Navigating the Quantum Threat: 10 Essential Steps for Post-Quantum Cryptography Migration

Quantum computing is poised to upend the foundation of modern digital security. As organizations race to protect their systems from future threats, Meta's experiences in migrating to post-quantum cryptography (PQC) offer a valuable blueprint. Drawing on real-world challenges and innovations—from risk assessment to final deployment—this listicle outlines ten critical steps any team can take to prepare for the post-quantum era. Whether you're just beginning your journey or refining an existing plan, these insights will help you move forward effectively, efficiently, and economically.

1. Understand the ‘Store Now, Decrypt Later’ Threat

Quantum computers won’t be ready for years, but the danger is already here. Sophisticated adversaries can collect encrypted data today, waiting until quantum technology enables decryption—a tactic known as “store now, decrypt later” (SNDL). This means even if your systems are secure today, sensitive information could be compromised in the future. Recognizing this urgency, experts recommend starting PQC migration now, especially for long-lived secrets. Meta’s own threat model explicitly accounts for SNDL, prompting proactive measures across its infrastructure. For teams, the first step is to assess which data and communications are at risk from future decryption, and to prioritize those assets in the migration roadmap.

2. Adopt the Latest NIST Standards as Your Foundation

The National Institute of Standards and Technology (NIST) has published the first wave of industry-wide PQC standards, including ML-KEM (Kyber) for key encapsulation and ML-DSA (Dilithium) for digital signatures. These algorithms are designed to resist quantum attacks while remaining practical for today’s systems. Following these standards provides a trusted, interoperable path forward—reducing the risk of custom solutions that may not withstand future cryptanalysis. Meta is actively integrating these algorithms into its internal services, ensuring alignment with global best practices. Team leads should study the NIST publications, evaluate their applicability to specific use cases, and plan for the additional algorithms expected (like HQC) to broaden cryptographic agility.

3. Learn from Meta’s Own Cryptography Innovation

Meta’s commitment to PQC goes beyond adoption—its cryptographers are co-authors of HQC, one of the newly selected PQC algorithms from NIST. This hands-on involvement gives Meta deep insight into algorithm strengths, performance trade-offs, and implementation pitfalls. For others, this underscores the importance of collaborating with the cryptographic community. Even without in-house algorithm development, organizations can benefit from publicly available research, open-source implementations, and cross-industry working groups. By staying engaged with NIST, the NIST PQC project, and forums like the PQ Crypto community, teams can access cutting-edge knowledge that accelerates safe migration.

4. Implement a Multi‑Level Migration Framework

Not all systems require the same level of post-quantum protection. Meta proposes PQC Migration Levels to manage complexity across diverse use cases. These levels help categorize services based on factors like data sensitivity, lifetime, and performance constraints. For instance, high‑security core services may need immediate, full PQC deployment, while less critical applications can follow a phased schedule. This tiered approach prevents a one‑size‑fits‑all drag on engineering resources and reduces unnecessary disruption. Adopting similar levels within your organization allows you to prioritize high‑risk assets first, gradually extend protection, and continuously reassess as quantum threats evolve.

5. Conduct a Thorough Cryptographic Risk Assessment

Before any migration, you must understand where your cryptography currently lives. Risk assessment involves inventorying all instances of public‑key encryption, digital signatures, and key exchanges—across protocols, applications, and hardware. Meta’s process includes evaluating each component’s exposure to SNDL and its dependency on algorithms that quantum computers will break. Teams should ask: What data, if decrypted years from now, would cause the most harm? Which credentials (TLS certificates, VPN keys, code signing) have the longest lifespan? Documenting these answers creates a clear prioritization for subsequent steps, ensuring resources target the most vulnerable and valuable systems first.

6. Build a Complete Cryptographic Inventory

Inventory is the bedrock of any migration plan. Meta developed a comprehensive catalog of cryptographic assets—from libraries and hardware modules to network endpoints and internal APIs. This inventory goes beyond simple lists; it captures algorithm versions, key lengths, rotation schedules, and dependency chains. An automated discovery tool can help, but manual validation is often needed for legacy or embedded systems. Maintaining this inventory as a living document allows teams to track progress, identify gaps, and quickly respond to new vulnerabilities. Start small: catalog the most critical services first, then expand. Meta’s experience shows that a well‑kept inventory drastically reduces surprises during deployment.

7. Plan and Execute Gradual Deployment

PQC migration is not a “big bang” event. Meta rolled out changes over multiple years, testing each algorithm’s performance and compatibility in controlled environments before wider release. Deployment should follow a phased approach: first in non‑production systems, then in low‑risk production services, and finally in high‑security core infrastructure. Each phase requires regression testing, latency benchmarks, and rollback plans. Hybrid modes (e.g., combining classic and PQC algorithms) can ease the transition, as long as the hybrid itself is cryptographically sound. By pacing the rollout, teams can iron out issues—like increased key sizes or handshake overhead—without compromising availability or user experience.

8. Implement Strong Guardrails and Monitoring

Even after deployment, ongoing vigilance is essential. Meta established guardrails—automated checks that prevent services from falling back to non‑PQC algorithms, detect unexpected cryptographic changes, and enforce policy compliance. Monitoring dashboards track certificate expiration, algorithm usage, and error rates. Additionally, guardrails should block “downgrade attacks” that try to force a connection to classical crypto. For organizations, this means integrating cryptographic checks into CI/CD pipelines, runtime environments, and incident response playbooks. Regular audits and penetration tests ensure guardrails remain effective as the threat landscape shifts and new vulnerabilities emerge.

9. Define and Measure Migration Levels for Each Use Case

Returning to Meta’s idea of PQC Migration Levels, these levels become a management tool throughout the lifecycle. Level 0 might mean “no PQC,” Level 1 “partial hybrid,” and Level 2 “full PQC compliance.” Each service can be assigned a target level based on risk, compliance requirements, and technical feasibility. Teams should define clear criteria for moving from one level to the next—for example, passing a performance test or obtaining a third‑party security review. By publicly or internally reporting progress per level, organizations maintain accountability and demonstrate measurable advancement toward post‑quantum readiness.

10. Keep the 2030 Target in Sight—and Start Today

Authoritative guidance from NIST and the UK’s NCSC points to 2030 as a critical milestone for protecting long‑term secrets with PQC. While the deadline may seem distant, the complexity of migration—especially for large, legacy environments—means the work must begin now. Meta’s multi‑year journey underscores the value of early planning. Begin with a pilot project: pick a small service, conduct the risk assessment, build an inventory, and deploy a hybrid solution. Use the lessons learned to refine your framework. The post‑quantum future is approaching; the organizations that start today will be the ones best positioned to thrive when quantum computers break classical cryptography.

Conclusion

Migrating to post‑quantum cryptography is one of the most significant security transformations of our era. Meta’s experience—spanning algorithm innovation, risk assessment, phased deployment, and robust guardrails—provides a proven playbook. By following these ten steps, your organization can navigate the transition with confidence, protecting both current data and future communications from the looming quantum threat. The time to act is now: assess, inventory, deploy, and monitor. The path is clear, and the community is ready to help.