Technology and quantum experts say President Donald Trump’s recent quantum executive orders send a clear signal to agencies and contractors to accelerate quantum readiness and strengthen post-quantum cryptography (PQC) efforts.
Trump signed two executive orders on June 22 aimed at accelerating U.S. quantum technology development and speeding the federal government’s transition to PQC.
The orders launch a federal push to develop a scientifically relevant quantum computer, build out quantum-enabled sensors and networks, strengthen the domestic quantum ecosystem, and move agencies and contractors toward quantum-resistant cybersecurity.
“The administration’s new quantum executive orders set the pace for modernizing the cryptographic foundations our nation’s digital security depends on. As quantum innovation accelerates and adversaries harvest encrypted data for future exploitation, quantum readiness has become an urgent priority,” said Ryan Gillis, senior vice president, global head of government partnerships at cybersecurity firm Zscaler.
Matt Hayden, vice president of cyber and emerging threats at GDIT, added, “The new quantum executive orders are timely and necessary and represent a critical step forward in how we innovate, create and defend all types of compute, networks and new sensing capabilities to compete on the global stage.”
Agencies, contractors face PQC deadlines
Within 90 days, the PQC-focused order tasks the director of the Office of Management and Budget (OMB), in consultation with the director of the Cybersecurity and Infrastructure Security Agency (CISA) and the national cyber director, to issue guidance requiring each agency to transition all high-value assets and high-impact systems to use PQC for key establishment by Dec. 31, 2030.
The guidance must also require agencies to transition those systems to use PQC for digital signatures by Dec. 31, 2031, and develop plans to accomplish the directive.
Garfield “Gary” Jones, senior vice president of research and technology strategy at PQC software firm QuSecure, applauded the 2030 deadline. Jones previously served as the associate chief of strategic technology at CISA, where he led the agency’s PQC initiative.
“This executive order sends an unambiguous signal to every organization doing business with the federal government: the clock is ticking and maybe running out for some,” Jones said in a statement to MeriTalk.
“The 2030 deadline for key establishment is a tangible compliance deadline, and the gap between where most organizations are today and where they need to be is significant,” he added. “Agencies and contractors that haven’t started a cryptographic inventory are already behind.”
Similarly, Bill Wright, head of government affairs at storage and data management company Everpure, said the orders “send a clear signal that securing the nation’s data is a national security priority.”
“It’s encouraging to see the administration’s continued focus on accelerating quantum readiness and protecting sensitive data before threats fully materialize,” he added. “Quantum is both an opportunity and an obligation, but most agencies are still planning only for the opportunity.”
Wright warned that “‘Harvest now, decrypt later’ makes quantum a today problem, not a 2030s one. Adversaries are already collecting encrypted data, betting they’ll get the chance to read it after Q-day.”
“Q-day” refers to the point when a quantum computer becomes powerful enough to break current public-key encryption standards, potentially exposing sensitive government, business, and personal data that is protected today. Security experts warn that adversaries can collect encrypted data now and decrypt it later once quantum capabilities mature.
The PQC order also reaches into federal contracting. Within 180 days, it tasks the Federal Acquisition Regulatory Council, in consultation with CISA and the National Institute of Standards and Technology (NIST), to publish a proposed rule amending the Federal Acquisition Regulation.
The rule would require covered contractors to comply with NIST’s Federal Information Processing Standards, including applicable standards that incorporate PQC-compliant algorithms, by Dec. 31, 2030.
Within 270 days, the FAR Council must also publish a proposed rule amending FAR requirements and contract clauses for contractor vulnerability disclosure programs, including policies that incorporate reports of cryptographic vulnerabilities.
Ilona Cohen, chief legal and policy officer at HackerOne, a continuous threat exposure management firm, and former general counsel of OMB, said the order’s inclusion of vulnerability disclosure policies is “a clear signal” that companies doing business with the federal government are part of the federal attack surface and must be part of its defense.
“You can’t protect federal IT systems by securing agencies alone. Federal networks are only as resilient as the contractors supporting them,” Cohen said in a statement to MeriTalk.
