Why organizations should stop worrying about Y2Q a...

Caute_cautim · ‎02-17-2026

Hi All

Here is Part 1:

Demystifying Post quantum Topics — Part 1

As I fly back from the PKI Consortium’s PQC Conference in Kuala Lumpur, I’m wrapping up days filled with insightful talks and energizing conversations. Among the many ideas that kept my mind busy, one stands out: demystifying a few topics that, in my view, carry too much weight in the post quantum cryptography (PQC) conversation.

Over several days, brilliant post quantum experts gathered to exchange ideas and energize everyone’s neurons. Some discussions navigated through well-established concepts and recommendations. Sometimes I found myself disagreeing with them. Responding to these provided an enlightening opportunity to challenge and clarify ideas that many hold firmly.

With full respect for differing opinions and in the spirit of healthy debate, I intend to challenge four commonly accepted notions in a slightly provocative way to encourage you, dear reader, to reconsider your current analysis. I’ll publish each reflection in a separate article over the coming days.

Let’s begin with the first one

Organizations Should Not Worry Too Much About “Y2Q”

“When will Y2Q arrive?” is an omnipresent question in most talks, articles, and recommendations. It’s used for various purposes: sometimes to warn of an imminent risk, sometimes to spark curiosity, and other times to dismiss the threat due to the uncertainty around quantum cryptanalysis progress.

However, this question often creates distraction and uncertainty among decision-makers. Quantum computing and cryptography are complex subjects, and no one can confidently predict a date. Several hyped forecasts from a few years ago about production-grade quantum computers have not materialized, fueling skepticism.

Organizations need facts and certainty. They must keep their communications secure and interoperable in an increasingly hyperconnected world, which means adopting secure standards.

Facts beat speculation

According to NIST IR 8547 (ipd), classical public-key cryptography will be disallowed by 2035, and today’s most common configurations will be deprecated by 2030.

National security agencies (NSAs) and other bodies around the world are setting similar schedules. So if there’s a global consensus, it’s this:

✅ Transition critical use cases to PQC by 2030-2031

✅ Complete migration by 2035

That’s as clear, relevant, and broadly agreed upon as it gets. Y2Q isn’t.

You will not find any more relevant or broadly agreed-upon milestones. Y2Q is not one of them. These official timelines should serve as the foundation for every organization’s migration roadmap.

Everyone has a role to play:

Security agencies identify threats.
Standardization bodies define the rules.
Organizations do business securely and interoperably by following those standards.

Focusing on these dates also strengthens internal sponsorship. Y2Q frames the issue as a speculative cybersecurity risk; compliance with evolving standards makes it a concrete regulatory requirement, especially vital in regulated industries.

The two common objections I hear

1️⃣ “What if Y2Q happens earlier?”

The published timelines are already quite tight. The current issue is that the Y2Q narrative often promotes crypto-procrastination, delaying decisive actions to initiate the transition, due to the lack of concrete milestones and facts. A compliance-driven mindset, by contrast, promotes decisive, measurable progress. If Y2Q arrives sooner than expected, we can expect the NSAs and standards bodies to update the official milestones.

2️⃣ “What if Y2Q is delayed — or never comes?”

This highlights how the Y2Q framing leads to crypto-procrastination. The initial steps of PQC transition are no-regret moves that strengthen cryptographic management, putting it on par with other cybersecurity practices such as vulnerability management. By starting now, organizations will be better prepared to address vulnerabilities, whether quantum-related or not (such as poorly managed keys or certificates), and will be able to adapt rapidly when necessary.

The compliance reality

From a compliance standpoint, crypto-procrastinating is risky. Who would take responsibility for assuming that NSAs and standardization bodies are wrong? Failing to act on the hope that PQC won’t be needed is hard to justify under current regulations such as

What happens if an organization delays migration for a few years and the quantum-vulnerable cryptography end of life policy stay in place? The costs and risks of a rushed migration, or the reputational damage from maintaining non-compliant cybersecurity practices, can be severe. Moreover, compliant organizations are unlikely to delay their own transitions simply to maintain backward compatibility with laggards. Betting against established standards could even be existentially risky for a single organization.

In summary

In my view, organizations and the PQC community supporting them should not use Y2Q as the guiding principle for defining transition milestones. That responsibility lies with NSAs and standardization bodies. Organizations must follow standards, not speculation.

This doesn’t mean they should ignore advances in quantum computing or other cryptanalytic threats, but these developments should inform awareness, not dictate strategy. Roadmaps should be grounded in standardization and compliance, not in hypothetical countdowns.

Source: https://www.linkedin.com/pulse/why-organizations-should-stop-worrying-y2q-start-jaime-g%C3%B3mez-gar...

Regards

Caute_Cautim

Early_Adopter · ‎02-18-2026

I like the what if it comes sooner/what if it's delayed(or never comes) dichotomy.

