Fast Facts
- Two executive orders signed June 22, 2026 tied the federal government to an accelerated post-quantum migration. Agencies must move key establishment to quantum-resistant algorithms and become quantum-ready by the end of 2030 and digital signatures by the end of 2031.
- The new rules reach beyond government. A planned change to federal contracting rules will require contractors to comply with NIST’s cryptographic standards by the end of 2030 — pulling many small and medium-sized businesses into the migration whether they expected it or not.
- Most smaller firms run commodity IT, so a large share of their migration will arrive through ordinary vendor updates. The work that remains is mostly knowing what you have, pressing vendors for timelines, and prioritizing what matters.
- The first concrete step costs little: a cryptographic inventory. You cannot migrate, prioritize, or prove compliance for cryptography you have never catalogued.
- Free, authoritative help exists. CISA, NIST, and the NSA publish step-by-step quantum-readiness guidance, inventory templates, and product lists, and most of it is written for organizations without in-house cryptographers.
For years, “quantum” and “quantum-ready” sat safely in the category of problems for later. The computers capable of breaking modern encryption did not exist, the standards were unfinished and the deadlines were vague. That reasoning no longer holds, according to many experts. In August 2024, the National Institute of Standards and Technology (NIST) finalized its first post-quantum encryption standards. In June 2026, the federal government attached hard dates to the transition to quantum-ready. The combination has converted a research topic into a project plan with a due date.
Large enterprises and federal agencies have teams for this, while small and medium-sized businesses generally do not. Many of these SMB have no one whose job title contains the word “cryptography,” and most learned about the new directives, if at all, from a headline. This quantum-ready guide is for them to cover what changed, why it reaches smaller organizations and what is a realistic sequence of steps that does not require a research budget or a security operations center.
What the New Directives Say
On June 22, 2026, President Trump signed two quantum-related executive orders. The first, “Ushering in the Next Frontier of Quantum Innovation,” is largely about offense: it directs an update to the National Quantum Strategy, launches a national effort to build a research-scale quantum computer for the Department of Energy, expands work on quantum sensors and networks, and directs the FBI and intelligence agencies to protect U.S. quantum research from foreign espionage.
The second order, “Securing the Nation Against Advanced Cryptographic Attacks,” is the one that matters most for businesses. It puts the Office of Management and Budget and the National Cyber Director in charge of an accelerated, nationwide migration to post-quantum cryptography (PQC). It sets two firm deadlines for federal agencies’ high-value systems: key establishment must move to quantum-resistant algorithms by December 31, 2030, and digital signatures by December 31, 2031. NIST, the Cybersecurity and Infrastructure Security Agency (CISA), and the NSA are tasked with supplying ongoing technical guidance, and the Commerce Department must run a working migration pilot on selected NIST systems by the end of 2027.
The administration’s technology officials described the change in plain terms: the order accelerates the migration timeline to 2031. Earlier policy had treated the transition as a 2035-era goal. The deadlines are now several years tighter, and they are written into a presidential directive rather than left to agency discretion.
Why This Reaches Small and Medium-Sized Businesses
The deadlines above apply to federal agencies, but the order does not stop at the government’s edge. It directs the agencies that write federal contracting rules to issue a regulation requiring contractors to comply with NIST’s Federal Information Processing Standards (FIPS) by the end of 2030, and to update their vulnerability disclosure programs to cover cryptographic weaknesses — including the use of non-approved algorithms and the absence of encryption where it should exist.
That single provision is how the migration reaches Main Street. The federal contracting base is full of small and mid-sized firms, and the requirement flows down supply chains. If you sell software, hardware, or services to a prime contractor, the prime will increasingly require quantum-ready actions from you. As one industry executive put it, organizations that have not begun a cryptographic inventory are already behind, and the ones that move now will have options rather than a crisis.
There are two other reasons not to wait, even for businesses that never touch a government contract. The first is regulatory gravity: critical-infrastructure operators in energy, water, transportation, finance, and similar sectors will be helped — and effectively pushed — toward PQC adoption plans by CISA and their sector regulators. Frameworks such as PCI DSS for payment data and HIPAA for health records are beginning to fold in quantum-safe expectations. The second is the harvest now, decrypt later problem: an adversary does not need a quantum computer today to threaten data today. They can intercept and store encrypted traffic now and decrypt it once the hardware matures. Any information that must stay confidential into the 2030s — contracts, health and financial records, trade secrets, long-lived credentials — is exposed the moment it crosses the wire, not at some future “Q-Day.”
Most of This Will Come Through Your Vendors
Before the to-do list, some perspective. The United Kingdom’s National Cyber Security Centre, in its migration-timeline guidance, makes a point that applies on both sides of the Atlantic: smaller organizations mostly run commodity technology — standard browsers, operating systems, mobile devices, and mainstream cloud services. They rarely build their own cryptographic systems. That means a large share of their migration will arrive automatically as those vendors ship post-quantum updates.
