The first step of the migration to PQC is deceptively simple: Inventory every cryptographic asset in the agency. Bill Newhouse, cybersecurity engineer and project lead at NIST's National Cybersecurity Center of Excellence, said agencies were directed to take their existing high-value asset lists and identify what cryptography currently protects them.
“They said, take that list and then on this spreadsheet, please tell us what cryptography is in there,” Newhouse said. “That's practical for some and less practical for other agencies.” Newhouse added that the task came with no new associated funding for federal agencies.
Stephen Hunt, CTO for federal markets at HCLSoftware, said the inventory challenge exposes three distinct gaps. First, an ownership gap: Inventories are treated as compliance projects, completed and shelved. “When the audit is closed, somebody owns the data, but it's sitting probably on a disk somewhere, and it's not operationalized,” Hunt said. Second, a continuity gap: “The inventory may be accurate the day it's delivered, and it's stale the next week.” And third, a completeness gap, because “cryptography lives in places that tools or manual searches never reach.”
The result is that weak algorithms persist longer than they should, remediation targets shift before fixes arrive, and agencies plan around data that may already be outdated.
Why Crypto Agility Matters More Than the PQC Migration Itself
Several panelists argued the harder question isn't necessarily how to complete the migration; it's what comes after. Prathibha Rama, a computer engineering and security researcher at the Johns Hopkins University Applied Physics Lab, said the PQC transition is part of a pattern as old as cryptography itself.
“I think of it as a cat and mouse game,” Rama said. “We're using difficult math to hide our data, and we publish that for other people to see, to see if they can break it with the tools that we have. But at some point in time, those things can get broken.”
Rama pointed to the arc from early shift ciphers — the kind broken by Alan Turing's team during World War II — through RSA and number theory, to today's lattice-based systems. Each era of cryptography held until a new tool or insight broke it. Quantum computing is simply the latest such tool.
“For a while, we rested on the laurels of RSA with number theory,” Rama said. “And at some point, somebody was clever enough to say, ‘Well, if we have a quantum computer, this new tool, we can break it.’”
That history is what makes the concept of “crypto agility” — the ability to swap cryptographic algorithms in and out of infrastructure without rebuilding everything — so central to the current conversation. Rama compared the goal to building with toys: “Can you swap out your crypto systems within your larger infrastructure, sort of like Lego blocks?”
Hunt put it more bluntly: “The long-term strategy really isn't about post-quantum specifically,” he said. “It's about building the capability to move when algorithms are forced to change.” He compared the PQC migration to work agencies should already be doing and argued the same process can carry an organization through future cryptographic transitions.
“We're not going to have one day where we need to all change, and then we're done and we can go back to our lives,” Hunt said. “This is going to be in our lives for a while to come.”
READ MORE: How to enhance operations and better protect data.
Federal Agencies Should Prepare for Post-Quantum Deadlines
The timeline is tightening. Google has announced its plans to complete its PQC migrations by 2029, six years ahead of the federal government's 2035 target. NIST expects agencies to stop purchasing technology that relies solely on classic cryptographic algorithms by the end of 2030.
For agencies still working through basic inventory, the gap between where they are and where industry is heading is stark. Hunt's advice for federal agencies was concrete: Name a single PQC lead with authority and budget, train system owners so they understand the risk and establish continuous discovery — ideally, daily — to ensure remediation sticks and retired algorithms don't creep back in.
Rama, for her part, urged a longer view. The trust that underpins pillars of modern digital society — such as banking, communications and classified information — rests on cryptographic systems that have gone largely unexamined for decades. “We've been able to rely on a lot of these public-key crypto systems for the past 30, 40, 50 years without having to think about it,” she said. “It's not something to panic over. But it's this idea of just, slow and steady, start shifting.”
The quantum threat may be what finally forces that change. But the real lesson of the PQC migration, these experts suggest, is that the math was always going to change eventually, and agencies that build the infrastructure to adapt will be the ones that survive the next break, whenever it comes.
