Say Easy, Do Hard - Crypto-Agility - BSW #440
Show notes
With Q-day getting closer, regulatory guidance pushing firms to migrate to quantum security in the next five years, and an extensive remediation backlog waiting to be discovered, security leaders must start their quantum security migration today. Easier said than done. In this Say Easy, Do Hard segment, we discuss the quantum-safe journey using a framework for crypto-agility.
In part 1, we define cryptographic agility, or crypto-agility for short, and why it's important. Crypto-agility is not just about transitioning to quantum-safe cryptography in the nimblest way possible, and it's not something that can be achieved merely by updating encryption algorithms and protocols. Instead, you need to adapt your organization's cryptographic architecture, automation, and governance to allow for greater control and flexibility.
In part 2, we discuss a framework for discovery, prioritization, and remediation while keeping crypto-agility in mind. A quantum-safe journey requires:
- Inventory of Systems With Non-Quantum-Safe Algorithms And Protocols
- System Prioritization, Leading To A Migration Roadmap
- Remediation, Including Vendors And Partners
Once a distant possibility, Q-Day is quickly approaching. Are you ready for 2030?
Segment Resources:
- https://pqcc.org/wp-content/uploads/2025/05/PQC-Migration-Roadmap-PQCC-2.pdf
- https://pqcc.org/wp-content/uploads/2025/06/PQCC-Inventory-Workbook.xlsx
- https://qramm.org/learn/cryptoscan-guide.html
- https://research.ibm.com/blog/quantum-safe-cbomkit
Visit https://www.securityweekly.com/bsw for all the latest episodes!
Show Notes: https://securityweekly.com/bsw-440
← Previous
Language of the Board as CISO-Board Time Falls Short and CISOs Struggle with Risk - Ben Wilcox - BSW #439
Next →
Executive Paralysis and Two Pre-Recorded RSAC 2026 Interviews from DigiCert and Okta - Amit Sinha, Ann Marie van den Hurk, Matt Immler - BSW #441