President Donald Trump has signed a new executive order setting aggressive deadlines for federal agencies and government contractors to adopt post-quantum cryptography (PQC), aiming to protect U.S. government systems and sensitive data from future quantum computing threats.
The order states that the United States must strengthen its cryptographic defenses to safeguard critical infrastructure, sensitive information, and the digital economy as quantum technology rapidly advances. According to the White House, accelerating the government’s transition to quantum-resistant encryption is essential to keeping American cybersecurity ahead of emerging threats.
Under the directive, the National Institute of Standards and Technology (NIST), the Cybersecurity and Infrastructure Security Agency (CISA), and the National Security Agency (NSA) must provide ongoing technical guidance to help federal agencies implement PQC standards.
The Department of Commerce has also been instructed to begin pilot testing post-quantum cryptographic algorithms on selected NIST computer systems by the end of 2027.
The executive order further requires federal contracting agencies to issue regulations by the end of 2030 mandating that government contractors comply with NIST’s Federal Information Processing Standards (FIPS). Contractors will also be required to expand their vulnerability disclosure programs to identify cryptographic weaknesses, including the use of outdated encryption methods or non-FIPS-approved algorithms.
John Miller, Executive Vice President of Policy at the Information Technology Industry Council, welcomed the move, saying the order establishes “appropriately aggressive timelines” for the federal government’s transition to quantum-safe security. He added that continued collaboration between policymakers, industry, and international partners will be essential to protecting digital systems while advancing quantum innovation.
Additionally, the Office of Management and Budget has been directed to establish key migration milestones for federal agencies’ high-value assets. Agencies must implement quantum-resistant key establishment by December 31, 2030, and transition digital signatures to post-quantum cryptography by December 31, 2031.
Expanding Quantum Security Beyond the Federal Government
President Donald Trump’s executive order extends the push for post-quantum cryptography (PQC) beyond federal agencies, directing the U.S. government to support critical infrastructure operators, industry, and international partners in preparing for the quantum era.
Under the order, the Cybersecurity and Infrastructure Security Agency (CISA), alongside Sector Risk Management Agencies such as the Environmental Protection Agency and the Treasury Department, must help organizations within their sectors develop plans for adopting quantum-resistant encryption.
The directive also instructs CISA to publish guidance on creating a cryptographic bill of materials (CBOM)—a detailed inventory of the cryptographic algorithms and standards used in software and hardware—to help organizations identify and manage encryption-related risks.
On the international front, the State Department, NIST, and other federal agencies have been tasked with encouraging allied governments and key industry groups to adopt the suite of post-quantum cryptographic algorithms approved by NIST, promoting greater global cybersecurity interoperability.
Renewed Investment in Quantum Research
In a separate executive order, Trump called for an update to the National Quantum Strategy, the re-establishment of the National Quantum Initiative Advisory Committee, and stronger measures to protect U.S. quantum research from espionage, sabotage, and other security threats.
The order also launches the Quantum Computer for Application Development and Discovery Science Effort, a new initiative aimed at building a large-scale quantum computer capable of advancing scientific discovery. At least one of these systems will be developed for use by the Department of Energy.
To strengthen the nation’s quantum workforce, the directive further instructs the Office of Personnel Management and other federal agencies to develop a comprehensive strategy for recruiting and retaining quantum computing experts within the U.S. government.
Source: Cybersecuritydive Edited By Bernie
