CyberIntel ⬡ News
★ Saved ◆ Cyber Reads
← Back ◇ Industry News & Leadership Jun 23, 2026

Trump Signs Executive Order Accelerating Post-Quantum Cryptography Migration

Security Week Archived Jun 23, 2026 ✓ Full text saved

Federal agencies are required to transition high-value assets and high-impact systems to use PQC by the end of 2030 and 2031. The post Trump Signs Executive Order Accelerating Post-Quantum Cryptography Migration appeared first on SecurityWeek .

Full text archived locally
✦ AI Summary · Claude Sonnet


    President Donald Trump on Monday signed an executive order to strengthen data protection in preparation for the arrival of practical quantum computing.  Executive Order 14409 highlights the threat posed by ‘harvest now, decrypt later’, in which threat actors exfiltrate encrypted data now, intending to crack the encryption later using quantum computers. The private sector has been taking major steps toward post-quantum cryptography (PQC), including companies such as Google, Dell, and HP. And now the US government is also attempting to establish a clear roadmap and accelerate PQC migration.  The new EO tasks OMB, NIST, NSA, DHS, and CISA with working together to develop and oversee the implementation of comprehensive technical guidance to help federal agencies adopt PQC. Agencies will have to inventory their high-value assets and high-impact systems and transition them to PQC for key establishment by December 31, 2030, and for digital signatures by December 31, 2031.  The order instructs agencies to designate a PQC migration lead, and the Department of Commerce will run a pilot project until the end of 2027.  “The pilot program will showcase a successful migration by 2027, setting a clear example for agencies to fortify their cyber defenses as quantum technology advances,” the White House said in a fact sheet accompanying Executive Order 14409. The State Department has been tasked with encouraging and assisting critical infrastructure operators and foreign governments in their PQC transition, while the Pentagon, NASA, and the General Services Administration have been directed to find cost-saving opportunities.  Federal contractors will also be required to comply with NIST standards regarding the use of PQC-compliant algorithms by the end of 2030.  “This executive order sends an unambiguous signal to every organization doing business with the federal government: the clock is ticking and maybe running out for some,” commented Garfield Jones, EVP Strategy and Research at QuSecure. “The 2030 deadline for key establishment is a tangible compliance deadline, and the gap between where most organizations are today and where they need to be is significant,” Jones added. “Agencies and contractors that haven’t started a cryptographic inventory are already behind. The organizations that move now will have options. The ones that wait will find themselves managing a crisis.” This comes shortly after President Trump signed an executive order establishing a voluntary framework for federal vetting of frontier AI models before their public release. Related: Google Slashes Quantum Resource Requirements for Breaking Cryptocurrency Encryption Related: Quantum Bridge Raises $8 Million for Quantum-Safe Key Distribution Solution Related: Quantum Decryption of RSA Is Much Closer Than Expected WRITTEN BY Eduard Kovacs Eduard Kovacs (@EduardKovacs) is senior managing editor at SecurityWeek. He worked as a high school IT teacher before starting a career in journalism in 2011. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering. More from Eduard Kovacs New Exploit Bypasses Apple’s Boot Defenses, Affects Millions of iPhones Texas Parks & Wildlife Data Breach Affects 3 Million Individuals Cisco to Acquire WideField Security to Boost Splunk’s Agentic SOC Splunk Enterprise Vulnerability Exploited in Attacks Days After Disclosure Accenture to Acquire Majority Stake in Dragos, All of runZero, NetRise in $4.1 Billion OT Cybersecurity Push Rokarolla Banking Trojan Targets 200 Applications SailPoint to Acquire Entro in Reported $200 Million Deal Kodak Admits Data Breach After ShinyHunters Hack Claims Latest News Algerian Man Extradited to US for Running Cybercrime Marketplaces FFmpeg PixelSmash Flaw Allows RCE on Video Players, Media Servers, NAS Appliances OpenAI Refocuses Cybersecurity Efforts on Patching Over Discovery Russian Initial Access Broker Behind FortiBleed Campaign Canadian Electricity Provider London Hydro Discloses Data Breach Xsolis Data Breach Affects 1.4 Million Individuals Decades-Old Squid Proxy Flaw ‘Squidbleed’ Can Expose User Data Attackers Exploit Gravity SMTP Plugin Flaw to Harvest Valuable WordPress Data Trending Webinar: How Modern Breaches Bypass MFA And Evade Detection June 17, 2026 Today’s attackers are no longer breaking in — they’re logging in. Join this live webinar as we break down the modern identity attack chain and examine how recent breaches exploited weaknesses in authentication, identity verification, and access management processes. Register Webinar: Modern Exposure Validation In The AI Era June 24, 2026 AI has accelerated both sides of the fight. Adversaries are weaponizing vulnerabilities faster, while defenders are racing to ship detections and configurations. Join this live webinar as we explore how to prove your controls actually hold against new threats, map your security maturity, and unite breach simulation with automated pentesting into a single, coordinated program. Register People on the Move SolarWinds has appointed Justin Henkel as Chief Information Security Officer. J. Paul Haynes has joined Cinchy as Chief Executive Officer. Hatem Naguib has become Chief Executive Officer at Sysdig. More People On The Move Expert Insights What The Latest ShinyHunters Breaches Reveal About Modern Cyberattacks Groups like ShinyHunters are demonstrating that attackers do not necessarily need malware or zero-day exploits to cause massive damage. (Torsten George) No Exploits Required Four decades of incident response experience suggest that exploits are often the symptom, not the root cause, of today’s cybersecurity failures. (Tod Beardsley) After AI Reaches Production: 12 Ways Security Teams Can Take Control Security teams need more than visibility into AI applications, they need a repeatable framework for monitoring, investigating, and defending them in production. (Joshua Goldfarb) Everybody Is Vibe Coding But Nobody Told The Security Team AI-driven development is not something organizations can or should block. But it must be governed. (Danelle Au) The Zero-Knowledge Threat Actor And The End Of Responsible Disclosure AI can help attackers generate malware, create malicious payloads, bypass simple security checks, and convert vague malicious intent into functional code. (Etay Maor) Flipboard Reddit Whatsapp Email
    💬 Team Notes
    Article Info
    Source
    Security Week
    Category
    ◇ Industry News & Leadership
    Published
    Jun 23, 2026
    Archived
    Jun 23, 2026
    Full Text
    ✓ Saved locally
    Open Original ↗