Articles – PostQuantum – Marin Ivezic

Quantum risk sits awkwardly in most enterprise risk frameworks — too long-horizon for the security team, too technical for the risk committee, too uncertain for the actuaries. This article gives GRC teams the KRIs, governance structures, and regulatory monitoring processes to manage it anyway ...

Your SOC already monitors for TLS downgrades and data exfiltration. Quantum security extends those capabilities with new detection rules, threat intelligence requirements, and incident response playbooks that most teams have not yet built ...

The Applied Quantum PQC Migration Framework is the first published methodology covering the complete PQC migration lifecycle at operational depth. It is free under CC BY 4.0. Some consulting firms have stripped the attribution and presented it as proprietary work. The framework is free. Attribution is not optional ...

The PQC migration conversation shifted from "how do we prepare?" to "how do we deploy?" between March and June 2026. Google set a 2029 completion target, Let's Encrypt committed to Merkle Tree Certificates for post-quantum Web PKI, and the FIPS 140-3 validation gap became a hard deployment constraint. This companion to the March 2026 definitive ...

Four years after Bill C-26 was introduced, its successor Bill C-8 has finally passed the Senate. Quantum got one question in the debate. The enforcement layer that makes Canada's PQC framework work remains years away from addressing quantum risk ...

The largest cryptographic transition in history is replacing battle-tested code with brand-new implementations under deadline pressure. Hybrid ECC+PQ deployment is the engineering-prudent response, and the ML-DSA bug evidence now quantifies the cost of skipping it ...

A quantum computer naturally commands an exponentially large space, and machine learning is the art of taming such spaces. So why hasn't quantum AI delivered, and when will it? An evidence-first look at promise, hype, and timeline ...

Everyone is selling quantum randomness. Most buyers can't tell the difference between genuine quantum entropy and a rebranded noise source with a quantum sticker on the box. This guide fixes that ...

Governments spent 2025 publishing PQC roadmaps. In 2026, they started giving those roadmaps teeth. A draft US executive order, the EU's first binding PQC law, and vendor deadlines from Google and AWS are collapsing the compliance horizon from 2035 to 2028–2030 ...

Recruitment agencies are flooding the market with "benchmarked" quantum salary data. I reverse-engineered the numbers in five different guides. Every single one was built from a formula, not from actual placement data ...

Fifteen countries have now set PQC migration timelines. They all agree the migration must happen. They disagree on when, how, and with which algorithms. This capstone maps the convergence, the conflicts, and the compliance reality for organizations operating across borders ...

Fifteen years and over a hundred papers later, the verdict on quantum radar is in. The maximum range is limited to tens of meters by physics, not engineering. My earlier coverage was too generous ...

Every article about quantum threats includes the throwaway line: criminals won't need their own quantum computer, they'll just rent one. The actual evidence says otherwise ...

PQC migration is the most complex cryptographic transformation in enterprise history. Getting the governance model right determines whether it succeeds or stalls. Here's how to structure it ...

NIST just narrowed 14 post-quantum signature candidates to nine. The survivors span four distinct mathematical families, from isogeny-based compact signatures to multivariate schemes under active cryptanalytic fire. Here's what each candidate is, why NIST kept it, and what this means for your PQC migration planning ...

The definitive vendor-neutral reference to NSA's Commercial National Security Algorithm Suite 2.0 — the most operationally specific post-quantum cryptography mandate in the world. This guide breaks down every component of CNSA 2.0 in one place: the complete algorithm suite with NIST standard names and FIPS references (ML-KEM-1024, ML-DSA-87, AES-256, SHA-384/512, LMS, XMSS), why NSA mandates ...

Google Quantum AI estimates that breaking the 256-bit elliptic curve cryptography protecting Bitcoin and Ethereum would require fewer than 500,000 physical qubits and roughly nine minutes of runtime on a superconducting architecture. The same day that paper landed, a separate team published estimates showing the same computation could be performed with as few as 10,000 ...

Recent research proves one post-quantum layer can protect all payload confidentiality. But which layer should you migrate first? Six enterprise architecture scenarios analyzed ...

Most quantum computing coverage fixates on breaking encryption. The real near-term story is utility — chemistry, materials, energy, drug design. This article maps every major fault-tolerant quantum algorithm to its logical qubit requirements, T-gate costs, and the real-world problem it solves, from photosensitizer calculations at 350 qubits to bulk solid-state physics at 100,000. The ladder ...

After months of research and hundreds of papers, the picture is clear: quantum computing will deliver genuine competitive advantages for pharma, chemicals, batteries, advanced materials, and condensed-matter physics. For finance, logistics, and machine learning, the evidence is structurally weak. This capstone article synthesizes the full Quantum Utility Map series into a single strategic thesis ...

By 2033, fault-tolerant quantum computers with 2,000 logical qubits will create genuine competitive separation in pharma, chemicals, battery technology, and advanced materials. Finance, logistics, and machine learning face a structural barrier that no hardware improvement can fix. This strategic briefing maps the evidence and explains what to do about it ...

Sixteen terms. Two tracks. One field guide. The quantum technology market has the exact conditions that produce fraud in every emerging sector: high buzz, big money, low buyer literacy, and complex underlying science that most decision-makers cannot independently evaluate. This dictionary maps the terminology that CISOs, investors, and procurement officers encounter in vendor pitches: the ...

At Bitcoin 2026, the same main stage hosted engineers building quantum-resistant upgrades and a trio claiming quantum computers can never work because Bitcoin proves time is discrete. The dysfunction that produced this scene plays out in every enterprise boardroom facing PQC migration ...

Every PQC migration guide tells you to "be crypto-agile." After leading migrations at Fortune Global 500 scale, I can tell you where that advice fails: HSMs that can't upgrade, protocols with hard-coded algorithms, and embedded devices that will outlive the cryptography they verify ...