NIST’s post-quantum cryptography standards: Our plans

The US National Institute of Standards and Technology (NIST) has published three recommended cryptographic standards for post-quantum secure cryptography to address the threats posed by quantum computers. These recommendations empower companies, technology providers, and users to adopt new encryption methodologies to help communications and data exchange remain secure when quantum computers become available at scale. The immediate enterprise risk concerns the security of long-lived sensitive business data, which bad actors are already seeking to extract using a harvest-now-decrypt-later strategy. To mitigate this risk, enterprises should enforce zero trust security policies and practices. Enterprises should also begin experimenting with available post-quantum cryptography (PQC) implementations to assess potential changes needed to ensure that the existing systems can function across existing and quantum-based cryptography.