Abstract
Post-quantum cryptography is often framed as a future technical upgrade. Carolina Polito approaches it as an organizational transition that is already underway. In this episode of Shielded: The Last Line of Cyber Defense, Carolina explores how quantum readiness moves beyond awareness into execution.
She begins by reframing how we think about technology itself. Systems are not neutral tools. They are shaped by societal decisions and, in turn, shape the institutions that rely on them. This perspective helps explain why quantum readiness cannot be confined to technical teams alone.
The conversation then moves into operationalization. While most organizations recognize the quantum threat, translating that awareness into action remains a challenge. Carolina explains why attempting a complete inventory of cryptographic assets can slow progress and why prioritization is more effective. By focusing on high-value, long-lived, and exposed assets, organizations can begin building a practical migration strategy.
Vendor ecosystems emerge as a central theme. Many cryptographic dependencies sit outside direct control, making vendor engagement critical. Carolina outlines what organizations should look for, including transparency around cryptographic usage, transition roadmaps, and crypto agility.
At a policy level, the discussion explores Europe’s approach to quantum readiness. While there is progress across member states, coordination remains complex. Standards, procurement, and national strategies need to evolve together rather than in sequence. The absence of post-quantum requirements in emerging digital systems also highlights missed opportunities that could increase future costs.
Carolina closes with a practical lens. Organizations do not need to solve everything at once. Assigning ownership, prioritizing key assets, and embedding quantum readiness into existing processes can create momentum without overwhelming the system.
What You’ll Learn
- Why quantum readiness is an organizational and managerial challenge
- Why complete cryptographic inventory is less useful than prioritization
- How to identify high-value, no-regret starting points
- What defines a quantum-ready vendor
- Why crypto agility is critical for long-term resilience
- How supply chain dependencies shape migration complexity
- Where Europe stands on PQC coordination and policy
- Why standards, procurement, and strategy must move in parallel
- How new digital systems can create future retrofit challenges
- What the first practical step toward quantum readiness looks like
Carolina Polito is a researcher in the cybersecurity program at the Center for European Policy Studies and a PhD candidate in international relations at LUISS University in Rome. Her work focuses on cybersecurity, governance, and geopolitics, with a particular emphasis on how emerging technologies shape institutional capabilities and policy decisions.