The Accredited Standards Committee X9 Inc. (X9) has announced the publication of its new report, “Post Quantum Cryptography Financial Readiness Needs Assessment,” aimed at equipping the financial services industry with strategies to mitigate cybersecurity risks posed by quantum computers.\n\nDeveloped by the X9F Quantum Computing Risk Study Group, one of X9’s dedicated quantum computing initiatives, the document provides a high-level overview for managers and executives on options, alternatives, and guidance for addressing these emerging threats. The report is available for public download at no charge.\n\nX9’s objective with this report is to educate financial industry management on how to identify, analyze, prioritize, and manage significant risks presented by future quantum computers. It also offers guidance on migrating to Post-Quantum Cryptography (PQC) to safeguard sensitive data and networks against potential quantum-enabled cyberattacks. While primarily focused on the financial sector, the report’s insights are also relevant for government agencies and other organizations confronting quantum challenges.\n\nThe transition to PQC is anticipated to be a complex and potentially costly endeavor. The report suggests that implementing a company-wide program to investigate internal security issues related to quantum computing and developing plans to address them offers the best opportunity to reduce migration expenses, create an environment secure against quantum attacks, and diminish the likelihood of failing to identify existing weaknesses. This proactive approach also presents an opportunity to rectify long-standing security problems.\n\nKey areas detailed in the report for PQC migration include educating personnel on quantum computing’s cryptographic implications, creating a comprehensive cryptographic asset inventory, prioritizing current systems for remediation based on risk assessments, and developing and implementing plans for PQC solution deployment. It also emphasizes working with vendors to integrate PQC solutions into third-party products and leveraging the migration as an opportunity to incorporate features of an agile architecture.\n\nFurthermore, the report’s findings and recommendations are designed to enable financial institutions to develop robust crypto-agility strategies. Specific topics addressed encompass cryptography policy management, design tradeoffs, implementations and interoperability, compliance assurance, and deployment guidelines.\n\nSteve Stevens, X9 Executive Director, commented on the significance of the publication, stating, “Our new report will be a vital resource for the financial industry to understand and prepare for the paradigm shift in cryptographic standards brought about by the advent of quantum computing. The insights the industry can glean from this needs assessment report will be instrumental in building secure and resilient cryptographic infrastructures that protect against the uncertainties of the quantum-powered future.”\n\nThe Accredited Standards Committee X9 Inc. is a non-profit organization accredited by the American National Standards Institute (ANSI) to develop and maintain national and international standards for the financial services industry. Its standards cover a wide range of subjects, including payments, corporate treasury functions, blockchain technology, quantum computing, and AI. X9 also serves as the U.S. Technical Advisory Group (TAG) for ISO TC68 (Financial).