Cohen said the order moves to close a long-standing gap by making vulnerability disclosure programs a baseline requirement for private companies that access federal data and systems.
“OMB has required federal agencies to run these programs since 2020 to identify and fix weaknesses before adversaries exploit them,” Cohen said. “That need is only becoming more urgent as frontier AI models accelerate vulnerability discovery and shorten the window between identification and exploitation.”
Quantum innovation push draws industry praise
The second executive order, focused on quantum innovation, directs a government-wide effort to update the National Quantum Strategy, expand public-private partnerships, strengthen quantum supply chains, grow the quantum workforce, and protect critical quantum research.
Within 180 days, the assistant to the president for science and technology, in coordination with the secretaries of Defense, Commerce, and Energy, the director of national intelligence, and the director of the National Science Foundation, must update the National Quantum Strategy to support the maturing quantum information science and technology ecosystem.
The order also establishes the Quantum Computer for Application Development and Discovery Science effort, known as QC-ADDS. The effort aims to pursue the development of a quantum computer that can initiate an era of quantum-enabled scientific discovery and deliver at least one such computer to a Department of Energy facility.
Within 90 days, the Energy secretary, in coordination with the assistant to the president for science and technology and other relevant agencies, must identify the technical specifications needed for QC-ADDS to perform transformative scientific applications that go beyond current classical computing capabilities.
Niccolo de Masi, chairman and CEO of quantum computing hardware and software company IonQ, said the executive orders reflect “the growing strategic importance of quantum technologies to U.S. economic competitiveness, scientific leadership, and national security.”
“As the Q-Day timeline accelerates, organizations across the public and private sectors must prepare now for the transition to post-quantum security,” de Masi said in a statement to MeriTalk. “Post-Quantum Cryptography (PQC) is a critical first step in protecting existing infrastructure at scale.”
De Masi said longer-term resilience will increasingly rely on advanced quantum communications technologies, including Quantum Key Distribution.
“Sustained federal focus and investment across research, infrastructure, manufacturing, workforce development, and commercialization are essential to maintaining U.S. leadership and strengthening national security,” he said.
John Miller, executive vice president of policy and general counsel at the Information Technology Industry Council, said quantum technology is shaping both “today’s opportunities and tomorrow’s risks,” and said the United States is well positioned to strengthen its quantum leadership globally.
“The Quantum Innovation EO lays the groundwork for a stronger quantum ecosystem through increased federal capabilities, a refreshed National Quantum Strategy, expanded public-private partnerships, and stronger protections for critical research,” Miller said.
Henry Young, senior director of policy at the Business Software Alliance, also welcomed the two executive orders. He called the focus on upgrading government systems to PQC and furthering quantum innovation “an important step toward strengthening U.S. leadership in one of the most transformative emerging technologies.”
“The order’s direction to update the National Quantum Strategy, establish agency roadmaps, expand public-private partnerships, and reconstitute the National Quantum Initiative Advisory Committee, as well as updating the timelines for government agencies to upgrade to PQC, will help create a more coordinated framework for advancing quantum innovation as well as a safer and more secure nation,” Young said.
Within 210 days, the quantum innovation order tasks the assistant to the president for science and technology with recommending a revised National Quantum Initiative Advisory Committee membership list. It also tasks the committee to develop recommendations to stimulate the development of quantum-enabling technologies in the United States.
Young said governments that act now in partnership with industry will be best positioned to capture the economic, scientific, and national security benefits of quantum technologies.
“The executive order represents an important step toward ensuring the United States remains at the forefront of quantum innovation and competitiveness,” he said.
The order also directs the secretary of Defense to identify at least three next-generation quantum sensor projects within 60 days and to prioritize fielding by Sept. 30, 2028.
It tasks the National Science Foundation, Commerce, Energy, and NASA with developing five-year plans for quantum sensing and networking, and it directs the Office of Personnel Management to develop a government-wide quantum workforce recruitment and retention strategy within 90 days.
For industry leaders, the message across both orders was consistent: Quantum innovation and quantum-era cybersecurity are now moving on the same clock.
“The organizations that move now will have options,” Jones said. “The ones that wait will find themselves managing a crisis.”