Post-Quantum Cryptography: How Governments Worldwide Are Shaping the Transition Ahead
Governments around the world are accelerating action on post-quantum cryptography (PQC), driven by growing recognition that migrating from today’s cryptography is a multi-year effort.
The risk of “harvest now, decrypt later,” where sensitive data intercepted today may be decrypted in the future, has shifted from a theoretical concern to a strategic policy issue. This is particularly true for government institutions, critical infrastructure entities, and organizations holding long-lived or highly sensitive data.
As a result, 2026 is emerging as a clear inflection point. Across multiple jurisdictions, regulators are moving beyond non-binding guidance toward enforceable expectations, expressed through planning, governance, procurement requirements, and supervisory oversight. While legal frameworks and timelines differ, the direction is consistent: organizations are expected to understand their cryptographic exposure and demonstrate a credible path toward post-quantum resilience.
Global PQC Requirements: Shared Expectations Across Governments
Government action on post-quantum cryptography varies in form, ranging from binding mandates for government and national security systems to policy frameworks, technical standards, and supervisory guidance, often enforced through procurement requirements, audits, and regulatory oversight. Across these models, the emphasis is on preparation and coordination rather than rushed, near-term deadlines.
Despite differences in legal frameworks, expectations are converging. Organizations are increasingly expected to establish cryptographic visibility through discovery and inventory, identify long-lived and sensitive data, develop formal PQC transition plans, and adopt cryptographic agility. Vendor and supply-chain readiness is also becoming a core requirement, with reporting or attestation beginning to emerge in some sectors.
This alignment is reinforced through multilateral coordination. For example, the G7 Cyber Expert Group’s recent roadmap, which frames PQC as a systemic resilience issue for the financial sector, reflects a broader global shift toward early preparation and standards alignment rather than rushed execution. A similar approach is now visible in national strategies well beyond the G7.
How This Plays Out Across Regions
United States: From Guidance to Binding Federal Mandates
In the United States, the transition to post-quantum cryptography has unfolded in deliberate phases, moving from strategy and standards into binding operational and procurement requirements. What began as a planning exercise is now shaping how federal agencies buy, design, and modernize systems.
The groundwork was laid in 2022, when the Office of Management and Budget issued OMB Memorandum M-23-02, directing federal agencies to inventory their cryptographic systems and prepare for migration away from quantum-vulnerable algorithms. This made cryptographic visibility a formal federal requirement rather than a best practice.
In 2024, that planning phase accelerated. The White House published its Report on Post-Quantum Cryptography under National Security Memorandum-10, confirming that inventory, cost modeling, and migration planning were active workstreams across agencies. In parallel, the National Institute of Standards and Technology finalized its first post-quantum cryptography standards (FIPS 203, 204, and 205), largely settling algorithm selection and shifting focus toward execution.
By 2025, the U.S. government began moving from preparation to execution. The National Security Agency, through the Committee on National Security Systems, released CNSS Policy 15, anchoring post-quantum algorithms into national security systems. Shortly after, NSA published CNSA 2.0, establishing concrete expectations and timelines for vendors, cloud providers, and operators supporting national security workloads.
That same year, the Department of Defense issued operational guidance requiring defense components to identify and continuously track cryptographic usage across business systems, cloud infrastructure, mobile devices, and IoT, reinforcing cryptographic inventory as an ongoing readiness metric.
The most decisive shift came in June 2025, when the White House directed the Department of Homeland Security to identify technology product categories where post-quantum cryptography was commercially mature. This marked the move from policy into procurement. That directive culminated in January 2026, when the Cybersecurity and Infrastructure Security Agency issued federal buying guidance identifying product categories expected to support post-quantum cryptography, signaling to vendors that PQC readiness is increasingly treated as non-optional in the federal market.
Taken together, the U.S. approach shows a clear progression: standards (2024), mandates and timelines (2025), and procurement enforcement (2026).
European Union: Coordinated Readiness Without a Single Mandate
The European Union has taken a coordinated policy approach rather than imposing a single binding mandate. PQC adoption is being driven through alignment across Member States, supported by European Commission roadmaps and ENISA guidance, with the goal of avoiding fragmentation across the Single Market.
The EU’s public transition arc began in April 2024, when the European Commission issued a formal recommendation urging Member States to develop coordinated national implementation roadmaps for post-quantum cryptography. This was followed by the establishment of a dedicated PQC workstream within the NIS Cooperation Group to align sequencing and risk-based prioritization.
The approach became more concrete in June 2025, when the Commission and Member States published the first roadmap deliverable. This introduced explicit milestones: initial national strategies by the end of 2026, transition of high-risk and critical infrastructure systems by 2030, and completion of the long tail of systems by 2035 where practically feasible.
Importantly, PQC is not treated as a standalone cryptography program. It is positioned as part of broader cyber risk management and compliance, explicitly linked to frameworks such as NIS2 and financial-sector resilience requirements.
