By: Robert Hann, Global VP of Technical Solutions & Centre of Excellence at Entrust
On World Quantum Day 2026, adversaries are already using ‘Harvest Now, Decrypt Later’ tactics, and if Google’s latest predictions are correct, Q-Day could arrive as early as 2029.
Migrating data and asset protection infrastructure to post-quantum cryptography (PQC) is a multi-year journey, spanning data in motion, data at rest, and data in use. Meaning universal migration should have already started.
A year on from NIST’s quantum-safe standards, we’re seeing organisations start to move from planning PQC to deployment. Large enterprises such as Mastercard are already advocating early adoption, particularly in the finance sector.
In Singapore, the Cyber Security Agency (CSA) has already begun laying the groundwork for quantum-safe migration, launching a Quantum-Safe Handbook and Quantum Readiness Index in 2025.
Yet, many organisations continue to underestimate the threat. Research from the 2026 Global State of Post-Quantum and Cryptographic Security Trends report shows that only 33% of organisations in Singapore and 38% globally are currently transitioning to PQC.
In 2026, leaders need to take decisive action to protect how identities are issued, verified, and trusted in a post-quantum world.
