The future of cyber security is upon us, and with the looming threat of quantum computing, the race to implement Post-Quantum Cryptography (PQC) is more critical than ever. We’re thrilled to share that PQShield has been selected as an Assured Cyber Security Consultancy (ACSC) provider by NCSC for Post-Quantum Cryptography (PQC). This isn’t just an accolade; it’s a testament to our dedication to securing the UK’s most vital sectors against the next generation of cyber threats.
What Does NCSC Assured Mean?
The UK NCSC’s Assured Cyber Security Consultancy (ACSC) scheme is a rigorous programme designed to ensure that companies providing consultancy services meet the highest standards, especially for organisations facing complex and high-risk cyber security requirements. This includes essential entities like governments, the wider public sector, and, crucially, Critical National Infrastructure (CNI).
This ACSC scheme represents a crucial milestone on the roadmap to full post-quantum migration. It’s a significant step towards ensuring that the UK and its critical national infrastructure are resilient against the threats of the future.
PQShield’s Dual Role in PQC Migration
In the PQC pilot for this scheme, PQShield has been selected in both key categories:
- - Discovery & Migration Planning
- - Advice
The Urgent Need for CNI to Go Quantum-Proof
The transition to PQC needs to happen urgently, especially for CNI. The NCSC’s own PQC roadmap is clear: it encourages CNI providers and vendors to be quantum-proof by 2031. This isn’t a suggestion; it’s a deadline, and it’s four years ahead of the 2035 deadline set for other industries.
Why the urgency? IT leaders supporting our national infrastructure—from the defence and energy sectors to data centres and hospitals—need practical advice on how to implement these new cryptography standards. Furthermore, their teams must be upskilled in maintaining PQC.
Ben Packman, CSO and ACSC Service Owner at PQShield, said: “NCSC’s decision to appoint assured consultants for PQC is a vital step. It recognises the urgency of migrating CNI, and that these organisations and vendors need clear, practical guidance on how to implement PQC effectively. The window for CNI projects to quantum-proof themselves is closing. The NCSC has already urged vendors and government decision-makers to complete the highest-priority upgrades by 2031 – ahead of the general 2035 timeline for the global transition. Upgrading will be a years-long process, meaning CNI vendors need to to begin right now”.
Dr Ali El Kaafarani, CEO at PQShield, said: “For PQShield, this milestone reflects our long-standing work with NCSC and other national cybersecurity agencies in Europe, the US and Japan to modernise the vital components of the technology supply chain and help them stay one step ahead of attackers.”
The Devastating Cost of Inaction
The consequences of inaction for CNI would be severe. It’s not only sensitive data that’s at risk. If attackers are able to infiltrate, take down, or ransom any accessible connected system online, the economy and daily life will be severely impacted. We’ve seen examples of this already; even the smallest infrastructure security vulnerabilities can have devastating impacts. For instance, a disruption to power supplies in Europe earlier this year cost the economy hundreds of millions of pounds. In every single industry, the cryptography that keeps data, devices, connections, and components secure, needs to be modernised to align with new post-quantum global standards.
We’re proud to be at the forefront of this vital transition, working closely with CNI organisations to secure their future.
For more details on the NCSC ACSC scheme and PQC, we encourage you to visit the NCSC webpage.
Link to Press Release