In practice, this means EU organizations should expect PQC readiness to surface through national implementation, procurement, audits, and sectoral supervision, even without a single EU-wide “PQC law.” By 2026, preparedness is expected to be demonstrable; by 2030, critical systems should be migrated; and by 2035, most remaining systems should follow.
United Kingdom: Supervisory Pressure Over Legislation
The National Cyber Security Centre has positioned PQC as a long-term national resilience issue and published a coordinated roadmap extending to 2035.
The transition is structured in clear phases: by 2026, organizations across government, financial services, and critical national infrastructure are expected to have completed cryptographic discovery, inventory, and dependency mapping, with formal transition plans in place; from 2026 to 2029, the focus shifts to early execution, including vendor alignment and hybrid deployments; and from 2030 to 2035, wider migration is expected as implementations mature.
While the guidance is not legally binding, PQC readiness is increasingly treated as a supervisory benchmark within broader cyber resilience and operational risk oversight.
Canada: Planning and Reporting as Formal Obligations
Canada has published a formal, time-bound roadmap for migrating federal non-classified IT systems to post-quantum cryptography. Federal departments must submit initial PQC transition plans by April 2026, report progress annually, complete migration of high-priority systems by 2031, and transition remaining systems by 2035.
Although these requirements apply directly to federal systems, they are already shaping expectations for suppliers, cloud providers, and organizations operating within the federal ecosystem, aligning Canada’s trajectory closely with those of the United States and the United Kingdom.
Australia: Readiness First, Migration Next
Australia is moving steadily from guidance toward more formalized expectations, primarily for government systems. National cybersecurity authorities have made clear that classical asymmetric cryptography will need to be replaced over time, with a target horizon around 2030. The near-term focus remains on readiness, including inventories, planning, and governance.
Japan: Coordinated Transition Aligned to 2035
Japan’s post-quantum transition is coordinated around a national 2035 target and anchored in technical standards defined through CRYPTREC. From 2026 through the late 2020s, agencies are expected to move from planning into early execution, including upgrades for higher-risk environments, hybrid classical–post-quantum approaches, and cryptographic agility.
Into the early 2030s, broader migration of priority systems is expected as implementations mature, with the approach designed to cascade into critical infrastructure operators and public-sector suppliers through procurement and technical alignment.
United Arab Emirates: Early Move From Policy to Execution
The UAE has moved early from awareness into structured preparation for post-quantum cryptography. In 2025, it approved a National Encryption Policy and executive regulation requiring government entities to develop clear, officially approved transition plans, with cryptographic discovery, inventory, and risk assessment as prerequisites.
In 2026, compliance-critical entities are expected to formalize migration plans and prioritize higher-risk systems, with phased oversight rather than immediate full migration. In practice, procurement and regulatory alignment are already shaping market behavior, with PQC readiness increasingly influencing eligibility for public-sector and regulated-sector opportunities.
GCC and Jordan: Sector-Led Momentum
Across the wider GCC, approaches vary, but the direction is consistent. Saudi Arabia enforces strong cryptographic hygiene through national controls and standards, while Qatar, Kuwait, Bahrain, and Oman are embedding quantum risk into broader cybersecurity modernization efforts.
Jordan offers a clear example of sector-specific leadership. In January, the Central Bank of Jordan published a roadmap for transitioning the banking sector to quantum-resistant encryption, framing PQC as a resilience and governance issue for national financial infrastructure.
What This Means for Organizations in 2026
Taken together, these signals point to a clear shift. Governments are not demanding immediate, universal migration to post-quantum cryptography, but they are moving decisively past awareness. In 2026, preparedness is expected to be visible and defensible.
At a minimum, organizations should now be able to demonstrate:
- Cryptographic visibility across applications, infrastructure, cloud services, and connected devices
- Risk-based transition plans aligned to data sensitivity and system criticality
- Active vendor engagement and clarity on PQC and crypto-agility roadmaps
- Early execution, such as pilots, hybrid deployments, or prioritized system upgrades
Post-quantum readiness is increasingly showing up in procurement decisions, architecture reviews, audits, and supervisory discussions, even where formal migration deadlines are years away.
The organizations best positioned for this transition are those treating PQC as an ongoing capability, not a one-off upgrade. That starts with visibility. Without understanding where cryptography is used and how it is embedded across systems and suppliers, effective migration isn’t possible.
As governments continue translating policy signals into operational expectations, the gap between prepared and reactive organizations will widen. The global transition to post-quantum cryptography is underway, and 2026 is the year when readiness becomes measurable, defensible, and increasingly required.
This is what QuantumGate addresses. As 2026 emerges as the year organizations are expected to complete cryptographic discovery, QuantumGate focuses on enabling that visibility through its Crypto Discovery Tool, giving entities a clear, defensible view of where cryptography is used and which systems are exposed. That foundation supports structured post-quantum transition planning and the adoption of quantum-resilient and hybrid cryptography, with crypto agility as a core design principle.