The mathematics that secures your organization’s data today was designed for a world without quantum computers. That world is ending. NIST published its first post-quantum cryptography standards in August 2024. Cloudflare reported in April 2026 that more than 65% of human web traffic through its network already uses post-quantum methods. IBM and Google have both set internal deadlines of 2029 for completing their own migrations. The transition is not on the horizon — it is underway.
For cybersecurity professionals, that creates both a skills gap and a career opportunity. Organizations need people who understand not just what post-quantum cryptography (PQC) is, but how to conduct a cryptographic inventory, evaluate algorithm trade-offs, prioritize migration timelines, and translate technical risk into executive language. That expertise doesn’t come from a weekend read. It comes from structured education.
This guide catalogs the most relevant degrees, graduate certificates, professional certifications, and self-paced courses currently available — from doctoral-level academic programs to 30-minute primers you can complete this afternoon. Whether you’re building a multi-year learning plan or preparing your team for an immediate cryptographic audit, there is a place to start.
Why PQC Skills Matter Right Now
The most counterintuitive aspect of the quantum threat is that it doesn’t require a powerful quantum computer to exist today. The “harvest now, decrypt later” (HNDL) strategy means adversaries — almost certainly including nation-state intelligence agencies — are already collecting encrypted data and storing it, waiting for quantum computing to mature enough to crack it. Any data your organization handles today that must remain confidential into the 2030s may already be at risk.
Cryptographic migrations are also historically slow. The shift from SHA-1 to SHA-2 took over a decade. Moving from 1024-bit to 2048-bit RSA required years of coordinated industry effort. PQC migration is considered more complex than either. Organizations that wait for quantum computers to become publicly threatening before beginning their transition will almost certainly have waited too long. The NSA has already mandated quantum-resistant algorithms for national security systems under CNSA 2.0, with full quantum resistance targeted by 2035.
Building internal PQC expertise now — through formal education, professional certifications, or structured self-study — gives organizations the lead time they need. The programs below represent the field as it stands in mid-2026.
Academic Programs: Degrees and Graduate Certificates
For professionals seeking deep theoretical grounding or research-level expertise, several universities now offer programs with significant PQC content. These are best suited for those building long-term careers in cryptographic research, government security roles, or senior technical leadership.
Dakota State University — Graduate Certificate in Quantum Computing for Cybersecurity
One of the most directly relevant U.S. academic credentials for cybersecurity practitioners. This 12-credit graduate certificate from Dakota State University covers quantum computing’s impact on cybersecurity, including post-quantum encryption and quantum cryptography. The program is designed specifically for STEM professionals already working in the field, with the goal of preparing graduates to analyze and develop cryptographic solutions resilient against quantum attacks. DSU has also established a Center for Quantum Information Science and Technology, giving the program institutional depth beyond a standalone course listing.
- Format: Online
- Credits: 12
- Best for: Practicing cybersecurity professionals seeking formal credentials without a full master’s program
University of Maryland — Graduate Certificate in Quantum Computing
UMD’s 12-credit, 4-course graduate certificate provides education in quantum computing with a focus on enhancing secure communications. No prior quantum physics background is required, making it accessible to cybersecurity professionals coming from software, networking, or policy backgrounds. The program is offered through the College of Computer, Mathematical, and Natural Sciences and is open to domestic applicants through July 2026 for the fall term.
- Format: On-campus and online options
- Credits: 12
- Best for: Security architects and engineers wanting graduate-level credentials with flexibility
University of Maryland — Master of Science in Quantum Computing
For those seeking a full graduate degree, UMD also offers a 30-credit MS in Quantum Computing. The curriculum consists of six core courses and four electives, with special topics available in quantum networks, quantum information theory, and quantum computing hardware. Cryptography and secure communications are woven throughout the program. No prior quantum physics knowledge is required for admission.
- Format: On-campus
- Credits: 30
- Best for: Those transitioning into a research or senior technical cryptography role
University of Rhode Island — Graduate Certificate in Quantum Computing (Online)
URI Online’s quantum computing certificate covers quantum foundations, algorithms, cryptography, and communications. URI has partnered with IBM, giving enrolled students direct access to IBM’s advanced quantum computers for experiential learning — an unusual practical advantage in a certificate program. The four-course sequence (PHY 571–574) runs from mathematical methods through advanced quantum computing.
- Format: Online
- IBM hardware access: Yes, through URI–IBM partnership
- Best for: Professionals who want hands-on quantum computing exposure alongside cryptography coursework
Norwegian University of Science and Technology (NTNU) — Post-Quantum Cryptography (IIK8105)
NTNU’s doctoral-level course is one of the most technically rigorous options available, covering lattice-based cryptography, code-based cryptography, hash-based cryptography, and isogeny-based cryptography with particular focus on the standardized NIST algorithms. Additional topics include hardness estimation, side-channel attacks on PQC implementations, and the quantum random oracle model. The course is available at both the Gjøvik and Trondheim campuses and can be arranged based on demand.
