SecurityBrief UK - Technology news for CISOs & cybersecurity decision-makers
United Kingdom

Guides

#
cloud security
#
cybersecurity
#
endpoint protection
#
firewalls
#
ransomware

Search

Julian
#
Data Protection
#
Quantum Computing
#
Risk & Compliance

Nations race to sovereign encryption in quantum age

Wed, 4th Feb 2026
By Julian Fay, CTO and Co-founder, Senetas

For decades, many nations have operated under a comfortable assumption: that digital security, like physical defence, could be outsourced to trusted allies. That assumption is now under scrutiny.

At the World Economic Forum in Davos, US President Donald Trump's remarks on defence, security and national capability served as a timely reminder that geopolitical certainty is eroding. 

Around the world, governments are responding in the only way that makes rational sense: investing in sovereign capability where possible, diversifying suppliers, and reducing over-reliance on any single country for critical systems. Cybersecurity, and particularly encryption, sits squarely at the centre of this transition. In Australia, the government's 2023-2030 Australian Cyber Security Strategy (updated late last year) identifies that sovereign capabilities are core to national protection. Similarly, the European Union's new post-quantum roadmap demonstrates a decisive, sovereign move to future-proof critical infrastructure against next-generation quantum threats.  

As Trump himself has hinted in recent remarks regarding US military operation in Venezuela, electronic warfare (the ability to disrupt, degrade or disable systems remotely) is now a core component of military capability.

Communications networks, command systems, energy infrastructure and data flows are all potential targets. Encryption is foundational to national resilience to attacks on these systems.

Yet many of the cryptographic systems underpinning today's digital infrastructure were designed decades ago, in a very different threat landscape. They were never intended to withstand the combined pressures of geopolitical instability, sophisticated cyber adversaries, and the coming disruption of quantum computing.

Quantum changes the equation

Quantum computing represents a revolution in computing power. Once Cryptographically Relevant Quantum Computers (CRQC) reach sufficient scale, widely used public-key algorithms such as RSA and elliptic curve cryptography will become vulnerable.

In late 2025, the US Department of War issued a memorandum directing agencies to accelerate their migration to post-quantum cryptography (PQC). The guidance was unambiguous: all cryptographic assets must be identified, inventoried and transitioned within defined timelines, with legacy approaches phased out entirely by the end of the decade.

The message was not simply about compliance. It was about maintaining operational effectiveness, information dominance and national security in an era where cryptographic failure is sudden and catastrophic.

Why this matters beyond the United States

While the Department of War memo is a US document, its implications are global.

Post-quantum readiness is now a strategic decision. Nations that delay this transition risk finding themselves dependent on legacy systems that cannot be trusted in a crisis, or reliant on external providers at a time when autonomy matters most.

One of the most persistent misconceptions about post-quantum cryptography is that it can be "switched on" when needed. In reality, migration is a complex, multi-year process.

It requires:

  • A comprehensive inventory of cryptographic assets across networks, systems and devices
  • Careful evaluation of emerging PQC standards and their performance characteristics
  • Integration with existing infrastructure without introducing new vulnerabilities
  • Cryptographic agility, so algorithms can evolve as standards mature

Organisations that have not already begun this work are unlikely to complete it quickly under pressure.

A question of sovereignty and trust

Digital infrastructure is often trusted by default by the public. It trusts that communications will remain confidential, that systems will function under stress, and that nations retain control over their most critical digital assets.

As geopolitical dynamics shift and digital conflict becomes more central to national defence, encryption can no longer be treated as a purely technical choice. It is a matter of sovereignty. A breach of the trust in a nation's digital infrastructure will cause massive loss of trust, which will in term have negative economic and social consequences.

The signals are already there: from Davos, from US defence policy, and from the accelerating pace of quantum research. The question is not whether post-quantum security will be required, but whether organisations will act early enough to implement it on their own terms.

Related stories
Ecommpay leader wins Women in Risk & Compliance award
Palo Alto warns on earnings as guidance disappoints
Gr4vy adds Sardine tools to unify fraud & payments
AI deepfakes erode trust and reshape UK dating apps
SatVu raises GBP £30m to build UK thermal sat network

Top stories

IT leaders rethink cloud, AI spend amid lock-in fears
12Port unveils AI session intelligence for PAM security
DryRun Security adds Andrew Peterson to drive AI shift
AI-driven phishing surge dominates 2025 cyberattacks
Tailscale unveils Aperture to govern workplace AI use