United States of America: Implemented Quantum Computing Cybersecurity Preparedness Act

On 21 December 2022, the Quantum Computing Cybersecurity Preparedness Act was signed into law and became effective on the same day. The Act regulates the migration of executive agencies’ information technology systems to post-quantum cryptography. The Act seeks to mitigate attacks that aim to steal sensitive encrypted data by quantum computers developed in the future. Furthermore, the Act requires the National Institutes of Standards and Technology to issue post-quantum cryptography standards no later than 180 following the entry into force of the Act. The Office of Management and Budget will issue guidance implementing the standards to ensure the transition of US agency information technology systems to post-quantum cryptography. The Act specifies that the standards will not be applicable to any national security system.