- Level: Doctoral
- Credits: 7.5 ECTS
- Best for: Researchers, government cryptographers, and technical specialists needing deep algorithmic expertise
Admission to a program of study is required:
Information Security and Communication Technology (PHISCT)
Mathematical Sciences (PHMA)
University of Waterloo — Institute for Quantum Computing (Graduate Programs)
The University of Waterloo’s Institute for Quantum Computing is Canada’s primary quantum computing research institute and offers specialized master’s and PhD programs in quantum information science. Faculty are internationally recognized in quantum computing, quantum cryptography, and quantum algorithms. The institute’s industry partnerships and proximity to a growing quantum technology ecosystem in the Waterloo region make it a strong option for professionals aiming toward research or senior advisory roles.
- Level: Master’s and PhD
- Best for: Those targeting research roles or long-term careers in cryptographic science
Professional Certifications
For working cybersecurity professionals, industry certifications offer a faster, more targeted path to demonstrable PQC credentials than academic programs. The following options span a range of rigor and depth.
Certified Quantum Security Professional (CQSP) — SISA Information Security
The CQSP is the first ANAB-accredited certification program specifically in quantum security — a meaningful distinction in a field where credentialing standards are still emerging. Designed for security leaders, architects, and compliance professionals, it covers quantum-safe cryptography, risk assessment, and alignment with NIST, ISO, and ETSI standards. The certification requires either attending a 16-hour CQSP workshop or completing equivalent formal training, making it a genuine validation of preparation rather than a pass-the-quiz credential. It is listed in the U.S. Department of Labor’s O*NET system.
- Format: Workshop + exam
- Accreditation: ANAB-accredited
- Best for: Security leaders and compliance professionals preparing to lead organizational quantum readiness
Certified Quantum & Post-Quantum Cryptography Professional (QPQCP) — Tonex / I2QC
Tonex’s QPQCP program is listed in CISA’s NICCS training catalog, giving it a government-recognized profile relevant for professionals in or adjacent to federal security. The program covers quantum and post-quantum cryptographic theory, transition strategies, and algorithm analysis, with an emphasis on bridging classical and quantum-resistant cryptography in a practical, organizational context. The certification is offered through the International Institute of Quantum Computing (I2QC).
- Format: Instructor-led or self-paced
- NICCS listed: Yes
- Best for: Federal contractors and government-adjacent security professionals
Certified Quantum Cybersecurity Analyst (CQCA) — Tonex / I2QC
A two-day intensive certification covering quantum computing’s impact on cybersecurity, quantum-resistant algorithms, and quantum key distribution protocols. The CQCA combines lectures, hands-on exercises, and real-world case studies, and requires a minimum score of 70% overall on the exam. It is a solid option for hands-on practitioners — penetration testers, security engineers, and cryptographic auditors — who need applied knowledge rather than organizational strategy.
- Duration: 2 days
- Best for: Security engineers and technical analysts building applied PQC skills
ISC2 — Quantum Computing Express Course
Released in early 2026, ISC2’s 30-minute online primer on quantum computing focuses specifically on cybersecurity implications. It carries 0.5 Group A CPE credits auto-reported to ISC2 credentials, making it useful for CISSP and CCSP holders who need to demonstrate continuing education in emerging technologies. At $23 ($19 for members), it is designed as an accessible entry point rather than deep technical training — useful for building organizational awareness or briefing non-technical leadership.
- Duration: 30 minutes
- CPE credits: 0.5 Group A, auto-reported
- Best for: CISSP/CCSP holders seeking CPE credits and a current overview of quantum security
Vendor and Platform Courses
For developers, security engineers, and architects who need practical implementation knowledge, several major vendors and online learning platforms have built dedicated PQC curriculum.
IBM — Practical Introduction to Quantum-Safe Cryptography (IBM Quantum Learning)
IBM’s free developer course is one of the most practically oriented options available. Created by IBM technical experts, it includes hands-on labs and interactive live code examples in Python across four areas: cryptographic hash functions, symmetric key cryptography, asymmetric key cryptography, and quantum-safe cryptography. Completing the course and passing the associated exam earns an IBM digital badge through Credly — a credential that carries weight given IBM’s direct role in developing two of NIST’s three standardized PQC algorithms. IBM also offers a separate course on transitioning to quantum-safe cryptography on IBM Z for enterprise infrastructure professionals.
- Cost: Free
- Credential: IBM digital badge via Credly
- Best for: Developers and security engineers implementing PQC in applications
University of Maryland Baltimore County (UMBC) — Introduction to Post-Quantum Cryptography (edX)
This six-week online course from edX and UMBC offers an active, immersive introduction to PQC blending foundational theory with practical problem-solving. Designed for beginning STEM learners, it covers quantum-safe encryption concepts and their real-world applications without requiring prior cryptographic expertise. It’s available through edX, making audit access (free) or a verified certificate (paid) available to individual learners worldwide.