Well, if it arrives early then your experiments might get prime time thrust upon them!

If it's late or never comes? It probably means we have worse things happening and bigger fish to fry...

Caute_cautim · ‎02-18-2026

@Early_Adopter Yes like runaway Agentic AI or Crawdbot....

Regards

Caute_Cautim

Early_Adopter · ‎02-18-2026

Yah, though we're also quite capable of doing it through war, civil strife, big space rocks, pandemic and not enough TP etc - I think it's just that scale and impact would be required to effectively stop work on quantum computing, or to make us not care about easy cryptanalysis.

dcontesti · ‎02-19-2026

Many moons ago (well not really.....back in 2010s), one of our Physical Security Managers kept talking about a Pandemic and what affect it would have on our environment (discrete manufacturing).......EVERYONE stared at him and snickered (behind his back).......no one was concerned, no one planned, and yet everyone was shocked when it happened. The lesson here is that we should look at everything as a possibility of what might, could, will happen.

As Security professionals, we need to start planning and agree that there are many things that could affect the way we think/act with quantum.

Great write up.

d

Caute_cautim · ‎02-19-2026

Hi @dcontesti @Early_Adopter

This is directly about Governance, Architecture, Infrastructure and Trust - we have to get executive buy in, or they may not be executives for their organisations for much longer.

The main thing this is not about a cryptographic migration, a technical subject - it is Governance from the top, they own it, must own it and must get going.

At least those in USA and Europe have until 2035 we only until 2030 here in Australia, New Zealand

Regards

Caute_Cautim

Early_Adopter · ‎02-20-2026

"But, but, but... I just don't have the time!"

The interesting continuum I've observed with humans is the ability to argue against doing the correct thing.

It grows from the bottom...

From not wanting to try to update packages to the latest usually an unholy alliance between developers who don't test their code on N+1/+2 etc, and security 'architects' who would like to evaluate a smaller sample size of platforms and components. the downs stream of this tends to be monumental last gasp upgrades, and customers internal and external running for extensions to exceptions...

...that management then has to sign off on, training them to accept it rather than budget to hire enough/competent engineers...

...which in turn has security leadership fighting against audit and trying to refuse to see things as a risk, because it goes in the RoR and that looks bad for KPIs etc.

...and the fish rots from the head(fish don't normally do this BTW, just incase any fishmonger seize on the analogy).

Not so much the exact same thing, but until 'you/me' become 'we" throughout and everyone is aligned, no stagnant platforms/packages, know laws and standards and make sure you're ready - take it all seriously.

One of the poster children for this kind of thing would be Yahoo! during Marissa Mayer's tenure as CEO, still my go to poster child for an anatomy of organizational security disaster coming from leadership.

"Mistakes were made" and sadly probably will continue to be made ...

Caute_cautim · ‎02-23-2026

Hi @Early_Adopter

If this is the stance of an organisation in the Asia-Pacific part of the world, this is a big governance failure.

It is likely that the owners of such organisations will simply go into liquidation both financially and with the associated loss of brand, trust, reputation.

This is not a technical issue, nor is it a crypto-technical migration.

The message is simple: Start now, educate staff, executive team and prepare or because of the rapid emerging threats and other sectors around the world, who are actively migrating - they will be left behind.

There is no half way house on this matter, yes you can use hybrid algorithms but don't hide behind the words Quantum-Safe like some very large organisations who are currently "Quantum Washing" directly under the hood.

Some nations have gone down the hybrid approach, but others have stuck to the NIST standards - China has its own set of standards and has gone on its pathway.

If you cannot protect your organisations critical data, which must be protected for the next five years, you have a problem, and are likely to have privacy legislation hounding you or international compliance regulations which are stepping up.

Everyone is running out of time - adoption and migration is directive from the top of the organisation.

Failure will only ensue if, you commence from the bottom up.

Regards

Caute_Cautim

Early_Adopter · ‎03-08-2026

Unfortunately, I think it's just human nature.

Unless the checks and balances are in place there will be backsliding, it behooves us all to point it out gently, but firmly and help things improve. Failures, and their modes can start from the top down, or the bottom up and quite often in the middle.

I've seen some incredibly good organizations, and some that are striving to improve, but these problems are not really about cryptography, or quantum cryptanalysis or even a particular geographical region, they are ubiquitous.

To misappropriate a proverb:

"The price of peace (and quiet), is eternal vigilance..."

Calm and resolute counsel is a must:

"This is coming, that's the problem, here's what you can do, constant automated scanning to the latest and grates, vulnerability passement, pen testing, advisory at the start, attestation against standards, internal audit helped us to find, external audit had something we must correct, the regulator requires this be fixed(or will if it's not done)."

Caute_cautim · ‎03-11-2026

@Early_Adopter

We have far more problems coming - see my next message

Regards

Caute_Cautim