US, European firms unprepared for post-quantum threats

Most organisations in the US and Europe lack concrete plans for post-quantum cryptography, leaving current data at risk from future quantum attacks, according to new research from industry standards body Trusted Computing Group.

The group's State of PQC Readiness report found that 91% of security professionals surveyed do not have a formal roadmap for adopting post-quantum cryptography. The finding points to a wide gap between awareness of quantum risk and structured preparation.

Industry experts expect a quantum computer capable of breaking widely used public-key encryption schemes to emerge between 2030 and 2035. Many systems in use today rely on algorithms such as RSA for secure communications, software updates and identity verification.

The survey of 1,500 cybersecurity professionals across the US and Europe indicates that organisations recognise the issue but have not yet translated this into detailed planning. Respondents held senior roles in security and IT and reported on their organisation's post-quantum posture and concerns.

Trusted Computing Group President Joe Pennisi said the findings highlight the need for faster progress on planning and migration.

"Our State of PQC Readiness report is a clear indication that PQC preparations need to be accelerated," said TCG President Joe Pennisi. "As organizations like NIST and NCSC continue to approve PQC standards and set out their own roadmaps for full integration, it's not enough for security professionals to just understand the quantum threat landscape, but actively take steps to mitigate it."

Respondents expressed concern about the readiness of their current cryptographic tools. The report said 81% believe their existing cryptographic libraries and hardware security modules are not prepared for migration to post-quantum algorithms. This view cuts across sectors that handle personal, financial and operational data.

Security experts have warned that long-lived data is already exposed through so-called "harvest now, decrypt later" attacks. In these attacks, adversaries intercept and store encrypted traffic today with the aim of decrypting it in the future once quantum systems can break current schemes.

Quantum computers use different computational principles from classical machines. Algorithms such as Shor's algorithm can factor large numbers efficiently once sufficiently powerful quantum hardware exists. This would undermine the mathematical assumptions behind public-key systems such as RSA.

Many organisations rely on these systems for VPNs, web certificates, secure email, industrial control links and embedded devices. The long lifecycle of such infrastructure means that data encrypted now may still need protection when quantum computers become practical.

PQC concerns

The report found that 76% of the professionals surveyed feel confident in their understanding of the quantum threat landscape. They reported concerns about compatibility, integration and the complexity of migrating cryptographic infrastructure as significant barriers to action.

These concerns affect both software and hardware-based systems. Many organisations use hardware security modules and embedded chips that are difficult to upgrade at scale, which raises questions about timelines and replacement cycles.

Regulatory and contractual drivers appear to have a growing influence. Respondents identified contractual requirements, industry consortium standards and new regulations as the main triggers that will drive post-quantum migration within their organisations.

The survey found that 58% of respondents plan to allocate between 6% and 10% of their IT and security budgets for post-quantum migration. That level of funding suggests competition with other security priorities, including cloud security, identity management and incident response.

Standards push

Trusted Computing Group develops open, vendor-neutral specifications that underpin security functions in a range of devices and platforms. The organisation's standards are widely used in hardware-based roots of trust and related technologies across personal computers, servers and embedded systems.

National Institute of Standards and Technology in the US and other national agencies are progressing post-quantum cryptography standards through multi-year selection and validation processes. These bodies have started to publish selected algorithms and parameter sets for use in future products and infrastructures.

Pennisi said the industry's attention on shared standards is an important factor in the coming transition.

"Industry migration to PQC will take some time, and the concerns raised over budgetary restraints are well-founded," continued Pennisi. "However, we were delighted to find that professionals see industry consortium standards as crucial to these efforts. The TCG is currently working hard to update our specifications in preparing for the PQC era, aligning with the algorithms and the parameter sets published by NIST and other institutions."

The full report offers a detailed view of current planning levels, perceived obstacles and intended investment in post-quantum migration among large organisations in both regions.