As massive enterprises modernize their networks for the AI period, one problem stands out: the looming threat posed by quantum computing. At Cisco Reside 2026 Amsterdam, Cisco responded by introducing what we describe as the trade’s first full-stack post-quantum cryptography (PQC) structure.
This resolution applies quantum-safe cryptography throughout each layer—from machine integrity at boot to information in transit safety for important connections—utilizing Nationwide Institute of Requirements and Expertise (NIST)-approved quantum-resistant algorithms. For community engineers and safety architects, this marks essentially the most important cryptographic leap in additional than twenty years.
Understanding the cryptographic problem
PQC addresses a structural weak point uncovered by quantum computing in fashionable cryptography. Whereas sturdy symmetric encryption equivalent to Superior Encryption Normal-Galois/Counter Mode (AES‑GCM) could already be in place to guard information, the cryptographic mechanisms used to set up and alternate these encryption keys are anticipated to grow to be weak to quantum-based assaults.
For giant-scale organizations operating huge, multisite networks, this vulnerability represents not only a technical concern however a enterprise continuity threat. Algorithms equivalent to Rivest–Shamir–Adleman (RSA) and Elliptic Curve Cryptography (ECC) stay safe towards classical computing however is not going to face up to cryptographically related quantum computer systems—programs highly effective sufficient to interrupt immediately’s broadly deployed public-key cryptography.
The rising menace of harvest now, decrypt later
This weak point is what makes the harvest now, decrypt later (HNDL) menace so severe. Delicate encrypted information is already being collected at scale throughout enterprise networks and digital companies. Whereas this information stays protected immediately, it’s being retained by attackers with the expectation that quantum computer systems will expose it. When a cryptographically related quantum pc emerges, years of gathered information may very well be uncovered without delay, making a long-term threat for organizations that don’t act now.
The increasing scope of the threat
This threat spans each main safety area. Right this moment, an attacker can obtain a signed working system picture and extract the general public keys used to confirm it. Whereas benign for now, this adjustments in a quantum future. As soon as quantum computer systems can defeat immediately’s code‑signing cryptography, an attacker may compromise a vendor’s non-public signing keys and use them to insert backdoors or malware into bootloaders and working programs that also seem absolutely trusted.
The identical threat applies to encrypted community communications. Encrypted information over Web Protocol Safety (IPsec) or Media Entry Management Safety (MACsec) will be collected and saved immediately with out being readable. When quantum computer systems grow to be out there, the public-key cryptography used to set up session keys will be damaged, permitting beforehand captured information to be decrypted lengthy after it was transmitted.
Why a full-stack architectural method is important
Addressing this threat will not be confined to any single safety management, protocol, or layer. It requires a full-stack architectural method that applies quantum‑protected cryptography constantly throughout machine integrity and community communications.
The Cisco full-stack PQC structure is constructed round this precept: defend what runs (machine integrity) and what flows (information in transit) with quantum-safe cryptography utilized finish to finish. Safety begins earlier than the working system even hundreds, with Cisco Safe Boot establishing a quantum‑protected chain of belief for Cisco C9000 Sensible Switches from the second they energy on. By cryptographically validating every stage of the boot course of with quantum-resistant algorithmsit ensures that solely verified software program runs, making a strong and safe basis for community operations.
That very same architectural precept applies to how information strikes throughout the community. From IPsec tunnels connecting branches to MACsec securing the campus, Cisco integrates quantum‑resistant key alternate immediately into important community protocols. The result’s constant, quantum‑protected safety throughout the complete know-how stack with out requiring disruptive adjustments to community design or operations.
For massive enterprise networks—the place real-time collaboration, AI-driven automation, and high-value information flows are the norm—this “safety fused into the community” mannequin is important for digital resilience at scale.
Engineering for resilience begins now
For IT leaders managing massive enterprise infrastructures, the most secure time to construct quantum resistance into the stack is throughout ongoing improve cycles—not after the menace turns into pressing.
Begin by auditing present machine authentication and encryption workflows to pinpoint dependencies on RSA- and ECC-based algorithms. Prioritize upgrades to platforms supporting full-stack PQC, guaranteeing each machine integrity and community site visitors are secured towards quantum threats.
With quantum-resilient networking as a core functionality, enterprises can confidently deploy AI-driven purposes, preserve uninterrupted operations, and mitigate dangers from quickly advancing cyberthreats.
Full-stack PQC is the new actuality for enterprise safety
Full-stack PQC is not a speculative idea; it’s physics. The transition to Cisco IOS XE 26 represents a maturing of the safety panorama by which we cease assuming our encryption is unbreakable and begin engineering for a world the place it isn’t.
Whether or not you’re defending towards HNDL assaults immediately or getting ready for compliance with the NSA’s CNSA 2.0 timeline, the trail ahead is evident. The quantum clock is ticking, and the time to behave is now.
Uncover how Cisco is modernizing networking for the AI period with quantum-resilient community safety at each layer. Go to our AI-ready safe community structure web site to discover the newest improvements in safe networking.
Discover our AI-ready safe community structure to see how we’re redefining the way forward for safe connectivity.
