On June 11, 2025, the U.S. General Services Administration (GSA) hosted a pivotal webinar titled “Post-Quantum Cryptography Transition: Getting Started with Inventory and Assessment.” This virtual event aimed to equip federal agencies with the foundational knowledge and tools necessary to initiate the transition to post-quantum cryptographic (PQC) standards, in alignment with federal mandates such as the Quantum Computing Cybersecurity Preparedness Act and Executive Orders 14028 and 13800.
Understanding the Quantum Threat
Quantum computing poses a significant threat to current cryptographic systems. Traditional encryption methods, which safeguard sensitive government data, are vulnerable to potential decryption by quantum computers. Recognizing this, federal agencies are urged to proactively prepare for a post-quantum future to ensure the continued security of national information systems.
Webinar Highlights
The 90-minute session focused on the initial steps agencies should take: conducting comprehensive inventories of cryptographic assets and assessing their current encryption methodologies. GSA experts provided guidance on identifying systems using quantum-vulnerable algorithms and offered strategies for prioritizing assets based on sensitivity and risk.
Attendees were introduced to GSA’s suite of acquisition tools designed to facilitate the PQC transition. These include the Highly Adaptive Cybersecurity Services (HACS) Special Item Number (SIN), the Enterprise Infrastructure Solutions (EIS) contract’s Managed Security Service (MSS) offering, and Governmentwide Acquisition Contracts (GWACs) like Alliant 2 and 8(a) STARS III. These resources provide agencies with access to pre-vetted vendors and solutions tailored for cryptographic modernization.
Emphasizing Compliance and Readiness
The webinar underscored the importance of aligning with federal directives, notably the Office of Management and Budget’s Memorandum M-23-02, which mandates agencies to inventory their cryptographic systems and report findings to the Office of the National Cyber Director and the Cybersecurity and Infrastructure Security Agency (CISA). Compliance with these directives is crucial for maintaining national cybersecurity standards and ensuring a coordinated transition across federal entities.
Looking Ahead
As the quantum computing landscape evolves, the GSA remains committed to supporting federal agencies in their PQC transition efforts. Future initiatives will include additional training sessions, updated guidance materials, and expanded acquisition options to address emerging challenges and technological advancements.
Agencies are encouraged to begin their PQC transition promptly, leveraging GSA’s resources and expertise to navigate this complex landscape effectively. Proactive engagement and early action are vital to safeguarding federal information systems against the impending quantum threat.
