in use today. This is prompting the need for PQC, or cryptography that a quantum computer cannot break, as a replacement. To achieve postquantum readiness, perform complete migration of all quantum-vulnerable algorithms to PQC alternatives. Note that PQC implementation does not require access to a quantum computer.

What timeline should we work to for postquantum readiness?

Back to Top
Cybersecurity leaders must start planning now and migrate to PQC by 2030.
Standards and commercial quantum computing progress are moving quickly, with quantum computers now on their way to commercial viability before the end of the decade. State actors, unburdened by the rigors of scientific peer review and with limitless budgets, will achieve a cryptographically relevant quantum computer two or three years ahead of the commercial market. Meanwhile, availability and adoption of PQC is growing to allow mitigation of the risk.
Start planning migration now to address the immediate risk of HNDL and ensure sufficient time for all migration efforts. Make it a priority to achieve readiness by 2030 to avoid existential risk to your business while aligning with industry standards and regional guidance.

What changes should I make to internal policies and standards to reflect the quantum threat?

Back to Top
Update cryptography policy to define the adoption path for PQC and the timely depreciation of vulnerable algorithms. Include the following requirements:
  • Timelines for deprecating RSA, DH, ECC, and other legacy methods that are vulnerable to postquantum (e.g., 3DES).
  • Timelines for adopting PQC and any related conditions (e.g., only in hybrid modes).
  • Security categories or similar minimum parameter sets.
  • Overall strategy for hybrid migration versus pure PQC usage.
  • Overall strategy for leveraging PQC versus quantum key distribution and other related or novel techniques (e.g., photonic layer protection, one-time pad, fully homomorphic encryption, multiparty computation, etc.).
  • Timelines by which vendors must meet postquantum readiness assessment criteria.
  • Requirements for a cryptographic inventory.
  • Requirements for crypto-agility and the ability to migrate algorithms over time.
Enforce policy through automation where possible, to facilitate compliance by design and crypto-agility (see How can I be more crypto-agile and make change more seamless and repeatable?).

Step 2: Build the Value Case and Gain Executive Buy-In

How do I justify a postquantum project for a quantum threat that feels years away?

Back to Top
Use a combination of factors based on risk, benefits, and the quantum timeline to establish urgency and gain sponsorship for a postquantum program. Use arguments that will resonate most with senior leadership in your organization.
Risk-based recommendations:
  • Educate on the quantum computing threat.
  • Highlight the immediacy of HNDL.
  • Communicate the business risk of inaction.
  • Use pilot discovery data to make the impact real.
Benefits-based recommendations:
  • Demonstrate the benefits of strategic postquantum program deliverables like improving crypto-agility.
  • Align with high-priority problems that are already sponsored (such as exposure management).
  • Align elements of the response with existing business objectives (such as crypto-agility providing operational efficiencies).
  • Equate early action with cost savings.
Timeline-based recommendations:
  • Track quantum progress and work back from Q-day estimates to drive prioritization.
  • Emphasize the multiyear migration time required.
  • Relate to previous migrations and their extended timelines.
  • Reference relevant industry mandates and milestones.
Do not delay progress on key readiness steps while sponsorship is garnered (see following sections). It is possible to build momentum toward the goal of postquantum readiness while funding is agreed and, in some cases, the steps themselves can help to frame the funding requirement (e.g., building cryptographic visibility and assessing vendor readiness to support planning).

How can I secure investment for a postquantum response?

