Quantum computing is on the horizon, and it’s set to upend the cryptographic systems that protect our data, communications, and infrastructure. The time to start preparing is now. In this six-part blog series on post-quantum cryptography (PQC), cryptography thought leaders from across F5 will explain what’s at risk, what opportunities lie ahead, and what steps your organization can take today to stay secure in a post-quantum world. The future is closer than you think. Let’s get ready together.
As we’ve covered in the first blog posts in this series, quantum computing capable of breaking today's standard encryption—so-called "Q-Day"—remains a question of when, not if. The timeline is uncertain, but the implications are immediate, especially due to "harvest now, decrypt later" risks: Adversaries can collect encrypted data today and decrypt it once quantum technologies are viable.
Many organizations must protect sensitive data well beyond conventional risk-planning windows. While new post-quantum cryptographic standards have been ratified and some application delivery controllers (ADCs) and content delivery networks (CDNs) now offer hybrid protections, the challenge is urgent: Accumulated technical debt across legacy systems will soon demand attention, and pressure from regulators and stakeholders is rising.
This CISO’s take—it’s time to get started, and don’t sleep on the governance, risk, and compliance (GRC) aspects of this. Expect audits, increased scrutiny, and a new ecosystem validating quantum readiness beginning as early as 2026. Security and GRC teams already face overwhelming complexity in evaluating vendors, especially for legacy or non-upgradable devices. Having a clear message, status, and reporting will serve your organization well over the next several years.
Despite a tendency to view quantum risks as tomorrow’s concern, the official ratification of PQC standards marks a new era. Gartner predicts that widely used asymmetric cryptographic methods could be compromised by as early as 2029 and entirely broken by 2034.*
We’re closer to 2029 than 2020, y’all—that is not a lot of time for a multi-year project, especially one that hasn’t been scoped, prioritized, budgeted, or committed to yet. And as we’ll see, the scope for legacy technology and unupgradable devices will be larger than many realize.
For CISOs, CTOs, and CIOs, failing to proactively prepare for PQC is becoming a critical business resilience risk, and even worse, one that we’ve seen coming for over a decade. Delaying action may expose organizations to foreseeable breaches, regulatory violations, like the General Data Protection Regulation (GDPR), and reputational damage.
It’s not time to panic, but it is time to move with urgency and coordinated planning across organizations and supply chains. As you’re planning for 2026, strategic investments and concrete action plans for PQC will be prerequisites for responsible security leadership in the AI and quantum era.
The U.S. National Institute of Standards and Technology (NIST) has delivered a clear path forward, finalizing PQC algorithms such as ML-KEM (FIPS 203) for key exchange, ML-DSA (FIPS 204) for digital signatures, and SLH-DSA (FIPS 205) for fallback signatures. These tested standards provide a stable technical foundation—moving PQC from theoretical to actionable. NIST’s guidance is also clear—the standards are ratified, and now is the time to implement the first batch.
And since the computers we’re defending against have not (to our knowledge) been built yet, this is the FIRST migration to new encryption. The target is not a one-time upgrade but is to instill “crypto-agility” as a core capability of your IT shop and supply chain, as we’re going to need to do this again as new quantum threats emerge. And again. And again.
This first implementation of PQC standards will be largely a software upgrade. But achieving crypto-agility—the ability to rapidly update cryptography as standards evolve—requires deep changes in asset management, governance, and IT operations. GRC teams must prepare for a broad scope involving inventory, version management, compatibility testing, and risk registries.
Poorly managed transitions increase the risk of outages, operational disruptions, and compliance failings, especially in hybrid, multicloud and legacy environments.
However, the quantum shift can serve as a catalyst, driving long-delayed digital transformation and mainframe retirement—if you can find the right talent and legacy documentation.
Companies that have outsourced critical IT functions, particularly for legacy systems, need to get started documenting and really understanding how these old systems work. Many projects will have big cost and schedule overruns due to underestimating the work.
The iron triangle of project management will be relevant here, as you may encounter multiple business cases and remediation lanes, especially in complex enterprises who have grown via acquisition.
PQC directly impacts applications, not just infrastructure. Adopting quantum-safe cryptography means more than changing a library—it can require substantial code revisions within deeply integrated cryptographic components. Given the multi-year effort, CISOs and GRC leaders should expect pushback, complaints about not enough resources, expensive consulting fees where they need specialized skillsets, internal resistance, and shifting business cases, often compounded by sparse documentation on legacy systems.
