INCIBE published a technical report on supercomputing and quantum computing in cybersecurity in September 2025. The document details how a quantum computer with sufficient capacity can break algorithms like RSA, ECC and other public-key systems using Shor's algorithm.
It also introduces a term you will be hearing a lot: "Q-Day", the day a quantum computer becomes capable of breaking current cryptography at a practical scale. Nobody knows when that will be. But NIST is not waiting to find out.
NIST has published the three standards
In August 2024, NIST (National Institute of Standards and Technology) published the first three post-quantum cryptography (PQC) standards. After years of evaluation, public competition and revisions, the algorithms are production-ready:
- FIPS 203: ML-KEM (based on CRYSTALS-Kyber), for public-key encryption.
- FIPS 204: ML-DSA (based on CRYSTALS-Dilithium), for digital signatures.
- FIPS 205: SLH-DSA (based on SPHINCS+), for alternative digital signatures.
These algorithms are designed to resist attacks from quantum computers. They are US federal standards, but their impact is global: when NIST says migrate, the world moves.
The attack that is already underway
Attackers are already collecting encrypted data today to decrypt it later when quantum computing makes it possible. This is known as Harvest Now, Decrypt Later (HNDL): capture now, decrypt later.
If your company holds data that must remain confidential for 5, 10 or 20 years (medical records, contracts, asset information), you are already in the risk window. Data encrypted today with RSA or ECC may be unreadable now, but it is being stored by someone waiting for Q-Day.
We explain this attack in detail in our analysis of the quantum era for the financial sector.
What to change and when
The timelines are shorter than they seem.
In the US, NSPM-28 (National Security Memorandum) requires federal agencies to have an inventory of cryptographic systems by 2025 and a migration plan by 2027. The European Union is working on a similar recommendation through ENISA.
Companies working with American or European clients will receive PQC migration requirements in their contracts. It is a question of when, not if.
This is not like renewing an SSL certificate
Migrating to post-quantum cryptography requires inventorying all cryptographic systems in the organisation, assessing compatibility of each one with the new standards, planning phased migration and testing before deployment. It is a 2 to 5 year process for a mid-sized company.
How it affects your company (not just banks)
When quantum cryptography comes up, the instinct is to think of banks and FinTech. But they are not the only ones affected. Any company that uses:
- TLS/SSL certificates (every website)
- Digital signatures on contracts
- Data encryption at rest (databases, backups)
- VPNs and encrypted communications
- Public key-based authentication
will have to migrate. SMEs are not exempt. If you process personal data, have web infrastructure or use electronic signatures, this affects you.
The difference with a bank is one of scale, not principle. A hospital encrypting medical records, an insurer digitally signing policies, an industrial company with VPNs between facilities: they all depend on the same cryptography that a quantum computer can break.
Cybersecurity audit + ISO 27001
The first step is knowing where you stand
Before migrating to post-quantum cryptography, you need to know what cryptographic systems you have, where they are and what their exposure level is. A cybersecurity audit with an ISO 27001 focus gives you that inventory and a clear roadmap.
Request an audit →How to start a migration plan
You do not need to do everything at once. But you do need to start. These are the three steps we recommend to our clients:
Inventory your cryptographic systems
Know what you use, where and for what. TLS on your web servers, encryption in databases, signatures on electronic documents, VPNs, authentication certificates. Everything counts. Without an inventory there is no plan.
Compatibility assessment
Do your providers (cloud, CA, VPN) already support PQC? Many are already working on it. Amazon, Google Cloud and Azure have started integrating post-quantum algorithms into their services. Ask your providers about their roadmap.
Pilot plan
Start with the systems protecting data with the longest confidentiality period: medical records, long-term contracts, asset information. These are the ones an HNDL attacker is collecting today.
The key is prioritisation. Not all systems have the same level of urgency. But none can be left out of the plan.
If you want an analogy: think Y2K, but at global scale and without a fixed date. The difference is that this time the standards already exist. All that is left is to start using them.
Your team needs secure AI training
The EU AI Act requires AI literacy for all staff from August 2026. Our courses cover compliance, AI agents and governance. FUNDAE can subsidise 100% of the cost.
