A bipartisan pair of senators has introduced legislation that would establish a national plan to defend Federal systems against emerging quantum computing threats.
Sens. Gary Peters, D-Mich., and Marsha Blackburn, R-Tenn., introduced the National Quantum Cybersecurity Migration Strategy Act on July 31.
The bill would require the White House Office of Science and Technology Policy (OSTP) to take the lead on a national plan that would transition current Federal systems to those with quantum-resistant protections.
“It’s critical that the federal government be prepared for any threat posed by quantum computing technology,” Sen. Peters said. “My bill would help keep Americans safe by ensuring we have a quantum cybersecurity migration strategy to remain ahead of our adversaries and protect Americans’ personal data.”
The legislation takes aim at acting now and “before it’s too late” to migrate critical systems – echoing oft-stated concerns that foreign adversaries are stealing data to store and decrypt later on when quantum tech becomes available to do that.
Quantum computers use quantum mechanics to solve problems faster and beyond the capacity of classical machines – making them powerful enough to crack advanced encryption protections that are currently deployed.
The bill relies on expertise from the Subcommittee on the Economic and Security Implications of Quantum Science (ESIX), which could help coordinate efforts to protect sensitive data.
ESIX is an interagency body?within the National Science and Technology Council, co?chaired by OSTP, the Departments of Defense and Energy, and the National Security Agency, which is tasked with coordinating the implications of quantum science across Federal agencies.
“The United States must be prepared for these cybersecurity challenges and remain the world leader is quantum technology,” said Sen. Blackburn. “The National Quantum Cybersecurity Migration Strategy Act would ensure the federal government creates a road map to protect sensitive data and national security from emerging data security threats fueled by quantum computing.”
Beyond establishing a national plan, the plan developed by ESIX would identify systems most at risk, define what constitutes as a cryptographically relevant quantum computer, and establish metrics to track agency progress in a mandated pilot program that each Federal agency would follow to upgrade at least one high-impact system to quantum-safe encryption.
The senators said their legislation is intended to build upon prior efforts such as the 2022 National Quantum Initiative Act and the Quantum Cybersecurity Preparedness Act.