Back to Top
Migrating to PQC is a strategic imperative and requires a multiyear program to assess exposure, research PQC solutions, and implement them. Successful execution of the postquantum program requires investment, cross-functional collaboration and structured allocation of time and resources. Without formal support, there is a risk of underfunding and inadequate implementation.
Focus on the following for success:
  • Justify the program to secure endorsements from key stakeholders and ensure the necessary financial commitment (see How do I justify a project to address a threat that feels years away?).
  • Collaborate with finance partners to create a realistic financial forecast for PQC migration.
  • Synchronize PQC response plans with organizational budget cycles and prepare for multiple reforecasts throughout the year to achieve continued funding.
  • Create a forecast with both short- and long-term time frames, including an initial short-term deliverable to assess the scale of the task to deliver the postquantum program. Longer-term program delivery should be further broken into smaller deliverables.
  • Establish clear objectives and related metrics to ensure effective collaboration with finance partners on PQC forecasts and analysis.
  • Account for a variety of cost types and thresholds within the cost analysis process. Examine both tangible costs (such as staff costs, expenses for tools, and ongoing maintenance costs) and intangible costs (such as migration-related downtime or opportunity costs).
  • Invest in the right mix of out-of-the-box and customized tools.

Step 3: Execute and Implement

What are the key stages of a postquantum program?

Back to Top

A postquantum program is made up of the following key tasks. These should be completed in parallel or iteratively to prevent delay.
  • Initialize a formal project: The postquantum program will be a multiyear, cross-functional effort that requires formal support. As such, it should be built into cyber strategy and have a formal project created.
  • Monitor the postquantum landscape: The postquantum program should monitor the postquantum landscape, tracking quantum computing progress, mandates from standards bodies and regulators, and the postquantum readiness of vendors and third-party partners. This should influence the high-level program roadmap.
  • Prepare for postquantum migration: In order to migrate to PQC, you must set policy for PQC adoption and build visibility of the use cases to migrate. Invest in discovery, inventory and risk assessment tooling to build cryptographic visibility and prioritize the migration roadmap for specific use cases. Amend risk registers and compromise plans with the quantum computing threat in mind.
  • Execute postquantum migration: These are the steps that move you toward postquantum readiness, including system upgrades, experimentation, and improvements to crypto-agility, before production migration to PQC.

How do I build cryptographic visibility to understand postquantum exposure?

Back to Top
To build continuous cryptographic visibility, understand postquantum exposure, create a prioritized quantum threat remediation roadmap, and facilitate ongoing management of cryptographic vulnerabilities, apply the following strategies:
  • Build an inventory of cryptographic assets (including keys, certificates, protocols, and libraries) to discover current versions, expose vulnerabilities, and facilitate remediation.
  • Use multiple cryptographic discovery types to populate and increase the accuracy of the inventory, e.g., endpoint scans, network scans, and application testing (a bottom-up approach).
  • Don’t rely solely on discovery to build and maintain the inventory in the long term. Address inventory at source so that new assets are added to the inventory when implemented, and discovery becomes more relevant to exceptions rather than the primary method for inventory additions (a top-down approach).
  • Integrate cryptographic discovery with existing and complementary operating models and tools to limit the financial and operational support required for new cryptographic assessment capabilities.
  • Embed cryptographic discovery into ongoing operations and compliance reporting to enable sustainable maintenance over time and demonstrate progress.
  • Enrich the cryptographic asset data to support risk assessment and determine both the related business impact and any third-party dependencies, from which a prioritized remediation roadmap can be created. Utilize integrations with your configuration management database, IT service management tools, and other relevant systems to establish this lineage.
  • Do not attempt to discover everything at once, particularly in large and complex environments; take a phased approach to discovery based on the business criticality of the systems. Aim to maximize discovery coverage based on risk.
  • Use a well-scoped discovery pilot as proof of value to aid in discovery toolset evaluation.
  • Allocate at least 12 months for cryptographic discovery of critical systems and expect a significant number of assets to be discovered.
Do not wait for the perfect inventory before taking remediation action; take an iterative approach that allows you to build visibility and remediate in parallel.

Can I rely on vendors for postquantum upgrades and will they be ready in time?

