Abstract
As regulators publish guidance and timelines tighten, organizations can’t treat quantum readiness as a “future-us” problem. Will Collison details HSBC’s approach: begin the migration now, build crypto agility into architecture, and manage both internal upgrades and external dependencies across vendors, partners, and customers. He clarifies where PQC (for everyone) and QKD (for select high-assurance links) fit, and why identity (public-key) mechanisms not symmetric crypto like AES, are the primary risk from quantum computing. Will also reframes “legacy” systems as revenue-critical systems that demand careful, early planning, and he lays out a pragmatic cost model: if you wait, you’ll lose the ability to go slow, forcing a fast (and expensive) scramble. The mandate is simple: start now, measure progress, and design for change so you can swap algorithms when needed.
What You’ll Learn
- How early action lowers cost and risk while keeping quality high.
- PQC vs. QKD vs. Quantum Computing: Clear roles, overlaps, and where to invest first
- Why quantum threatens public-key identity mechanisms more than symmetric encryption.
- Crypto Agility as the Goal: Build systems that can swap algorithms when standards evolve.
- Prioritization Framework: Tackle internet-facing and revenue-critical services early, even if they’re “legacy.”
- Vendor & Partner Readiness: How to pressure-test your supply chain and avoid being the weak link.
- Executive Buy-In: Talk tracks that move the conversation from “someday” to funded roadmap.
- Regulatory Reality: Don’t wait for “R-Day” (regulator day); show posture now to customers and supervisors.
Will Collison is the Interim Global Head of Cryptography at HSBC, where he leads the bank’s global cryptography strategy across 60 markets. A CISSP-qualified consultant with two decades of experience, he specializes in public key infrastructure (PKI), cryptography standards, and the automation of trust. Over his seven-plus years at HSBC, Will has served as Technical Director of Cryptography, Global Head of Cryptography Standards and Enforcement, and PKI Specialist, building frameworks for machine and digital identity and driving large-scale remediation programs.
Prior to HSBC, he founded Secmundi Limited, advising international banks on cryptography strategy and operating models, and worked as a Trust Consultant at Barclays, guiding PKI implementations and automation of certificate issuance. Known for combining deep technical expertise with pragmatic execution, Will has long been a voice for crypto agility, helping organizations modernize securely while preparing for future shifts. Today, his focus is clear: ensuring enterprises can meet the challenges of post-quantum cryptography (PQC) and build a quantum-safe future.
……………………………………….
Want exclusive insights on post-quantum security? Stay ahead of the curve—subscribe to Shielded: The Last Line of Cyber Defense on…