Notes on post-quantum cryptography, migration strategy, and the road to 2030.
The Trump administration committed roughly $2B across nine quantum firms, anchored by an IBM-led $1B chip foundry called Anderon. Layer in CHIPS Act silicon and federal equity stakes, and the quantum threat timeline just compressed. Here's what the announcement means for the encryption protecting your systems right now.
Read article →$2B federal plus $1B from IBM plus heavy Chinese investment is the largest single-window acceleration of quantum computing in history. The expert consensus on the CRQC arrival date was already moving earlier every year — this announcement bends the curve again. Why 2030 should be treated as a ceiling, not a target.
Read article →It's Sunday night and the CEO already forwarded the article. Monday morning is on your calendar. This is the 5-minute action plan for IT managers and CISOs: scan with QVS, frame the threat in executive language, build the one-page plan, and walk in with the answer ready.
Read article →Most websites today are not quantum safe — fewer than one in five use post-quantum cryptography for any part of their TLS handshake. Here's what "quantum safe" actually means, the four algorithms that disqualify almost every site, and three methods to test your own site in under a minute.
Read article →NIST IR 8547 sets binding deprecation deadlines for RSA, ECDSA, and ECDH: 2030 for new use, 2035 for any use. Combined with CNSA 2.0, PCI DSS 4.0, NIS2, and DORA, the regulatory convergence is real. Here's a quarter-by-quarter migration plan from discovery to deadline.
Read article →The expert consensus has shifted from "2040, maybe never" in 2020 to "2030-2035, possibly earlier" in 2026. A realistic look at the qubit requirements, current quantum hardware progress, and why your migration timeline matters even if RSA doesn't break until the 2040s.
Read article →Every public website on the internet today uses cryptographic algorithms that are mathematically guaranteed to fail when sufficiently large quantum computers arrive. NIST has set deprecation deadlines, NSA has published the CNSA 2.0 timeline, and major operators (Cloudflare, Apple, Google, OpenSSH) have already started migrating. Here's what's actually happening and what you need to do.
Read article →