Post-quantum cryptography (PQC) has long sat on the periphery of enterprise security, with experts calling it inevitable but not urgent. That posture is beginning to shift.
Earlier this year, Palo Alto Networks published a blog announcing a new “quantum-safe security” initiative, framing it as a way for enterprises to assess where quantum-vulnerable cryptography exists across their environments and begin planning a transition. While the announcement was light on technical specifics, it added to a growing security sentiment. Post-quantum threats are real.
“IDC’s view is that post-quantum risk is no longer a distant, theoretical issue; it is becoming a present-day governance and operational risk, especially for regulated and data-intensive industries,” said Sakshi Grover, senior research manager, security services, IDC Asia Pacific. While practical quantum attacks remain years away, security vendors are beginning to pull PQC out of the confines of a “future theory” and into present-day risk management.
Rather than pushing sweeping architectural changes from the start, they are positioning discovery, inventory, readiness assessments, and crypto-agility capabilities as the first steps to get enterprises up to speed with quantum.
But even that groundwork is far from straightforward.
Can’t change what you can’t see
At the heart of most PQC readiness offerings is a basic but difficult problem. Many organizations do not know where or how cryptography is used across their infrastructure. Encryption is embedded everywhere, from certificates and VPNs to APIs, firmware, identity systems, and third-party software. That sprawl makes it difficult to evaluate exposure to algorithms like RSA and elliptic curve cryptography, which are expected to be broken by sufficiently capable quantum computers.
Palo Alto’s messaging centers on this visibility gap. According to the company, its approach is to help organizations identify cryptographic usage that may not be quantum-safe and provide guidance on remediation paths. It isn’t alone in trying to do this.
Cisco frames the visibility problem in similarly operational terms, emphasising that readiness spans multiple phases rather than a one-time audit. “Cisco CX’s Quantum-Safe Services delivers end-to-end support across discovery, monitoring, and migration–plus strategic advisory and ongoing optimization to keep pace with evolving standards,” said Christian Chisolm, senior director of strategy & planning, Security & Trust Organization, Cisco.
Companies like IBM have also been building cryptographic inventory solutions to catalog every encryption component. IBM’s Quantum Safe Explorer (QSE) performs static analysis of software to locate cryptographic assets, including libraries and dependencies, and pairs that with runtime monitoring through its Quantum Safe Advisor to build a comprehensive “Cryptography Bill of Materials.”
Some providers are focusing specifically on infrastructure-layer visibility. Cisco says its discovery currently concentrates on network cryptography exposure. “We currently detect: Digital certificates across management, control, and data places; Cryptographic protocols and algorithms (TLS/SSL, SSH, IPsec, etc); Key exchange mechanisms on Cisco network devices; Trust anchors and hardware security elements within platform architectures,” Chisolm said.
Cloudflare, by contrast, emphasizes visibility at the connection layer rather than deep asset discovery. “Cloudflare provides visibility into which client devices and endpoints can successfully establish TLS 1.3 connections,” Volker Rath, field CISO at Cloudflare, said.
Certificate management vendors are also repositioning core functions for PQC readiness. DigiCert, for example, uses its Trust Lifecycle Manager and related tools to help enterprises identify, inventory, and begin replacing vulnerable certificates with quantum-safe alternatives.
Some are already ahead as the migration question looms
One of the earliest vendors to operationalize cryptographic discovery specifically for PQC readiness was Sandbox AQ, which emerged from Google’s quantum research efforts. As early as 2022, the company argued that enterprises needed to inventory cryptography assets long before post-quantum algorithms could be deployed at scale.
Initially offered as a consulting-driven assessment, that capability eventually evolved into a product, AQtive Guard, designed to continuously monitor cryptographic usage and flag quantum-vulnerable dependencies.
In 2024, the platform’s deployment by SoftBank Corporation gave the company’s claims a public validation, uncovering unnoticed vulnerable encryption and certificate issues across a large enterprise network. Beyond SoftBank, SandboxAQ has managed to secure high-profile engagements, including a partnership to deploy AQtive Guard across multiple US Department of War entities to accelerate cryptographic visibility and PQC modernization.
A handful of other vendors, too, have moved beyond experimental efforts to deliver more mature offerings. QuSecure offers the QuProtect platform, combining crypto-agility with discovery so enterprises can embed quantum-resilient cryptography into existing infrastructure without rewriting application code.
Some niche players are offering full-stack products that embed PQC across services. Companies like Post-Quantum (UK-based) provide modular software for identity, VPNs, and encrypted messaging that is quantum-safe today, stressing crypto-agility and backward compatibility as part of readiness.
“The approach to mass migration away from where we’ve grown comfortable into new methods of encryption is no easy task,” said Bart Willemsen, VP analyst at Gartner. “The road towards continuous inventory, prioritization for replacement, and the ability to maintain connectivity in operations is a long one. What’s more, we need to become and remain crypto-agile (we’re likely going to have to do the same again, later, as has always been the case historically) and that repeatability demands consistency.”
