GOVERNMENTQUANTUM RISK
Federal mandates require agencies to inventory cryptographic systems and begin PQC migration. PTG helps government agencies and contractors meet NSM-10 and OMB M-23-02 requirements.
Federal Quantum Migration Mandates
NSM-10 (May 2022)
National Security Memorandum directing agencies to inventory cryptographic systems and prepare for post-quantum migration.
OMB M-23-02 (November 2022)
Requires agencies to submit cryptographic system inventories and prioritize migration of vulnerable systems.
NSA CNSA 2.0 (September 2022)
Defines specific post-quantum algorithms and timelines for national security systems.
CISA Quantum Guidance
CISA guidance for critical infrastructure organizations on preparing for quantum threats.
State and Local Challenges
Budget Constraints
Limited budgets make it critical to prioritize which systems to migrate first based on risk and data sensitivity.
Legacy Systems
Government agencies rely heavily on legacy systems that may require hardware upgrades to support PQC algorithms.
Vendor Dependency
Many government IT systems are vendor-managed, requiring coordination with third parties for cryptographic updates.
StateRAMP and Compliance
State-level security frameworks will need to incorporate quantum readiness as federal requirements cascade down.
Frequently Asked Questions
Is OMB M-23-02 compliance mandatory?
Yes, for federal agencies. OMB M-23-02 requires agencies to inventory their cryptographic systems and submit migration plans. Government contractors should prepare as these requirements flow down to contract requirements.
Do state and local governments need to worry about quantum threats?
Yes. State and local governments handle sensitive citizen data with long retention periods. Federal requirements often cascade to state levels through grant conditions and shared infrastructure.
Related Services
Assess Your Quantum Risk
Start with a quantum readiness assessment to understand your exposure and build a migration roadmap.