Back to Top
Much of your cryptography will be part of a vendor product or service. In many cases, the vendor will be responsible for delivering an upgrade, but you must also perform the upgrade and related reconfiguration. In other cases, e.g., applications that have been developed in-house or legacy technology for which there is no easy upgrade path, the onus will be on you to define and provide an upgrade path.
Ask existing vendors now about their postquantum roadmaps as a simple task to kick-start the readiness process and develop tangible upgrade plans. Assess prospective vendor roadmaps during evaluations to champion long-term postquantum readiness. For vendors advertising postquantum readiness, use ongoing visibility capabilities to validate this. Do not interpret any vendor’s lack of plans as a lack of urgency; urgency remains.

What cryptography use cases should I prioritize for postquantum migration and how should I execute?

Back to Top
Prioritize based on the HNDL risk, data sensitivity, data/system lifetime, system criticality, system vulnerability, and time required to migrate. Additionally, prioritize low-complexity use cases that can quickly achieve postquantum readiness without significant overhead or disruption. Tackle key encapsulation migrations over signature migrations to remediate the HNDL risk, prioritizing communications that traverse public or shared networks. Align postquantum migration with related strategic initiatives such as “security first,” “zero trust,” or “defense in depth” endeavors, rather than delivering migration as an isolated, ad hoc project.

Develop phased timelines for PQC migration with structured milestones, sequenced upgrades, and coordinated execution, based on inventory insights and the availability of postquantum-ready system versions. Experiment first, starting small and then scaling.

For COTS applications and infrastructure, collaborate with vendors to implement the necessary PQC upgrades and reconfigurations (see Can I just rely on my vendors to upgrade to PQC and will they be ready in time?). For internally developed applications, there may still be dependencies on underlying vendor technology, as well as a need to redevelop and test with PQC, ideally delivered via crypto-agile methodologies (see How can I be more crypto-agile and make change more seamless and repeatable?). Legacy systems for which there is no easy PQC upgrade must be encapsulated, retired, or refactored.
PQC is not a drop-in replacement for current methods, so expect interoperability and performance issues, and use this time to understand the challenges and overcome them before the quantum threat is realized. This is also an opportunity to tackle cryptographic debt (e.g., migrating to TLS 1.3). Use hybrid techniques for backward compatibility and defense in depth, but ensure this is paired with crypto-agility for future migrations (see How can I be more crypto-agile and make change more seamless and repeatable?).
Track delivery using clear, quantitative measures, such as percentage of assets migrated per workstream category.

Step 4: Scale Up and Manage Change

Who must collaborate to deliver postquantum migration consistently across my organization?

Back to Top
Create a cross-functional cryptographic center of excellence (CCOE) with clear mandates to ensure consistent and strategic quantum threat remediation across the organization. This prevents a piecemeal approach, where inconsistent inputs lead to inconsistent outcomes and cause more issues to resolve later.
Pull together a small number of strategic thinkers and complex problem solvers from across the organization, drawing from practitioners with expertise in data security, network security, infrastructure security, endpoint security, application security, development, identity and access management, cryptography, risk and compliance, procurement, and/or budgeting.
Empower the CCOE to monitor the quantum computing threat, set policy, maintain cryptographic visibility, define agile architectures, and manage stakeholders.

How can I be more crypto-agile and make change more seamless and repeatable?

Back to Top
Use the following strategies to support crypto-agility:
  • Vendor layer: Favor standards-based solutions that promote interoperability between systems.
  • Feature layer: Target field-upgradable solutions and those that provide seamless upgrade capabilities.
  • Data layer: Design and maintain flexibility within data schemas to support varying key and ciphertext sizes.
  • Algorithm layer: Adopt parameterized and policy-based implementation of algorithms and keys.
  • Key layer: Implement life cycle automation capabilities for seamless key and certificate change.
Crypto-agility should be prioritized as the threat landscape will continue to evolve and the cryptographic algorithm landscape is becoming increasingly dynamic meaning algorithm migration will not be a one-time exercise.
Efficiency improvements to the implementation and management of cryptography will benefit most organizations, regardless of the quantum threat, especially as the use of cryptography continues to increase in support of strategies like zero-trust and continuous encryption.