The US Cybersecurity and Infrastructure Safety Company (CISA) has launched a brand new advisory mapping post-quantum cryptography (PQC) requirements to frequent enterprise {hardware} and software program classes, giving CIOs and security groups an early reference for evaluating quantum-safe know-how readiness.
Issued in response to a June 6, 2025 govt order on strengthening federal cybersecurity, the advisory identifies lessons of IT merchandise that already use, or are transitioning towards, NIST-standardized PQC algorithms. CISA mentioned the lists are supposed to information procurement and long-term migration planning as companies assess programs that depend on public-key cryptography.
For enterprises, the steerage alerts that quantum-safe cryptography is changing into a sensible procurement consideration immediately, whereas additionally highlighting gaps. CISA famous that many listed product classes have applied PQC for restricted features, similar to key institution, however should not but absolutely quantum-resistant.
CISA famous PQC-ready product classes
The advisory highlighted a number of know-how classes the place PQC-compatible options are already out there (or are in lively transition) to assist organizations consider buy selections and plan migration.
The advisory highlighted that a number of product classes beneath {hardware} and software program are already utilizing PQC Requirements. These embody cloud companies (PaaS, IaaS), collaboration software program (chat/messaging), internet software program (browsers and servers), and endpoint security (DAR security and full disk encryption).
