FALLS CHURCH, Va. – As quantum computing advancements threaten to break the encryption methods widely used to protect our most sensitive data, 50% of federal IT leaders are actively developing strategies to accelerate transition to post-quantum cryptography (PQC), according to a new research study released by General Dynamics Information Technology (GDIT) with input from IBM. It underscores the need for federal agencies to adapt to evolving threats by preparing for a future where current cryptographic standards may no longer be sufficient.
The study, Quantum Waves, conducted by GDIT’s Digital Consulting Practice, surveyed 200 experts and decision-makers across defense, civilian, and intelligence agencies. It explores how agencies are addressing the PQC transition and identifying risks, challenges and technologies needed for migration. The findings reveal that while planning for PQC is gaining momentum, significant obstacles remain, including the absence of formal guidance. Key insights from the study include:
- 50% of respondents are actively developing strategies for PQC readiness, while 35% are in the process of defining their plans and budgets.
- 46% have identified key risks associated with current cryptographic practices but have not yet begun formal assessments, and only 8% have fully integrated current PQC standards.
- 44% of respondents cite vulnerability management as a top capability needed to discover, assess, and manage cryptographic assets, prioritize risks and accelerate the PQC transition.
The research further highlights key obstacles federal agencies are currently facing with PQC adoption:
- 37% of respondents cited the lack of formal guidance and strategic frameworks as a major challenge.
- 48% of respondents said modernizing legacy systems remains a significant challenge, while 29% cited the implications for operational technology -- the interconnected systems that control physical operations in critical infrastructure.
- 24% reported integrating PQC into the supply chain as an obstacle.
“Quantum computing represents a turning point for cybersecurity, and achieving cryptographic agility is critical to secure our sensitive information against future threats,” said Ben Gianni, GDIT senior vice president and chief technology officer. “With finalized NIST PQC standards, agencies must accelerate their migration efforts. By developing flexible and scalable strategies today, they will be prepared to modernize and build long-term resilience against emerging quantum threats.”
The research findings will be discussed in a public webinar on Oct. 23 with leaders from government, GDIT and IBM.
GDIT is a business unit of General Dynamics, a global aerospace and defense company that offers a broad portfolio of products and services in business aviation; ship construction and repair; land combat vehicles, weapons systems and munitions; and technology products and services. General Dynamics employs more than 100,000 people worldwide and generated $42.3 billion in revenue in 2023. More information about General Dynamics Information Technology is available at www.gdit.com. More information about General Dynamics is available at www.gd.com.
Media Relations
Oliver Nutt
Oliver.Nutt@gdit.com