This Week in Quantum
A weekly briefing on post-quantum cryptography, quantum risk, and what it means for financial infrastructure
PAST ISSUES OF MY WEEKLY BRIEFING
ISSUE 003
This Week in Quantum
WEEK ENDING MAY 29, 2026
This week felt different. Not because of a breakthrough quantum computer. Not because of a new algorithm.
Because the people responsible for keeping the world's financial systems running started speaking more openly about quantum risk.
The conversation continues to move away from theory and toward infrastructure.
The Headline
Finance Is No Longer Waiting
The biggest development this week came from the Reserve Bank of India, which established a dedicated committee to examine quantum technology's impact on financial services and to build a "quantum-secure and adaptable" banking ecosystem.That language matters.
Not secure.
Secure and adaptable.
Adaptability is rapidly becoming the defining principle of quantum readiness.
At the same time, Moody's warned that quantum-enabled cryptographic attacks could eventually become a systemic risk to the global financial sector if migration efforts lag behind infrastructure exposure.
For years the discussion centered on quantum computers.
Today the discussion centers on trust.
The Trend Everyone Is Talking About
Cryptographic Agility
If there was a phrase that dominated this week, it was: Cryptographic Agility.
It sounds technical.It isn't.
At its core, it means: Can your organization change its cryptography without breaking everything else?
Banks, insurers, governments, and critical infrastructure operators are increasingly realizing that the real challenge is not selecting a new algorithm.
The challenge is updating millions of interconnected systems while business continues as usual.
The future may arrive through inventories, certificates, and spreadsheets long before it arrives through quantum hardware.
Worth Reading This Week - May 29, 2026
Financial Infrastructure
G7 Cyber Expert Group: Advancing a Coordinated Roadmap for the Transition to Post-Quantum Cryptography in the Financial Sector
The most important financial-sector document published this year.
The G7 frames post-quantum migration as a resilience and operational risk issue rather than a cryptographic exercise.
Why read it:
Because it provides a common language for boards, regulators, and financial institutions discussing quantum risk.
Regulation
UK National Cyber Security Centre (NCSC): Next Steps in Preparing for Post-Quantum Cryptography
The most important financial-sector document published this year.
https://www.ncsc.gov.uk/whitepaper/next-steps-preparing-for-post-quantum-cryptography
Why read it:
It focuses on discovery, inventory, and planning rather than speculation.
Key Takeaway:
You cannot migrate what you have not identified.
Europe
European Commission: Coordinated Implementation Roadmap for the Transition to Post-Quantum Cryptography
The clearest view yet into how European regulators are approaching the transition.
Why read it:
Critical infrastructure operators should assume increasing regulatory attention over the next several years.
Financial Services
EY: Is the Financial Sector Ready for the Transition Towards Post-Quantum Cryptography?
A useful industry perspective on readiness, governance, and migration planning.
Why read it:
It reflects the conversations currently happening inside major financial institutions.
Strategic Reading
World Economic Forum: Quantum-Safe Migration — An Opportunity to Modernize Cryptography
https://www.weforum.org/stories/2026/01/quantum-safe-migration-cryptography-cybersecurity/
One of the better strategic pieces published this year. It frames cryptographic inventory, cryptographic agility, and defense-in-depth as business resilience issues rather than purely technical concerns.
Why read it:
Because quantum migration is increasingly becoming a governance and operational challenge, not simply a technology challenge.
Supply Chain & Infrastructure
World Economic Forum: Coordination Gap Slowing the Shift to Quantum-Safe Security
https://www.weforum.org/stories/2026/05/coordination-gap-shift-quantum-safe-security/
One of the most interesting reads this week.
Why read it:
Because it highlights the reality that post-quantum migration depends on coordinated movement across semiconductor manufacturers, cloud providers, software vendors, infrastructure operators, and regulators.
Research Worth Your Time
Hybrid TLS in Real Banking Environments
Several recent studies continue showing that hybrid ML-KEM deployments can be implemented with manageable performance overhead.The interesting finding:The bottleneck is no longer mathematics.The bottleneck is visibility.Many organizations still do not know where all of their cryptography lives.
