The need for enterprises and government agencies to adopt post-quantum cryptography (PQC) and similar cybersecurity measures will come sooner than actual fault-tolerant, commercial quantum systems themselves.
Regulatory measures in the United States and elsewhere are pushing organizations put defenses in place now to protect against the time when cybercriminals will be able to use quantum capabilities to break public key encryption that is used to protect the world’s data. That time – known as “Q-Day” – could come as early as 2029.
“Q-Day is approaching faster than predicted, and current encryption may be vulnerable as early as 2026 or 2027,”
Brandon Chapman, vice president of growth for
Forward Edge-AI, which offers its hardware-based Isidore Quantum post-quantum encryption platform, told MSSP Alert. “Put simply, the framework isn’t aspirational anymore. It is policy‑backed and time‑bound, and buyers now have standardized building blocks to act. That combination is what’s driving today’s surge in demand.”
MSSPs and other channel players will be key in accelerating the adoption of PQC, Chapman said. He noted the
approval in 2024 of three Federal Information Processing Standards (FIPS) for PQC developed by the National Institute of Standards and Technology (NIST). However, despite the NIST standards and other regulations being put in place around the world, there is a lag in adoption.
The channel can help close that gap, Chapman said.
“MSSPs are multipliers,” he said. “The migration to PQC is a scale problem. NIST’s process culminated in 2024 FIPS approvals, but on‑the‑ground replacement touches millions of endpoints and long‑lived systems.”
Growing the Partner Program
Given that, Forward Edge-AI this week announced it is significantly expanding its channel program by adding more than two dozen new partners worldwide, including North and South America, Europe, Asia-Pacific, the UK, and the Middle East. They not only include MSSPs and MSPs, but also VARs, systems integrations, and regional distributors.
The San Antonio, Texas-based company also highlighted its work with tech partners, including Accrete – a joint venture partner in Japan – Microsoft, Lumen, and Cubic. Chapman said the credibility and scale of Microsoft will help MSSPs prove both cryptography strength and efficacy. He also noted that Forward Edge-AI’s work with Lumen’s commercial networks “helps demonstrate that drop‑in, protocol‑agnostic encryption can run over backbone and last‑mile links without re‑architecting traffic. This validation is essential for MSSPs and telecom partners who secure mixed legacy (and) modern paths.”
Post-Quantum Efforts are Lagging
Help will be needed. There are an estimated 20 billion quantum-resistant devices that need to be deployed by 2027. In April 2025,
ISACA, an association of security, risk, and similar professionals, said its
survey of 6,200 of such tech and security experts found that 62% worry that quantum computing will break current encryption technologies, only 5% said it’s a high priority for the near future, while only another 5% said their organizations have a quantum computing strategy.
That’s worrying, according to a researcher with
F5 Labs.
“There is a growing disconnect between the rapid pace of advancements in quantum computing and the priority to which CISOs assign to the associated risk,” they
wrote last year after reviewing the ISACA report. “All businesses, particularly those dealing with intellectual property, healthcare records, financial transactions, or national security-related information, could already be at risk – even if that data remains secure for now.”
That said, the cybersecurity industry is responding to the growing need for post-quantum security tools. In recent months, tech companies like
Kyndryl,
NTT Research,
Gigamon, and
Palo Alto Networks have rolled out new products and services aimed at helping organizations adopt a post-quantum strategy. In August 2025, Microsoft announced that it plans to begin
offering quantum-safe solutions in 2029 and fully transition its products and services by 2033.
Quantum Worries Piling Up
That will be important because the quantum-related issues are mounting. A key concern is “
harvest now, decrypt later,” which describes the practice by bad actors of stealing vast amounts of encrypted data and sitting on it until they’re able use quantum capabilities to decrypt it.
But Chapman said there are other worries, including the policy-tech mismatch of agencies and regulated industries facing policy deadlines before vendor ecosystems are fully migrated, whch can produce inconsistent security controls. There are also organizations making premature bets on quantum key distribution (QKD) and quantum cryptography (QC), having certificate and firmware exposure without crypto-agile signing and PQC-ready PKI alternatives, and migrating to PQC without the necessary threat telemetry in hand.
MSSPs Can Navigate Rough Quantum Waters
MSSPs can address such security issues, he said. They can help clients sequence deployments to reduce what Chapman called “weakest link exposure” in multi-tenant and multi-vendor estates, guide organizations toward PQC first before moving onto QKD or QC to avoid stranded investments and integration dead ends, and pair encryption upgrades with AI-powered detection.
In addition, MSSPs are best positioned to help clients address four essential areas, such as inventorying cryptography and mapping risk by identifying RSA, ECC, and certificate dependencies and prioritizing long-lived confidentiality data, prepare PQC-ready architecture, drive zero trust and automation to reduce certificate and manual key-loader burden, validate the bandwidth, latency, and resilience on real networks.
“Readiness today is mixed,” Chapman said. “Many MSSPs have started inventory and pilot migrations, but broad enterprise fleets and embedded systems will take time. The scale required is tens of billions of devices, and that makes MSSPs essential to coordinating deployments.”