This is already happening. Apple added post-quantum protection to iMessage in 2024. Major browsers, cloud platforms, and VPN products now support the new algorithms, and large infrastructure providers such as Google and Cloudflare have set internal migration deadlines around 2029. For a typical small business, “migration” will look less like a cryptography project and more like disciplined patch management: keep software current, turn on the post-quantum options your vendors provide, and retire anything too old to receive them.
The work that genuinely belongs to you is narrower and more manageable: figure out where you rely on cryptography, find out which of your vendors have a credible plan and which do not, prioritize the data that cannot afford to leak, and stop introducing new quantum-vulnerable systems. The rest of this guide walks through that work in order.
Step One: Build a Cryptographic Inventory
Every credible framework — from CISA, NIST, and the NSA’s joint quantum-readiness factsheet to the migration playbooks published by large technology companies — starts in the same place: you cannot protect, prioritize, or replace cryptography you have not catalogued. An inventory is a descriptive record of where and how cryptography is used across your systems, applications, services, devices, and data flows.
What to look for. The quantum threat falls hardest on public-key (asymmetric) cryptography — RSA, elliptic-curve algorithms such as ECDSA and ECDH, and Diffie-Hellman key exchange. That is the math behind TLS handshakes, VPN tunnels, digital signatures, certificate chains, and SSH. Symmetric encryption is in far better shape: AES-256 and modern hash functions such as SHA-2 and SHA-3 remain quantum-resistant and do not need replacing. So the hunt is specifically for the asymmetric pieces.
Where it hides. TLS certificates on websites and internal services; VPN and firewall configurations; the certificate authority and code-signing keys you may have set up years ago; email and file encryption; authentication and identity systems; databases; and embedded or operational devices. The most commonly missed items are the long-lived, invisible ones — internal certificate authorities, code-signing certificates valid for a decade, and API keys that never rotate — precisely the high-value targets a harvester would prize.
How to record it. For a smaller organization, a structured spreadsheet is a legitimate starting point. Useful columns include the system or service, the cryptographic algorithm and key length in use, the certificate or key lifetime, the vendor responsible, how sensitive the protected data is, and how long that data must stay confidential. Larger or more technical firms can graduate to a
formal cryptographic bill of materials (CBOM) — an ingredient list of the cryptography inside a system. CISA is releasing public guidance on constructing one. The PQC Coalition’s free PQC Inventory Workbook offers a ready-made template, and open-source scanners such as sslscan, Anvil Secure’s pqcscan, and GitHub’s CodeQL queries can automate parts of the discovery. NIST’s National Cybersecurity Center of Excellence runs an ongoing Migration to PQC project documenting how these discovery tools perform.
Set expectations on timing. In large enterprises, discovery alone often runs for months because of the sheer number of systems and the blind spots in older equipment. For a small business with commodity IT, the first useful pass can be done in days to a few weeks. The goal of the first pass is not perfection; it is a defensible map you can act on and refine.
Step Two: Assess Risk and Set Priorities
An inventory becomes a plan when you rank what it contains. Three questions drive the ranking: How sensitive is the data this system protects? How long must it stay confidential? And how exposed is it to interception? Data that becomes worthless in a year carries far less harvest-now-decrypt-later risk than information that must remain secret for a decade.
As a rule of thumb, the highest priority is long-lived secrets protected by public-key cryptography: internal certificate authorities, code-signing keys, root credentials, and any archive of sensitive records. Public-facing TLS certificates with short lifetimes are a lower-urgency tier, because they rotate frequently. Ephemeral session keys are lower still. Tools such as vendor and NIST risk-scoring models can help, but the underlying logic is simple enough to apply by hand.
Two practices belong in this phase. First, hybrid cryptography — running a classical algorithm and a post-quantum one together so that both must be broken to compromise security — is the recommended way to transition without betting everything on a brand-new algorithm. Second, crypto-agility: the ability to swap algorithms without rebuilding entire systems. NIST urges organizations to require it in new purchases. The cheapest migration is the one you design for before you buy, so make post-quantum readiness a line item in procurement now.
Step Three: Form a Team and Name an Owner
Post-quantum migration fails most often not for technical reasons but organizational ones — when it is treated as “the security team’s problem” and no one owns it end to end. The consistent advice across federal and industry guidance is to name a single accountable lead and back them with a small cross-functional group.
The federal orders institutionalize this by requiring each agency to designate a PQC migration lead who reports to the chief information officer and owns the cryptographic inventory and migration plan. A small business should borrow the concept at its own scale. The lead does not need to be a cryptographer; the more important qualities are project-management discipline and enough technical fluency to coordinate IT, vendors, and leadership. In many firms this will be the head of IT, a senior systems administrator, or a managed-service provider acting on the company’s behalf.
