“Getting even 40% of your cryptographic inventory puts you ahead of most organizations.” – Aisling Dawson
The conversation around post-quantum cryptography has moved on. The “why” is no longer the sticking point because roganizations understand the risk. They’ve heard the timelines and they’ve seen the headlines.
What’s missing is progress.
In this episode of Shielded: The Last Line of Cyber Defense, Aisling Dawson, Senior Analyst at ABI Research, and Itan Barmes, Chief Strategy Officer at QIZ Security, unpack why quantum migration feels stuck right now. The challenge is no longer awareness. It is execution. And execution, as it turns out, is far messier than expected.
The Drop-Off After the Hype
A year ago, post-quantum cryptography was everywhere. Standards had just been announced. Roadmaps were being discussed and there was momentum.
That momentum has softened.
At RSA Conference 2026, Aisling points out that while AI dominates the conversation, quantum has taken a step back. Not because the problem is solved, but because the hard part has begun. Implementation. Budget allocation. Integration into real systems.
Quantum is no longer a theoretical discussion. It is an operational one. And operational problems are harder to sell, harder to scope, and harder to execute.
The Inventory Trap
One of the most common starting points for organizations is cryptographic inventory. It sounds straightforward. Identify what you have, then fix it.
Organizations aim for perfect visibility and get stuck. Tools generate dashboards, but translating those into action is far from simple. Definitions of “quantum risk” vary. Metrics are unclear. Coverage is incomplete.
Both Aisling and Itan challenge the obsession with perfection.
You do not need a 100% inventory to begin. In fact, waiting for it can delay progress indefinitely. Partial visibility, if actionable, is far more valuable than complete visibility that leads nowhere.
The Hardest Problem: Moving in Sync
If there is one challenge that stands out, it is ecosystem coordination. Even if one part of the system is ready, others may not be. Each moves at a different pace. Progress in isolation does not translate into progress overall.
Aisling describes this as the biggest blocker. The inability of the ecosystem to move in sync.
This is what makes quantum migration fundamentally different from past transitions. It is not a single upgrade but a coordinated shift across layers, teams, and suppliers.
The Risk of Doing Nothing (and Doing Too Much)
There are two common failure modes.
The first is delay. Caused by organizations waiting for clearer standards, better tools, or stronger mandates.
And the second is overreaching by trying to solve everything at once. Doubling down on a perfect inventory, a complete migration plan, and total visibility. This often leads to analysis paralysis.
Both approaches lead to the same outcome which is little to no progress.
The alternative is more pragmatic. Start where you can and build capability over time.
Where Organizations Should Start
For organizations still at the beginning, the advice is this:
- Start with visibility, but do not get stuck there.
- Build internal alignment, especially at the leadership level.
- Frame quantum as a business risk, not just a technical one.
- Work in phases, not big-bang transformations.
Most importantly, start. Quantum migration is a multi-year journey and waiting for perfect clarity only shortens the runway.
The Takeaway
Organizations that move forward treat this as an ongoing discipline. They accept partial progress as real progress. Those that wait tend to get stuck between awareness and action.
The difference is no longer knowledge, but the execution.
You can hear the full conversation with Aisling Dawson and Itan Barmes on Shielded: The Last Line of Cyber Defense, available now on Apple Podcasts, Spotify, and YouTube.
About the Guests
Aisling Dawson is a Senior Analyst at ABI Research, specializing in cyber and digital security. Her work focuses on post-quantum migration, PKI, confidential computing, and building digital trust in an AI-driven world.
Itan Barmes is Chief Strategy Officer at QIZ Security. With a background in physics and cybersecurity, he has spent years helping global organizations navigate cryptographic risk and post-quantum migration challenges.