- Duration: 6 weeks
- Platform: edX
- Best for: Security professionals new to cryptography who want a structured academic-quality introduction
Babeș-Bolyai University — Quantum Communication and Post-Quantum Cryptography (SPECTRO / EU Digital Skills)
Co-funded by the European Union’s Digital Europe Programme, this advanced-level self-paced course covers quantum key distribution, QKD protocols, classical cryptography fundamentals, attacks on classical cryptography, and PQC. It is free and available to learners across EU member states. The SPECTRO program represents the European Union’s deliberate investment in building quantum security expertise across its workforce, and the course is worth considering for professionals operating in or adjacent to EU regulatory frameworks (NIS2, DORA).
- Cost: Free
- Duration: ~1 week (self-paced)
- Best for: European cybersecurity professionals and those working within EU compliance frameworks
QA Ltd — Post-Quantum Cryptography (QASCAPQC)
QA is a major UK-based professional training provider. Their QASCAPQC course is aimed at cybersecurity professionals who need to understand PQC as a practical operational necessity rather than an academic topic. The course is instructor-led and designed for those who work with cryptographic systems in enterprise environments, making it a useful option for UK and European professionals who prefer structured classroom delivery over self-paced online learning.
- Format: Instructor-led
- Best for: UK and European cybersecurity practitioners in enterprise environments
Quantum Security Defence (QSECDEF) — Quantum Cybersecurity Certificate and PQC Courses
QSECDEF offers a certificate in Quantum Cybersecurity along with dedicated courses covering post-quantum cryptography, quantum key distribution, quantum random number generation, and quantum AI. The platform provides over 40 hours of lecture content and connects learners to a global community of 500+ professionals. For security teams building organizational quantum literacy, QSECDEF’s breadth of coverage across quantum technology topics makes it a useful complement to more certification-focused programs.
- Format: Online, self-paced
- Best for: Teams building broad quantum security awareness across multiple domains
Class Central — Post-Quantum Cryptography Course Aggregator
Class Central catalogs more than 500 PQC-related courses from providers worldwide, including lectures from research institutions, conference talks, and structured courses from edX and other platforms. It is not a course itself, but it is the most useful single resource for surveying what’s available — particularly for professionals looking for free content covering specific technical topics such as lattice-based cryptography, Kyber/Dilithium implementation, or NIST standards.
- Best for: Surveying the full landscape of available PQC learning content before committing to a program
How to Choose the Right Program
The right starting point depends on your current role, your organization’s timeline, and how deep your technical involvement in cryptographic migration will be.
If you’re a CISO or security leader preparing to brief the board and set migration strategy: start with the ISC2 express course for a fast orientation, then pursue the CQSP certification to build the credentialing needed to lead cross-functional quantum readiness. The CQSP’s emphasis on risk assessment and alignment with NIST, ISO, and ETSI standards directly maps to what organizational leadership needs.
If you’re a security architect or senior engineer who will be hands-on with algorithm selection, hybrid configurations, and migration planning: IBM’s free developer course is the most direct practical starting point, followed by the CQCA certification or the UMBC/edX introduction for more structured academic grounding. The Dakota State or UMD graduate certificate programs are worth considering if you have the time and want formal academic credentials.
If you’re in a government or federal contractor role: the Tonex QPQCP’s NICCS listing gives it relevance in federal procurement and compliance contexts. The CQSP’s ANAB accreditation is similarly meaningful for regulated environments. Both are worth investigating alongside NIST’s own published guidance and the NSA’s CNSA 2.0 requirements.
If you’re building a research or deep technical specialty: NTNU’s doctoral-level course and the graduate programs at Waterloo or UMD represent the most rigorous available options. These are multi-year investments suited to those whose careers will center on cryptographic science rather than organizational migration management.
The Most Important First Step
No educational program replaces the most essential early action: a cryptographic inventory. Before you can prioritize migration, select algorithms, or build a transition roadmap, you need to know where cryptography lives in your organization — which systems use TLS, what algorithms protect your databases, which devices run embedded cryptographic libraries with long upgrade cycles, and how long your most sensitive data needs to remain confidential.
That inventory is the prerequisite to everything that follows. The courses and certifications above will give you the knowledge to conduct it, interpret it, and act on it. Cryptographic migrations historically take 10 to 20 years to complete across large infrastructure. The organizations that start building internal PQC expertise now will be the ones able to meet the deadlines that are already written into government mandates and major technology company roadmaps. The window is open. The tools and education exist. The question is whether your organization starts before the deadline arrives or after.
Just a note: This is a non-exhaustive list. Course availability, pricing, and program details change frequently. Verify current information directly with each institution or provider before enrolling.
