Federal CISO warns modernization without PQC readiness ‘creates technical debt’

Federal Chief Information Security Officer (CISO) Mike Duffy warned on Tuesday that government IT modernization efforts that fail to account for post-quantum cryptography (PQC) risk creating long-term technical debt.

Speaking during Palo Alto Networks’ Quantum-Safe Summit, Duffy emphasized that PQC readiness is “central to responsible IT modernization,” and a key priority for the Trump administration.

“Modernization without considering PQC readiness or cryptographic agility is really creating technical debt in the future, something that we don’t want to see ever,” Duffy said. “We know that government systems are meant to operate for years, sometimes decades, due to their mission, and the last thing that we would want to do is build or modernize without a consideration for that distant future.”

Read more at MeriTalk