Early action mitigates future crises and allows for more deliberate, less disruptive change. Most companies don’t know what they don’t know yet, and stakeholder management on this topic is going to be critical to success and execution.
PQC algorithms often entail larger keys and greater computational needs, potentially impacting app latency and throughput, especially for time-sensitive workloads.
Modernizing to support PQC frequently exposes hidden technical debt, leading to budget overruns—but ultimately delivering future resilience and performance benefits.
It is essential to manage expectations that not all systems can be upgraded, and this is not a one-time "set and forget" event. Stakeholder communications must reinforce that ongoing discovery and adaptation is the new norm, and that this transition expects to surface new challenges over time.
PQC will reshape network devices, servers, and cloud services—especially those managing TLS termination and encryption. While many browsers and servers will adapt, numerous older systems will require upgrades or replacement due to increased bandwidth and processing needs.
A strategic insight for security planning is the distinction between PQC's impact on key exchange mechanisms (KEMs) versus digital signatures in protocols like TLS. The most urgent priority is deploying PQC KEMs (e.g., ML-KEM) to counter "harvest now, decrypt later" threats, as these protect long-lived data now being collected by adversaries.
Digital signature rollout can follow a more measured, risk-based timeline, since forgery is possible only during active sessions.
HSMs are critical to managing cryptographic keys but face challenges in a PQC world. The larger keys and increased processing demands of quantum-safe algorithms can exceed the capabilities of existing, resource-constrained hardware. Techniques like seed-based key generation can help with storage but introduce new computational overheads. Upgrading to PQC-ready HSMs often adds cost, complexity, and time, but is necessary for ongoing cryptographic integrity.
Perhaps the most daunting PQC challenge is its reach into operational technology (OT), IoT, and other embedded systems not designed for cryptographic agility. These devices often lack the necessary memory, storage, or computational power to handle the larger PQC key sizes and increased processing requirements. This situation calls for cross-functional collaboration spanning cybersecurity, infrastructure, and data management, all under increasingly compressed delivery schedules. These devices may require network segmentation to buy time until replacement or upgrade is feasible.
F5, with its deep experience in application delivery and security, is uniquely positioned to help organizations through this transition. The F5 Application Delivery and Security Platform (ADSP) already delivers seamless integration of PQC readiness solutions, simplifying both application delivery and security across hybrid, multicloud, and legacy environments.
As leading industry analyst firm EMA recently noted its Vendor Vision 2025: Black Hat Edition: “The F5 Application Delivery and Security Platform (ADSP) is not merely a tool for securing apps; it is a forward-thinking solution designed to protect critical assets against emerging threats, including the looming challenge of quantum computing ... F5’s early and decisive integration of post-quantum cryptography (PQC) readiness sets it apart from competitors still in the experimental phase.”
F5’s unified visibility, management, and threat assessment tools make coordinating a quantum-safe transition more practical and less of a drag on business agility. As a proxy company, we can be thought of as “your man in the middle” that helps organizations centralize and automate cryptographic transitions at the network edge and application front door while supplying telemetry and AI-driven insights for ongoing threat management. This approach directly addresses the challenge of "changing engines on an airplane in mid-flight" by decoupling PQC migration from core application development cycles, significantly reducing immediate operational burden and risk of outages.
The PQC journey is a multi-year transformation. Security leaders must clarify the challenge, shape expectations, and plan for shifting timelines as new threats or legacy complications emerge. Proactive preparations can leverage the mandate and necessity of PQC into a strategic opportunity to finally tackle long-standing tech debt, because we are going to have to do this again. Take the opportunity to get end-to-end visibility, modernize operations, and demonstrate visible leadership in digital resilience.
Organizations that succeed will be those that treat and communicate PQC as an enterprise-wide, ongoing evolution—not a one-off upgrade. Take a holistic approach, cascade messaging throughout your organization and supply chain, and invest in the groundwork now. This is the chance to strengthen your organization for a more secure, agile, and resilient future. Your leadership in this era will define your organization’s continuity, compliance, and reputation in the years to come, and F5 is here to help every step of the way.
To learn more, please sign up for our upcoming webinar, “Future-Proofing Cybersecurity: Navigating PQC.”
Also, be sure to check out our previous blog posts in the series:
Weighing in on the Post-Quantum Cryptography Hype
Setting the Stage: Why Does PQC Matter?
Understanding PQC Standards and Timelines
* Gartner, “Begin Transitioning to Post-Quantum Cryptography Now,” by Mark Horvath, Sept. 30, 2024