Entrust Global Report Finds Cryptographic Visibility Stagnant as Quantum Threat Nears
Enterprises Are Struggling to Keep Pace as Quantum Timelines Accelerate and Certificate Validity Windows Shrink Dramatically

Entrust, a global leader in identity-centric security solutions, has released new findings from the Ponemon Institute revealing that organisations worldwide face two urgent cryptographic deadlines that will have a significant impact on their data security and web services—and most lack the visibility, resources, and readiness required to meet them.
The 2026 Global State of Post-Quantum and Cryptographic Security Trends study, independently conducted by the Ponemon Institute and sponsored by Entrust, surveyed more than 4,000 IT and security professionals worldwide, including 482 respondents in Singapore. The results show that enterprises are struggling to keep pace as quantum timelines accelerate and certificate validity windows shrink dramatically, creating the conditions for greater organisational risk.
Quantum Disruption Nears as Certificate Lifecycles Collapse
Approximately half of Singaporean cybersecurity practitioners (49%) believe a quantum computer capable of breaking RSA and ECC encryption will emerge within five years. This urgency is underscored by NIST and NSA guidance, which has set aggressive timelines for transitioning to quantum-resistant cryptography, including deprecating RSA and ECC encryption by 2030, and disallowing them by 2035. In Singapore, the Cyber Security Agency (CSA) has already begun laying the groundwork for quantum-safe migration, launching a Quantum-Safe Handbook and Quantum Readiness Index in 2025.
At the same time, a recent CA/Browser Forum mandate will rapidly shrink public trust certificate validity windows —moving from 398 days to 200, to 100, and ultimately 47 days by 2029. As industry standards and government mandates seek to minimise risk and strengthen digital trust, organisations must have capabilities in place to enable faster renewal cycles and automation at scale. The ability to automate certificate replacement at scale is just as critical to the transition to quantum-safe cryptography.
Despite these near-term deadlines, only 33% of organisations in Singapore are preparing for PQC—down from 36% in 2023. Only 43% reported that they have full visibility into certificates in their enterprises, making it difficult to begin implementing quantum-safe algorithms and infrastructure. 62% say managing cryptographic assets is extremely or very difficult.
A successful quantum attack could have serious consequences: Singaporean respondents are concerned about the loss of access to encrypted critical infrastructure (58%), and exposure of long-term sensitive data (56%), including financial records and health information.
“The fact that 67% of respondents report that their organisations are not preparing to transition to post-quantum cryptography is a sign that the cryptographic landscape is changing faster than most organisations can keep up,” said Greg Wetmore, Vice President of Product Development at Entrust. “The clock is ticking, and the solutions are available now, so enterprises cannot afford to delay action. It is not a question of ‘Will quantum computers disrupt us?’ but ‘How quickly can we adapt our infrastructure to withstand what is coming?’”
Visibility Remains the Defining Obstacle to Modernising Digital Trust
Limited visibility into cryptographic assets remains the top barrier to post-quantum readiness – cited by 38% of respondents compared to 36% from the last report. Other readiness gaps have worsened: lack of expertise rose to 40% (from 23%), and concerns around testing systems and managing the transition have increased to 37% (from 33%).
Without clear visibility into where keys and certificates are stored, how they are used, and when they expire, teams cannot automate renewal workflows, transition to quantum-safe algorithms, or prevent the outages that short-lived certificates can trigger.
“The gap between awareness of the quantum threat and action is widening. Teams around the world are struggling with the same foundational challenges: limited visibility into their keys and certificates, scarce expertise, and operational constraints that make it difficult to transition at the pace required,” said Mike Baxter, President and Chief Technology & Product Officer at Entrust. “The path forward starts with building cryptographic visibility and automation. Then it becomes about implementing quantum-safe cryptographic infrastructure with PQ-ready HSMs and PQ-ready PKI, which are the fundamental building blocks organisations require to address the quantum threat. With these tools in place, organisations can begin implementing PQC to safeguard their organisations before quantum computers make traditional encryption obsolete.”
Entrust Delivers Core Technology for Quantum-Safe Security
Entrust provides the technologies and expertise organisations need to move from discovery to implementation, including PQ-ready HSMs, quantum-safe PKI, and automated certificate lifecycle management. These capabilities give enterprises the foundation to begin deploying quantum-safe cryptography today, strengthening resilience, helping to maintain compliance, and protecting sensitive data that must remain secure for decades.
With quantum-safe infrastructure available now, Entrust enables organisations to modernise their cryptographic environments proactively—well before quantum attacks become viable.
To learn more, download the full report here.



