.png)
Post-Quantum Cryptography Readiness with ITSEC
Discover how ITSEC helps organisations prepare for the post-quantum era with future-proof cryptography and cyber resilience strategies.
ITSEC Asia
For decades, public-key cryptography has been the backbone of protecting sensitive information, such as financial transactions, personal data, corporate communications, and government secrets. Whether logging into a secure banking app, shopping online, or browsing encrypted websites (like HTTPS), public key infrastructure (PKI) protects your data from cybercriminals. However, the rise of quantum computing introduces transformative and potentially disruptive challenge to this foundation of digital trust.
The Quantum Revolution
Quantum computers can perform complex computations faster than even the most advanced current supercomputers. While this capability promises breakthroughs in drug discovery and healthcare, materials science or Artificial Intelligence (AI), it also poses a significant threat to current cryptographic systems. Quantum computers could break widely used publickey cryptographic systems (e.g., RSA, ECC), compromising critical infrastructure security such as energy grids, financial systems, and sensitive government communication networks.
Compromised public-key cryptography could lead to forged digital certificates or signatures, undermining trust in banking, healthcare, and government services. Quantum cryptography attacks could also compromise billions of connected devices, from smart homes to Industrial Control Systems (ICS), by breaking traditional encryption used in secure communication.
Furthermore, cyber criminals and government adversaries could use “harvest now, decrypt later” attacks, where adversaries collect encrypted data today for decryption when quantum computers become available. This could affect all the critical infrastructure, which also often handles sensitive data with long-term confidentiality needs (e.g. medical records, state secrets). Experts predict that “Q-Day”, when quantum computers crack current encryption, may arrive within a decade. This has spurred global efforts to develop and implement post-quantum cryptography, new encryption algorithms designed to resist quantum attacks.
Global Efforts to Prepare for Post-Quantum Cryptography
Governments worldwide are already taking proactive steps to counter the threats of Quantum Computing to cybersecurity. In the US, the Quantum Computing Cybersecurity Preparedness Act (H.R.7535), signed into law on December 21, 2022, as Public Law 117-260, aims to encourage federal agencies to migrate their information technology systems to post-quantum cryptography (PQC) to protect against future quantum computing threats. It mandates agencies to assess vulnerabilities, maintain inventories of quantum-vulnerable systems, and develop strategies for PQC adoption.
Furthermore, the Cybersecurity and Infrastructure Security Agency (CISA) launched a PQC Initiative in July 2023 to support critical infrastructure with risk assessments and transition planning. CISA has provided resources for cryptographic inventorying and testing PQC algorithms, indicating ongoing compliance efforts with H.R.7535.
The National Institute of Standards and Technology (NIST) finalised three PQC standards (FIPS 203, 204, 205) on August 13, 2024. A fourth standard (HQC) was selected for standardisation on March 11, 2025. NIST encourages immediate transition to these standards.
The US National Security Agency mandates PQC for software and firmware updates by 2025. By 2030, all cryptographic systems within the scope of CNSA 2.0 must exclusively use PQC algorithms, phasing out legacy algorithms (e.g., RSA, ECC) vulnerable to quantum attacks.
In the European Union, the Commission Recommendation (EU) 2024/1101, adopted on April 11, 2024, urges EU Member States to develop consistent strategies for adopting PQC to secure digital infrastructures and services in public administrations and critical infrastructure. Southeast Asia’s first National Quantum-Safe Network Plus (NQSN+) was launched in Singapore in 2023 as part of Singapore’s Digital Connectivity Blueprint. NQSN+ aims to build a quantum-safe communication infrastructure by 2030. It combines PQC, which upgrades software with quantum-resistant algorithms, and Quantum Key Distribution (QKD), a hardwarebased approach for secure key sharing.
In 2024, the Monetary Authority of Singapore (MAS) and Banque de France conducted a groundbreaking PQC experiment, successfully using quantum-resistant (PQC) algorithms (CRYSTALS-Dilithium and CRYSTALS-Kyber) to sign and encrypt email. In 2024, MAS also issued an advisory (MAS/TCRS/2024/01) urging financial institutions to prepare for quantum risks by maintaining cryptographic inventories, conducting risk assessments, and adopting PQC solutions.
Singapore is also monitoring progress on NIST post-quantum cryptography and set to roll out its own standard from 2025. (reference: https://www.reedsmith.com/en/perspectives/2024/12/csa-to-roll-out-quantum-security-guidelines-from-2025)
Meanwhile, Indonesia’s PQC efforts are in early stages compared to Singapore’s more structured initiatives. In May 2025, the Indonesian Defense University (Unhan RI) inaugurated the Center for Quantum Security Ecosystem (CQSE), and, at the same event, released a Quantum-Security Roadmap 2025-2030: Phase 1 (2025-27), creating a joint Unhan, BRIN, BSSN and TNI research hub and pilots of Quantum VPN for secret government and military communications. Phase 2 (2027- 30) extends post-quantum cryptography and quantum-key-distribution across the national strategic network.
The Quantum Revolution
PT ITSEC Asia Tbk (CYBR), a leading cybersecurity firm listed on the Indonesian Stock Exchange, is pioneering the integration of post-quantum cryptography (PQC) solutions and research in Indonesia and the Asia Pacific region
ITSEC’s PQC Strategy Includes:
Research and Testing
Partnering with global tech firms and academic institutions, ITSEC develops PoCs to validate PQC algorithms and solutions such as Quantum Entropy Appliances, Quantum Entropy-as-a-Service, and Digital Quantum Key Distribution (DQKD) products. ITSEC conducts controlled PoC implementations to showcase PQC integration in real-world applications like secure communications, financial transactions, and data storage.
Training and Capacity Building
Through ITSEC Cyber Academy, launched in 2025, ITSEC offers PQCfocused training tied to PoC outcomes, equipping Indonesian IT professionals with skills to adopt quantum-safe standards.
Industry Awareness
ITSEC promotes PQC through PoC demonstrations at industry forums, media, and conferences (e.g., ITSEC Cybersecurity Summit 2025), highlighting the need for quantum readiness
ITSEC’s PQC efforts align with Indonesia’s growing effortsin quantum-safe cybersecurity.