Cisco argues that migration planning must account for legacy constraints, not just modern systems. “Legacy systems present unique challenges — limited processing power, fixed firmware, and operational lifecycles spanning over 10 to 20 years. When direct upgrades aren’t feasible, we deploy cryptographic abstraction layers: quantum-safe proxies or gateways that mediate communications on behalf of legacy devices, essentially wrapping vulnerable protocols in PQC-secured tunnels,” Chisolm said.
Cloudflare takes a different approach, positioning its network as a compensating control. “This means customers do not necessarily need to upgrade legacy systems or proprietary software to achieve PQC readiness, as the connection is secured at the edge, removing the opportunity for interception along the way,” Rath said.
“Harvest now, decrypt later” adds pressure
Part of the renewed urgency comes from the “harvest now, decrypt later” threat model, in which adversaries collect encrypted data today with the expectation that it can be decrypted once quantum capabilities mature.
This scenario has shifted PQC from a hypothetical future problem to an immediate data protection concern, particularly for industries handling sensitive data with long confidentiality lifetimes, including telecommunications, finance, healthcare, and government.
“We do hear of HNDL attacks, where conventionally encrypted content is no longer discarded but retained by criminals, who are seeing the (quantum) developments as an opportunity for their nefarious activities within 2-3 years,” Gartner’s Willemsen said. “When criminals see opportunity around the corner, the quantum-based decryption risks are no longer theoretical; they are real.”
Vendors increasingly argue that action cannot wait for fully capable quantum computers. Cisco warns that organizations holding long-lived sensitive data should already be moving beyond assessments. “Assessment is urgent, but active replacement is now imperative,” Chisolm said.
Cloudflare echoes the timeline concern while pointing to official guidance. “The National Institute of Standards and Technology (NIST) recommends organizations achieve full post-quantum readiness by 2030,” Rath noted. “Given the complexity of updating infrastructure at scale, we recommend that enterprises begin planning the replacement process now to reduce stress, costs, and friction.”
NIST also finalized multiple post-quantum cryptographic algorithms, giving vendors and enterprises targets for migration and reducing uncertainty. As organizations prepare for hybrid PQC deployments, combining classical and quantum-resistant algorithms, vendors are racing to ensure their offerings support evolving standards.
“We have been monitoring the developments in quantum space for over a decade, and our strategic planning assumptions regarding the expected moment of compromise have consistently pointed towards around 2029,” Willemsen pointed out. “Given the amount of work to be done for a successful migration and ‘continuous in-control’ situation, that should be read as ‘tomorrow.’”
Readiness vs reality
Not everyone is convinced that today’s PQC readiness offerings represent a fundamentally new category of security tooling.
Much of what vendors are promoting: crypto inventories, certificate tracking, dependency mapping, overlaps with practices that security teams arguably should already have in place. In that sense, PQC may just be acting as a forcing hand for organizations to address longstanding blind spots rather than introducing entirely new technical requirements.
Some vendors counter that the difference lies in depth and integration rather than concept. Cisco positions its approach as foundational rather than additive. “Traditional encryption tools inventory certificates and track key lifecycles. Cisco delivers infrastructure-level quantum readiness, embedding NIST PQC algorithms into core protocols and hardware roots of trust.”
While NIST standards are now available, many commercial products and protocols have yet to fully integrate post-quantum algorithms. Even where support exists, performance trade-offs and interoperability challenges remain. IDC’s Grover recommends a phased transition. “Instead of aiming for full-scale deployment, buyers should prioritize critical systems first, align with NIST timelines, and integrate PQC into broader GRC programs,” she said.
For vendors, the race is now about positioning. Being seen as a trusted guide through the PQC transition, rather than merely an algorithm provider, offers an opportunity to embed deeply into long-term enterprise roadmaps.
Palo Alto Networks’ entry into PQC readiness reflects a broader shift in how the market is approaching the issue. What was once largely the domain of specialized quantum security firms is now being taken up by mainstream security and infrastructure vendors as part of their core platform strategies. Network providers like Cisco are introducing quantum-safe protections for existing protocols, while HSM vendors like Futurex are adding post-quantum algorithm support to established key management systems used in regulated environments.
Cloudflare, similarly, frames readiness as an architectural shift rather than a discrete tool deployment. “With Cloudflare, customers simply need to place their origin server behind the Cloudflare network, and Cloudflare manages the encryption and key management,” Rath said.
As more vendors formalize their offerings and additional customer deployments are disclosed, the edges of the PQC readiness market are likely to become clearer. What remains uncertain is whether enterprises will prioritize these efforts in the near term or treat them as part of the longer-term cryptographic modernization.
No Responses