Quantum computing promises significant breakthroughs in medicine, material sciences, and beyond. As technology advances, our approach to cybersecurity must also evolve. The emergence of quantum technology introduces new opportunities but also new risks—especially to the security of information. To protect sensitive data and maintain public trust in the digital systems that support our economies and societies, governments must facilitate a cryptographic transition before quantum computers become widely available.
Today, Microsoft announced its Quantum Safe Program Strategy—a significant step in preparing for the quantum computing era with a security-first mindset. Microsoft’s strategy outlines how we aim to enable early adoption of quantum-safe capabilities in our products and services by 2029 and fully transition by 2033—two years ahead of most governments’ transition completion timelines.
For decades, encryption algorithms have protected everything from personal passwords and private communications to the critical infrastructure that supports the global financial system. However, a sufficiently powerful quantum computer could one day render some encryption methods obsolete, threatening the confidentiality and integrity of data that underpins our digital lives.
Industry and governments must act now to transition the world’s digital infrastructure to be quantum safe.
Although experts predict that such quantum capabilities may not emerge until the 2030s, the need to transition to quantum-safe cryptography is immediate and cannot be delayed. This transition is complex as well as time- and resource-intensive, and organizations that do not act now could soon find their most sensitive information vulnerable.
Meanwhile, a serious threat is already emerging: malicious actors may harvest encrypted data today, with the intent to decrypt it in the future using quantum computers—a tactic known as “harvest now, decrypt later.” This underscores the need to act now and safeguard sensitive information before quantum threats become reality.
Partnerships are crucial to enabling a quantum-safe future.
Transitioning the digital ecosystem requires collaboration on a global scale. Microsoft contributes to multiple initiatives to facilitate the quantum-safe transition. These include the NIST Post-Quantum Cryptography Project, the National Cybersecurity Center of Excellence Migration to Post-Quantum Cryptography, the Internet Engineering Task Force (IETF), the Open Quantum Safe (OQS) project, and MITRE’s Post-Quantum Cryptography Coalition.
Through these efforts, we are helping develop quantum-safe algorithms, supporting their adoption in standards like TLS and X.509, and advocating for accelerated adoption across commercial and open-source technologies. We recently released PQC capabilities early to some Windows and Linux users. enabling customers to test these capabilities and identify potential challenges.
Private industry cannot solve the challenges alone. Governments play a critical role in enabling a quantum-safe future through strong collaboration with industry and effective policies. To accelerate readiness, we recommend governments take the following actions:
- Establish quantum safety as a national cybersecurity priority: Position quantum-safe cryptography as a strategic imperative and embed it into national cybersecurity frameworks.
- Align quantum-safe strategies across jurisdictions: Harmonize public policies, standards, and transition timelines. The G7 should lead by expanding its financial sector post-quantum cryptography workstream to align G7 members’ broader quantum-safe strategies.
- Adopt international standards: Support global standards development and avoid fragmented, region-specific approaches that hinder interoperability, innovation, and security.
- Set early and progressive timelines: Drive action well before 2030. For instance, the U.S. CNSS Policy 15 mandates quantum-safe algorithms in all new products and services for national security systems by January 2027.
- Lead by example with transparent transition plans: Publish and regularly update government transition roadmaps—including timelines, milestones, and budgets—to foster knowledge sharing and best practices.
- Raise awareness and build workforce capacity: Educate the public and critical infrastructure sectors on quantum risks and readiness. Invest in skilling programs to equip the workforce for a quantum-safe transition.
The quantum-safe transition requires close collaboration between industry and governments to succeed. We have published our transition strategy to guide policymakers and customers on our plans and encourage others to act. We welcome the opportunity to partner with policymakers worldwide to facilitate the transition of the broader digital ecosystem.