SEALSQ Corp (NASDAQ: LAES) (“SEALSQ” or “Company”), a company that focuses on developing and selling Semiconductors, PKI, and Post-Quantum technology hardware and software products, today announced that its CEO, Carlos Moreira, participated in the Cantor Quantum Security Event in New York, where leading experts, investors, and technology leaders gathered to discuss the growing cybersecurity risks posed by the emergence of quantum computing.
During a roundtable discussion focused on the future of cryptographic protection in the quantum era, Mr. Moreira emphasized the urgent need for organizations to begin transitioning to post-quantum cryptography (PQC) to safeguard sensitive data and critical infrastructure.
“Organizations should begin deploying post-quantum protection as soon as possible,” said Mr. Moreira. “The strategic answer is not to predict Q-Day perfectly; it is to remove quantum-vulnerable cryptography from high-value systems before the prediction matters.”
Three Main Approaches to Quantum-Safe Security
During the discussion, Mr. Moreira outlined three complementary approaches organizations can adopt to address quantum security risks:
- Post-Quantum Cryptography (PQC)
PQC is the primary migration path for most organizations. It replaces vulnerable public-key cryptographic algorithms with new classical algorithms designed to resist attacks from quantum computers. The first PQC standards were finalized in August 2024 by National Institute of Standards and Technology (NIST), which is urging organizations to begin transitioning immediately.
- Secure Key Agreement (SKA)
SKA can serve as a pragmatic complementary layer, enabling symmetric keys to be generated or negotiated dynamically through secure services or platforms. This approach can be particularly useful for enterprise VPNs and point-to-point communications, but it should be viewed as a complement to a full PQC migration rather than a replacement.
- Quantum Key Distribution (QKD)
QKD can provide additional protection in specialized high-assurance environments, but it is not considered a general-purpose solution for enterprise security due to operational and infrastructure constraints.
The Quantum Timeline: A Decade-Scale Risk
When asked about the timeline for a quantum computer capable of breaking widely used encryption systems such as RSA or elliptic-curve cryptography, Mr. Moreira noted, “The risk horizon is approaching rapidly. While a broad, reliable capability may not arrive within five years, many experts believe it is plausible within ten to fifteen years. The danger is that attackers do not need to wait. They can collect encrypted data today and decrypt it later once quantum capabilities mature.”
This “harvest now, decrypt later” threat is particularly concerning for data with long confidentiality lifetimes, including government information, healthcare records, intellectual property, identity systems, and critical infrastructure communications.
Priority Sectors for Migration
Moreira emphasized that the first sectors that should migrate to quantum-safe security include:
- Government and defense systems
- Critical infrastructure
- Financial institutions
- Healthcare and sensitive data platforms
- Large industrial, telecom, and cloud infrastructure providers
“These sectors combine long-lived sensitive data with systemic importance,” explained Mr. Moreira. “Protecting them early significantly reduces global cyber risk.”
Crypto-Agility: The Key to Successful Migration
Mr. Moreira also warned that the biggest mistake enterprises make is treating quantum security as a simple algorithm replacement rather than an enterprise-wide transformation.
Organizations should maintain a comprehensive inventory where cryptography is used across their entire infrastructure, including PKI, TLS communications, VPNs, firmware, code signing, hardware security modules, identity systems, embedded devices, and supply chains.
“Post-quantum migration is fundamentally about crypto-agility,” Mr. Moreira said. “It requires visibility, planning, and the ability to upgrade cryptography across complex digital ecosystems.”
The Role of Hardware Security
Mr. Moreira concluded, “Post-quantum cryptography must be supported by strong hardware-based security foundations. Quantum-safe algorithms alone cannot fix weak identity systems, insecure firmware, poor key management, or vulnerable devices. “Successful quantum-resilient security requires secure elements, hardware roots of trust, strong key custody, and resilient software supply chains.”