Blockchain and Infrastructure Costs
A new paper titled The Cost of Quantum Resistance explores the infrastructure burden of post-quantum signatures inside blockchain systems and proposes alternative approaches designed to reduce bandwidth and storage overhead.The takeaway: Quantum migration is not only a cryptography problem.
It is an infrastructure economics problem.
AI + Quantum Security
Researchers also published MAGIQ, a post-quantum governance framework for agentic AI systems using quantum-resistant cryptography and policy enforcement mechanisms.
Worth watching because AI governance and quantum security are beginning to converge much faster than many organizations expected.
Quote of the Week
"The challenge is no longer whether post-quantum cryptography works.The challenge is whether organizations can find, understand, and replace their existing cryptography before they are forced to."
That, more than any hardware announcement, feels like the story of 2026.
This Week in Quantum Security is a weekly briefing by Joel Van Dyk covering developments in post-quantum cryptography, financial infrastructure, cyber resilience, and the transition to quantum-safe security.
ISSUE 002
WEEK ENDING MAY 22, 2026
This week, the quantum security conversation moved from readiness into industrial strategy.
One of the clearest shifts this week is that the conversation around post-quantum cryptography is becoming operational rather than theoretical.
The biggest development came from Reuters reporting that the U.S. is preparing to invest $2 billion across quantum computing firms, including IBM, D-Wave, Rigetti, Infleqtion, Diraq, and others. France is also set to announce €1.5 billion for quantum computing and advanced microchips, with €1 billion directed toward quantum strategy. Quantum is now clearly being treated as sovereign infrastructure, not simply frontier research.
That matters for security because the faster governments fund quantum capability, the more urgent the post-quantum migration becomes.
The cryptography side is also hardening. NIST’s finalized standards — ML-KEM for key encapsulation, ML-DSA for digital signatures, and SLH-DSA as an additional signature option — remain the technical baseline for most deployments. NIST says these standards can and should be put into use now.
The operational message is equally clear from the UK’s NCSC: organizations should define migration goals and complete discovery by 2028, carry out priority migration by 2031, and complete PQC migration by 2035.
The financial sector remains the most important early proving ground. The G7 Cyber Expert Group roadmap, chaired by the U.S. Treasury and the Bank of England, continues to frame PQC transition as a coordinated financial-sector challenge, not something individual banks can solve alone.
The phrase of the week remains cryptographic agility.
Not just better encryption.
Adaptable infrastructure.
FS-ISAC is already framing PQC as a shift in the cyber paradigm toward crypto-agility, and CISA’s 2026 product category guidance is beginning to move PQC from policy into procurement.
Crypto also moved sharply into the spotlight. The Financial Times reported that firms including Ripple, Circle, Tron, and Ethereum-linked groups are accelerating work on quantum-resistant infrastructure. Bitcoin remains the harder case because decentralized governance makes coordinated migration more difficult.
The larger takeaway: quantum security is no longer waiting for “Q-Day.”
The transition has already begun in standards bodies, government budgets, banking roadmaps, cloud products, procurement lists, and crypto infrastructure.
Worth Reading This Week
This WeekReuters — U.S. Expands Quantum Investment Strategy
Coverage of the reported $2 billion U.S. investment initiative into quantum computing companies and infrastructure, signaling growing national focus on quantum capability and strategic competitiveness. https://www.reuters.com/business/us-award-2-billion-quantum-computing-firms-take-equity-stakes-wsj-reports-2026-05-21/
Reuters — France Expands Quantum & Advanced Chip Investment
Reporting on France’s €1.5 billion investment initiative supporting quantum computing and advanced semiconductor development. https://www.reuters.com/technology/french-quantum-firm-alice-bob-wins-new-investment-nvidia-venture-arm-2026-05-22/
NIST — Post-Quantum Cryptography Standardization
Official NIST resources and finalized standards including ML-KEM, ML-DSA, and SLH-DSA. https://csrc.nist.gov/projects/post-quantum-cryptography
UK National Cyber Security Centre (NCSC) — PQC Migration Timelines
Guidance outlining phased migration expectations toward post-quantum cryptography adoption through 2035. https://www.ncsc.gov.uk/guidance/pqc-migration-timelines
G7 Cyber Expert Group — Financial Sector PQC Roadmap
Roadmap for coordinated post-quantum transition planning across financial infrastructure, supported by the U.S. Treasury and Bank of England. https://www.gov.uk/government/publications/advancing-a-coordinated-roadmap-for-the-transition-to-post-quantum-cryptography-in-the-financial-sector
Cloudflare — Post-Quantum Roadmap
Cloudflare’s public roadmap toward broad post-quantum deployment and migration targets.
