The UK's National Cyber Security Centre (NCSC) has published specific timelines on migrating to post-quantum cryptography (PQC), dictating that critical organizations should complete migration by 2035. The NCSC's PQC migration guidance primarily impacts government agencies, large enterprises, critical national infrastructure operators, as well as technology and software providers with bespoke IT systems that rely on cryptography. The NCSC recommends adopting NIST-approved PQC algorithms for migration, which were standardized by the U.S. organization last year, and are expected to become the foundation for post-quantum security globally. The United States has established a similar timeline for migrating to PQC through the National Security Memorandum 10 (NSM-10), which also sets 2035 as the target year for completing the transition across federal systems. The UK organization acknowledged the numerous challenges that arise from such a migration, including legacy systems that cannot be moved to the post-quantum age, lack of in-house expertise, and supply chain complexities. The NCSC says it will soon launch a pilot scheme aimed at connecting cryptography specialists with UK organizations migrating to PQC to assist them with asset discovery, assessment, and planning. Bill Toulas Bill Toulas is a tech writer and infosec news reporter with over a decade of experience working on various online publications, covering open-source, Linux, malware, data breach incidents, and hacks. "Quantum computing is set to revolutionize technology, but it also poses significant risks to current encryption methods," stated NCSC's CTO, Ollie Whitehouse.
This Cyber News was published on www.bleepingcomputer.com. Publication date: Thu, 20 Mar 2025 16:25:23 +0000