Quantum-safe encryption and PQC migration: what IAM teams need now

TL;DR: As governments, regulators, and analysts push post-quantum cryptography timelines toward 2030, organisations are being forced to redesign encryption across existing networks rather than waiting for cryptographically relevant quantum computers to arrive, according to SSH Communications Security. The strategic issue is crypto-agility, because migration paths that preserve compatibility while reducing future decryption risk will determine how quickly security teams can move.

NHIMG editorial — based on content published by SSH Communications Security: quantum-safe encryption and post-quantum cryptography migration

By the numbers:

• Key industries such as finance, healthcare, telecommunications, and critical infrastructure are expected to have completed the PQC transition by 2030.

Questions worth separating out

Q: How should organisations start migrating to post-quantum cryptography without replacing everything at once?

A: Start with the links that carry long-lived sensitive data and high-value administrative traffic, then use hybrid cryptography where classical and post-quantum methods can coexist.

Q: Why do quantum-safe encryption projects matter to IAM and NHI teams?

A: Because identity assurance depends on the confidentiality and integrity of the sessions that carry authentication, delegation, and service-to-service trust.

Q: What breaks if organisations delay crypto-agility until quantum computing is mature?

A: Fixed cryptographic dependencies become a governance problem because systems, devices, and applications will still need to support multiple algorithms during migration.

Practitioner guidance

• Inventory long-confidentiality traffic paths Identify the data flows that must remain confidential for years, including intellectual property, regulated records, and privileged machine communications, then rank them for PQC migration first.
• Prioritise hybrid cryptography for transition zones Use hybrid exchanges where classical and post-quantum algorithms can operate together, especially on links that must stay compatible with current infrastructure while standards stabilise.
• Test encryption throughput before broad rollout Measure latency, port density, and encrypted throughput under realistic east-west and routed traffic loads so performance limits do not force exceptions later.

What's in the full article

SSH Communications Security's full article covers the operational detail this post intentionally leaves for the source:

• Hybrid cryptography examples using ML-KEM, FrodoKEM, ECDH, and FFDHE in the same exchange.
• How to think about Layer 2 and Layer 3 encryption placement across data centres, branches, and routed networks.
• The performance implications of 100-gigabit interfaces, latency, and high port density for PQC rollout.
• Why crypto-agility matters when software upgrades must preserve compatibility across mixed infrastructure.

👉 Read SSH Communications Security's analysis of quantum-safe encryption and PQC migration →

Quantum-safe encryption and PQC migration: what IAM teams need now?

Explore further

View Full Forum →  |  NHI Foundation Course →