Two U.S. Senators introduced the National Quantum Cybersecurity Migration Strategy Act, a bipartisan bill directing the White House Office of Science and Technology Policy to develop a coordinated national strategy for transitioning federal systems to post-quantum cryptography. The legislation builds on the National Quantum Initiative Act of 2018 and the 2022 Quantum Cybersecurity Preparedness Act, aiming to ensure federal systems are resilient against future quantum-enabled cyber threats.
Brought in by Senators Gary Peters, a Michigan Democrat and Marsha Blackburn, a Tennessee Republican, the bill focuses on leading the development of a coordinated national strategy for transitioning federal systems to quantum-resistant cybersecurity standards. It leverages existing government expertise through the Subcommittee on the Economic and Security Implications of Quantum Science (ESIX), which would guide efforts to safeguard data before quantum computers become widely available.
The bipartisan legislation helps prepare the federal government for emerging cybersecurity threats posed by quantum computing, an advanced technology that could one day break the encryption algorithms protecting sensitive government systems, personal data, and national security secrets. However, despite continued progress in quantum research, most agency data remains protected by outdated encryption standards or is not encrypted at all.
“It’s critical that the federal government be prepared for any threat posed by quantum computing technology, especially when it concerns our national security,” Peters said in a media statement. “My bill would help keep Americans safe by ensuring we have a quantum cybersecurity migration strategy to remain ahead of our adversaries and protect Americans’ personal data.”
“Quantum computing is a rapidly advancing and promising technology, but it also poses new cybersecurity threats. The United States must be prepared for these cybersecurity challenges and remain the world leader is quantum technology,” according to Blackburn. “The National Quantum Cybersecurity Migration Strategy Act would ensure the federal government creates a road map to protect sensitive data and national security from emerging data security threats fueled by quantum computing.”
While quantum computers aren’t in everyday use yet, they are advancing quickly and once available, they could crack encryption that protects everything from classified communications to bank accounts and email communications. As stolen data can be stored and decrypted later, experts warn that action must be taken now to secure systems with stronger, quantum-proof protections. This bill responds to that urgency by requiring federal agencies to begin migrating critical systems before it’s too late.
To jumpstart that migration, the bill initiates a pilot program requiring each federal agency to transition at least one high-impact system to quantum-safe encryption.
It also mandates that the ESIX Subcommittee evaluate which systems need urgent attention, identify standardized performance measures for agency migration efforts, and establish a clear definition of what qualifies as a cryptographically relevant quantum computer, removing confusion that can delay progress. By creating a practical path forward, the legislation ensures the federal government remains competitive in a rapidly evolving technological landscape and resilient against future cyber threats.
Last week, the Post-Quantum Cryptography Coalition (PQCC) published its Post-Quantum Cryptography (PQC) Inventory Workbook, a tool designed to help organizations of all sizes build a centralized inventory for managing their cryptographic assets and tracking migration efforts. The workbook aims to support early planning and risk reduction as organizations prepare to secure their data against future quantum threats, before quantum computing becomes a practical reality.
