CISA Releases Product Categories List to Propel Post-Quantum Cryptography Adoption Pursuant to President Trump’s Executive Order 14306

PRESS RELEASE CISA Releases Product Categories List to Propel Post-Quantum Cryptography Adoption Pursuant to President Trump’s Executive Order 14306 New Resource Empowers Organizations to Future-Proof Cybersecurity with PQC-Ready Technologies ReleasedJanuary 23, 2026 RELATED TOPICS: CRITICAL INFRASTRUCTURE SECURITY AND RESILIENCE, RISK MANAGEMENT WASHINGTON - Today, the Cybersecurity and Infrastructure Security Agency (CISA), a component of the Department of Homeland Security (DHS), unveiled an initial list of Product Categories for Technologies That Use Post-Quantum Cryptography Standards. This resource identifies hardware and software categories that currently support or are expected to support-post quantum cryptography (PQC) standards. This list assists organizations in shaping their PQC migration strategies and evaluating future technological investments in an evolving cybersecurity landscape. On June 6, 2025, President Trump issued Executive Order 14306 that directed DHS, acting through CISA, to publish a list of product categories of widely available products that support post-quantum cryptography (PQC). In alignment with the Executive Order, CISA developed this list, complete with example product types, in close collaboration with National Security Agency (NSA). The list will be regularly updated to reflect the evolving PQC technology landscape and support national cybersecurity resilience. “The advent of quantum computing poses a real and urgent threat to the confidentiality, integrity, and accessibility of sensitive data — especially systems that rely on public-key cryptography,” said Madhu Gottumukkala, Acting Director of CISA. “To stay ahead of these emerging risks, organizations must prioritize the procurement of PQC-capable technologies. This product categories list will support organizations making that critical transition. CISA is proud to deliver this resource in support of President Trump’s Executive Order, helping organizations confront complex technical challenges and strengthen secure technology practices for the quantum era.” The product categories outlined in CISA’s list focus on technologies that are either widely available or transitioning to use PQC standards. These technologies include cloud services, web software, networking hardware and software, as well as endpoint security. Each category encompasses products that apply PQC standards for foundational cryptographic functions - key establishment and digital signatures. Key establishment enables secure encrypted communication between parties, while digital signatures assure the authenticity of participants and the integrity of data, products, and services. Together, these functions form the backbone of secure digital infrastructure, and the list serves as a resource for organizations preparing to navigate the quantum future. For more information, visit Post-Quantum Cryptography Initiative webpage. ### About CISA  As the nation’s cyber defense agency and national coordinator for critical infrastructure security, the Cybersecurity and Infrastructure Security Agency leads the national effort to understand, manage, and reduce risk to the digital and physical infrastructure Americans rely on every hour of every day. Visit CISA.gov for more information and follow us on X, Facebook, LinkedIn, Instagram.  Related Articles APR 22, 2024 PRESS RELEASE CISA Releases Physical Security Checklist to Help Election Officials Secure Polling Locations JAN 17, 2024 PRESS RELEASE CISA Releases 2023 Year in Review Showcasing Efforts to Protect Critical Infrastructure APR 01, 2022 PRESS RELEASE CISA and Partners Promote Call to Action During National Supply Chain Integrity Month MAR 22, 2022 PRESS RELEASE Readout of CISA Call with Critical Infrastructure Partners on Potential Russian Cyberattacks Against the United States