Who else belongs in the room. Whoever administers your networks, servers, and endpoints; whoever owns identity and authentication; someone who understands compliance and contractual obligations; someone who speaks for the business units that depend on the affected systems; and, critically, your key vendors and your procurement function. An executive sponsor with authority to fund and prioritize the work keeps it from stalling.
Scale matters because, for instance, a Fortune 500 blueprint might call for a dedicated cryptography-engineering team of five to fifteen people plus migration pods in every business unit. A widely cited enterprise framework notes that a single-product software firm may need only ten to twenty percent of those resources. For a genuinely small business, the “team” may be one part-time lead, an IT partner, and a recurring calendar reminder to check vendor progress. That is enough to begin.
What Expertise You Will Need
Smaller organizations almost never have specialist cryptographers, and for the most part they do not need to hire them. The skills the work actually demands are these: asset and network discovery (knowing where your systems and certificates live); certificate and key lifecycle management; vendor and contract management, since much of the migration is about holding suppliers to their timelines; and general project management to keep a multi-quarter effort moving.
Where deeper expertise is required — designing a hybrid scheme, validating a tricky embedded system, or interpreting compliance language — the practical answer for most small and mid-sized firms is to bring it in. Managed security service providers, the major cloud and security vendors, and specialist consultancies now offer PQC discovery and migration services. Deferring the hire is reasonable; deferring the inventory is not, because the inventory is what tells you whether you need outside help at all. Industry practitioners warn that firms which wait will pay more and may struggle to find expert help, as demand for a thin pool of specialists rises toward the deadlines.
How Long It Takes
Honesty helps here. NIST and others note that past cryptographic transitions, such as the move from SHA-1 to SHA-2, or from 1024-bit to 2048-bit RSA, took ten to twenty years across large infrastructure, and the post-quantum shift is broader because every public-key algorithm must eventually be replaced, not just one. That is why agencies and major providers are starting now to hit 2030 and 2031 dates.
For a small or medium-sized business, the curve is gentler but the calendar is the same. A reasonable shape is: an initial inventory and risk assessment in the first few weeks to a few months; a prioritized plan and updated procurement standards within the first year; and a phased rollout — vendor updates first, your own highest-risk systems next, everything else behind them — over the following few years. The headline federal deadlines are the end of 2030 for key establishment and the end of 2031 for digital signatures; treating those as your own planning horizon, even if you are not directly bound by them, keeps you aligned with the vendors and partners you depend on.
Where to Go for Help
Most of the best resources are free and written for non-specialists. A short starting list:
- CISA’s Post-Quantum Cryptography Initiative — the U.S. government’s central hub, including the joint CISA/NSA/NIST quantum-readiness factsheet and a roadmap aimed at organizations beginning from zero.
- “Quantum-Readiness: Migration to Post-Quantum Cryptography” — the joint factsheet’s step-by-step recommendations for a readiness roadmap, a cryptographic inventory, and supply-chain assessment.
- NIST’s post-quantum standards and migration project — the algorithms themselves: ML-KEM (FIPS 203) for key exchange, ML-DSA (FIPS 204) and SLH-DSA (FIPS 205) for digital signatures, with FN-DSA and HQC following. NIST’s NCCoE also publishes hands-on discovery and inventory guidance.
- CISA’s Product Categories for Technologies That Use Post-Quantum Cryptography Standards (first published January 2026) — a list of product types, such as cloud services, networking, and endpoint security, where PQC-capable options are already widely available. Useful for steering purchases.
- The PQC Coalition’s PQC Inventory Workbook — a free, ready-made template for tracking cryptographic assets at the system level.
- Sector-specific groups — for example, the Financial Services Information Sharing and Analysis Center (FS-ISAC) publishes crypto-agility guidance for finance, and the Cloud Security Alliance offers a general quantum-readiness guide. If your industry has an information-sharing organization, it likely has tailored material.
- Your existing vendors and IT partners — ask each major supplier two questions: Do your products support the NIST post-quantum standards today, and what is your timeline for full migration? Their answers feed directly into your inventory and your risk ranking, and a vendor without a credible plan is itself a finding.
Finally, here are some steps to avoid. Practitioners describe a handful of recurring errors. The first is waiting for certainty — assuming Q-Day is far enough away that the migration window will somehow compress to fit later. Every credible forecast points the other way, and harvest-now-decrypt-later means some data is at risk already. The second is migrating the visible systems (public websites) while missing the invisible ones (internal certificate authorities and code-signing keys), which are the higher-value targets. The third is adding post-quantum algorithms without disabling the old ones, which leaves the door open to downgrade attacks. And the fourth is adopting vendor-proprietary “quantum-safe” schemes instead of the standardized NIST algorithms, a temptation worth resisting in favor of the published, peer-reviewed standards.
