Hybrid Cloud
Cyber Security & NaaS
AI & Data
IoT & Connectivity
Business Applications
Intelligent Workplace
Consulting & Professional Services
Small Medium Enterprise
Health and Social Care
Industry
Retail
Tourism and Leisure
Transport & Logistics
Energy & Utilities
Banking and Finance
Smart Cities
Public Sector
NIS2 and post-quantum cryptography: how to address the challenge of compliance and cyber-resilience
Cybersecurity is facing new challenges with the arrival of cryptographically relevant quantum computers (CRQC). In Europe, companies must comply with strict regulations to protect data and strengthen resilience. The NIS2 Directive plays a key role in the transition to post-quantum cryptography and modern risk management.
In this context, NIS2 Directive (EU) 2022/2555 does not prescribe which algorithms must be used, but rather requires companies to prove they can change them. By integrating risk-based controls, asset and dependency inventories, supply chain assurance, incident reporting, and business continuity into security governance, NIS2 provides the structure needed for the transition to post-quantum cryptography (PQC).
It’s important to note that the directive places special emphasis on cryptographic policy, key lifecycle management, secure development, and third-party oversight. This approach transforms the simple idea of “cryptographic choice” into real “cryptographic management,” enabling algorithm changes to become verifiable, auditable, and routine processes.
■ In practice, this means mapping where cryptography is located, classifying data by sensitivity over time, planning hybrid deployments, and coordinating upgrade paths with providers — the operational strength needed to move from classical to post-quantum cryptography.
NIS2 doesn’t mandate algorithms, it mandates the real capability to change them.
From cryptographic choice to risk-based cryptographic management
This is reflected in Article 21 on cybersecurity risk management measures, specifically in section 2, which stipulates that the measures (technical, operational, and organisational, adequate and proportionate) to be adopted must follow a comprehensive risk-based approach.
Such measures aim to protect network and information systems, as well as the physical environment supporting them, from potential incidents. Accordingly, item (h) refers to establishing policies and procedures related to the use of cryptography and, where appropriate, encryption.
To bring this down to earth, the Implementing Regulation (EU) 2024/2690 in section 9 on Cryptography (Article 21, Section 2, Letter h) of the Directive (EU) 2022/2555 requires entities to implement and apply cryptographic practices with the mission to ensure their appropriate use, while protecting the confidentiality, authenticity and integrity of information in line with asset classification and risk assessment outcomes.
What’s the anchor for moving forward?
- Asset inventory and classification
- Existing and required cryptographic measures to protect assets
- Data governance (including data at rest and in transit)
- Protocols or protocol families to be adopted (cryptographic algorithms, encryption strength, cryptographic solutions)
- Usage practices (must be approved and enforced)
- Focus on crypto-agility
- Emphasis on key management and its methods
Key management must be considered across the entire lifecycle, including:
- Generation for cryptographic systems and applications
- Issuance and retrieval of public key certificates
- Secure distribution to relevant entities with activation procedures
- Storage and controlled access for authorised users
- Activation and deactivation of keys within defined validity periods, in line with organisational policies
- Key change or update processes, including timelines and methods
- Management of keys at risk
- Revocation, withdrawal, or deactivation procedures
- Recovery of lost or damaged keys
- Backups and archiving to ensure continuity and accountability
- Secure destruction at end of life
- Logging and auditing of all key management activities
- Setting validity periods to ensure keys are used only within approved timeframes
■ As with other directives, NIS2 promotes continuous improvement. Therefore, it is recommended that entities review and, where appropriate, update their guidelines and procedures at planned intervals, considering the latest developments in cryptography.
Preparing today is the only way to reach 2030 with truly resilient assets.
Europe’s roadmap to post-quantum cryptography and crypto-agility
All of this aligns with the EU’s implementation roadmap for the transition to post-quantum cryptography, which aims for a timely, comprehensive, and coordinated transition. From 2026 onwards, assessments and estimation of quantum risk will be highlighted; by 2030, the transition to post-quantum cryptography (PQC) and migration of corresponding assets is expected to be completed.
Meanwhile, ENISA in its NIS2 technical implementation guide, explicitly encourages future readiness by considering quantum-safe cryptographic algorithms. It also emphasises adopting a crypto-agile approach, including:
- Flexibility in algorithm selection
- Modular architecture design, allowing cryptographic components to be modified or updated independently without impacting the entire system
- Regular updates and patching
- Compliance with legislative frameworks and governance of cryptography use across networks and information systems
The transition to PQC is not just a technological upgrade, it is a strategic and regulatory necessity under the NIS2 Directive and its forthcoming implementing acts. Companies across all critical sectors must act decisively to assess their cryptographic dependencies, identify vulnerabilities, and launch a structured migration plan.
■ Integrating PQC into compliance and governance frameworks is not only about meeting regulations — it is a proactive measure to ensure long-term data integrity and resilience against emerging quantum threats.
Mitigating quantum risk begins by acknowledging that today’s algorithms won’t last forever.
DORA and the financial sector: quantum-ready cryptography as a resilience mandate
It’s also important to highlight that Regulation (EU) 2022/2554 on the Digital Operational Resilience Act (DORA) for the financial sector, through its Delegated Regulation (EU) 2024/1774 on Regulatory Technical Standards (RTS), outlines the tools, methods, processes, and policies for ICT risk management, along with a simplified ICT risk management framework.
It addresses Encryption and cryptography in Section 4, and specifically Articles 6 (Encryption and cryptographic controls) and 7 (Cryptographic key management). It encourages financial entities to:
“Adopt risk-based encryption and key management policies aligned with advanced standards, as current encryption and key systems are threatened by future quantum computers capable of breaking algorithms like RSA and ECC. The obligation to update cryptographic technologies in line with advances in cryptanalysis, along with full key lifecycle management, means entities must prepare to migrate to PQC algorithms, enhance resilience against quantum attacks, and ensure their controls, keys, and certificates are quantum-ready.”
■ Essentially, this RTS is a call to action with a flexible, risk-based mitigation and control approach to tackle the cryptographic threat landscape, including quantum-driven risks.
Financial digital resilience demands encryption and key management that are quantum-ready.
Crypto-agility as a competitive advantage in the quantum era
On another front, the PCI-DSS standard (Payment Card Industry Data Security Standard), in Requirement 12.2.3, states: “Cryptographic cipher suites and protocols in use are documented and reviewed at least once every 12 months,” underscoring crypto-agility to ensure there is a fallback to the original encryption method or cryptographic primitive, with plans to upgrade to the alternative without major changes to system infrastructure.
Crypto-agility is the difference between reacting late and leading the transition.
If entities are aware in advance of when standards bodies will deprecate protocols or algorithms, they should implement proactive plans to upgrade before their operations are affected. It is also recommended to follow the NIST SP 800-131, Transitioning the Use of Cryptographic Algorithms and Key Lengths.
In the context of advancing toward the quantum era, preparation will be a determining factor for leadership in cybersecurity. Organisations that take a proactive stance and adapt in a timely manner will be able to strengthen their trust and digital continuity. On the other hand, those delaying the transition will be exposed to compliance risks and potential disruption from quantum technology.
The quantum future won’t wait, and neither should your cryptographic resilience.