https://blog.cloudflare.com/post-quantum-roadmap/
Financial Times — Crypto Industry Preparing for Quantum Risk
Coverage examining how cryptocurrency and blockchain organizations are beginning to address long-term quantum security exposure.
https://www.ft.com/content/99c1c1e7-1a1c-479c-9fc8-e21aea5c3f0e
this week's takeaway
The winners will be the organizations that can answer three questions clearly:
Where is our vulnerable cryptography?
Who owns the migration?
How fast can we adapt without breaking trust?
This week felt like a turning point.
Less theory.
More machinery.
And underneath it all, the quiet realization that modern trust is being rebuilt before most people even know it is under renovation.
ISSUE 001
WEEK ENDING MAY 15, 2026
The Transition Is Now an Infrastructure Programme
One of the clearest shifts this week is that the conversation around post-quantum cryptography is becoming operational rather than theoretical.
For several years, most discussions around quantum computing and cryptographic risk focused on future capability: when a sufficiently powerful quantum computer might emerge, whether timelines were realistic, and what the eventual implications could be for current encryption standards.
That discussion is now evolving into something more practical. The focus this week has been on migration planning, infrastructure readiness, cryptographic inventory, and operational resilience.
Governments, regulators, and standards bodies continue to align around the idea that organizations should already be preparing for the transition away from quantum-vulnerable cryptography such as RSA and ECC. The underlying message is becoming increasingly consistent across the sector: the migration effort itself may take longer than the arrival of the threat.
This is particularly relevant for financial services and critical infrastructure environments, where cryptography is deeply embedded across payment systems, identity infrastructure, cloud environments, vendor ecosystems, and operational technology.
The G7 Cyber Expert Group's roadmap for post-quantum migration within the financial sector remained an important reference point throughout the week. The roadmap, supported by the U.S. Treasury and Bank of England, reinforces the importance of coordinated transition planning across financial institutions, technology providers, and regulators.
"The migration effort itself may take longer than the arrival of the threat."
At the same time, the concept of cryptographic agility continues to emerge as one of the defining operational themes of the transition. The ability to replace or adapt cryptographic systems efficiently may ultimately prove more important than any individual algorithm choice itself. Organizations are increasingly recognizing that understanding where cryptography exists throughout their environment is foundational to any realistic migration strategy.
This week also saw continued momentum around quantum-secure communications and real-world deployment testing. Reuters reported that Terra Quantum secured a U.S. Air Force contract focused on secure communications simulation in contested environments, alongside deployment of a quantum key distribution link across live telecom infrastructure in Malta.
These developments are important because they demonstrate that quantum security is now progressing along two parallel tracks: post-quantum cryptography designed to protect classical infrastructure, and quantum networking and communication technologies that leverage quantum mechanics directly. Both are advancing simultaneously, although at different levels of maturity and deployability.
On the hardware side, neutral-atom quantum architectures continued to attract attention this week, with additional research and investment activity suggesting that the field is entering a more competitive phase.
Worth Reading This Week
PQC Migration Timelines
NCSC — National Cyber Security Centre ncsc.gov.uk →
Roadmap for the Financial Sector — Post-Quantum Migration
G7 Cyber Expert Group / UK Government gov.uk →
Terra Quantum Secures U.S. Air Force Deal Ahead of Nasdaq Listing
Reuters. reuters.com →
Post-Quantum Roadmap
Cloudflare. blog.cloudflare.com →
Migration and Cryptographic Agility
The Quantum Insider. thequantuminsider.com →
This Week in Quantum — delivered weekly
No noise. No vendor marketing. Just what matters in post-quantum cryptography and quantum risk.
Weekly · No spam · Unsubscribe any time