Entrust Post Quantum Trends Study Finds High Awareness on Post Quantum Cryptography, Widespread Preparation Lags

The Entrust Cybersecurity Institute has released survey findings on post-quantum cryptography (PQC) and public key infrastructure (PKI), assessing organisational PQ preparedness and the future of encryption. The Post Quantum Trends study reveals that most organisations in Singapore have not begun preparing for the post-quantum threat. This comes on the heels of MAS’ advisory on addressing the cybersecurity risks associated with quantum published earlier this year, outlining implementation guidelines and best practices for organisations entering a new era of quantum cryptography.

Entrust’s 2024 PKI and Post Quantum Trends Study presents findings from a survey of IT and IT security professionals across nine countries, including Singapore, conducted by the Ponemon Institute. Compared to previous years, this new data shows a clear shift towards increased awareness of PQC and the threats it poses to modern organisations. At the same time, it highlights a concerning trend that most organisations are either not yet motivated or unprepared for the transition, citing major concerns with the skills, education, and technologies needed to effectively prepare, leaving them vulnerable to potential attacks.

“There’s a shift in the industry with regard to Post-Quantum readiness,” said Samantha Mabey, Director of Digital Solutions Marketing at Entrust. “While the questions around the PQ threat used to be ‘is it real’, the questions as of late are now ‘what do I need to do’ and ‘how’.”

Post Quantum Trends: An Overview of Relevant Findings 

Key findings from the 2024 PKI and Post Quantum Trends Study include:

• Support for PQC readiness is increasing, but plans for implementation are trailing. While 63% of Singaporean respondents plan to migrate to PQC within the next five years, only approximately one third of organisations in Singapore (36%) are presently preparing for the transition. At the same time, 43% of Singaporean respondents reported not having the right scale and technology to support the required extra computing power for PQC.
• Ownership as well as insufficient talent serve as the top challenges for enabling applications of PKI. 53% of respondents in Singapore reported a lack of clear ownership over this transition as the biggest hurdle to enabling PKI. Meanwhile, nearly half attributed the challenge to insufficient skills (46%) and insufficient personnel (40%).
• Insufficient scale and technology, strategy, and budget are top concerns for organisations seeking PQC readiness. Despite the fact that 48% of respondents in Singapore reported a focus on building their cryptographic strategy, respondents cited not having sufficient scale and technology to support PQC (43%) followed by the inability to have an enterprise-wide strategy (41%) and inadequate budget (39%) as their greatest concerns as they prepare for a post-quantum era.
• Even among organisations that decide to migrate, the path to PQC is uncertain. While 41% of organisations in Singapore favour implementing a strict PQC plan, a significant proportion are inclined towards a hybrid approach (29%) or initial internal testing of PQC (22%).

“Organisations know that the threat of PQ is inevitable and impact substantial, but they lack the scale and technology, budget, strategy, skills, and computing power needed to effectively activate a plan, revealing a critical gap between awareness and action as the quantum threat looms. A major focus for organisations in 2025 will be activating these plans, bolstering their visibility into their cryptographic assets, and preparing their teams for a quantum-safe future,” said Mabey of the results of the Post Quantum Trends study.

Additional Information

• Read the Post Quantum Trends report executive summary here.
• Download the full Post Quantum Trends study report here
• Learn more about the Entrust Post-Quantum Cryptography Solutions here

.