President Trump's 2026 Cyber Strategy: What It Means for Quantum-Readiness and Post-Quantum Cryptography

This month, the White House released President Trump's Cyber Strategy for America, representing a significant shift towards a much more resilient and aggressive cyber defence policy. With foreign governments and criminal networks increasing cyber operations at scale, and financial cybercrime growing sharply against US systems, the administration is taking a proactive approach — and post-quantum cryptography (PQC) is at its centre.

Critical Infrastructure and the Supply Chain

A key pillar of the new strategy includes securing essential systems and supply chains across defence, critical national infrastructure, energy, financial and telecommunication systems, data centres, water utilities, and hospitals. Crucially, the mandate also targets adjacent vendors and private companies within these networks — not just primary operators.

In effect, manufacturers in the supply chain are likely to be highly scrutinised for appropriate security standards, including quantum-ready cryptography integrated at every stage from design to deployment. Delaying PQC integration is now a direct hindrance to what is likely to be a highly lucrative federal procurement market.

Post-Quantum, Front and Centre

The Cyber Strategy makes a commitment to the implementation of post-quantum cryptography by mandating the modernisation of federal systems. The administration is actively promoting PQC adoption as a critical tool for cyber security, alongside securing quantum computing itself, in the effort to "protect America's intellectual advantage".

"PQC is no longer theoretical best-practice. It has now become a foundational pillar of US federal procurement."

In 2024, NIST finalised its first set of post-quantum cryptography standards, signalling that the cryptographic transition was no longer theoretical. The 2026 Cyber Strategy now accelerates that transition into mandatory action. Harvest-now-decrypt-later threats — where adversaries collect encrypted data today to decrypt it once quantum computers are sufficiently powerful — are pushing organisations toward hybrid cryptography and ML-KEM as the quantum risk grows.

What Organisations Must Do Now

Manufacturers, software developers, and adjacent vendors to the supply chain must now accelerate their quantum-readiness roadmaps. The strategy makes clear that alignment with new US procurement goals is an essential feature for the world of tomorrow. 2026 is the year that limited testing for post-quantum cryptography must become broad production deployment.