Your personalized quantum readiness overview — domain-level scores, critical findings, and prioritized remediation plan based on your assessment data.
Your combined score across all three assessment domains, weighted by cryptographic inventory completeness, NIST standard alignment, and remediation velocity.
Scores per assessment domain based on tool-driven analysis of your current infrastructure, cryptographic posture, and readiness maturity.
High-severity findings identified through automated scanning (QRAMM, PKI-Scanner, NetSquid) and manual validation. Each finding includes affected assets, risk rating, and recommended remediation.
Automated PKI-Scanner analysis identified 47 deprecated cipher suites (3DES, RC4, CBC-mode TLS 1.2) actively configured across 12 production endpoints spanning 3 data centers and 2 cloud regions. These cipher suites are vulnerable to present-day attacks and will not support PQC key establishment migration paths. TLS 1.3 migration is a prerequisite for PQC KEM integration via ML-KEM (FIPS 203).
QRAMM cryptographic discovery mapped 1,247 certificates across the enterprise. Of these, 428 (34%) lack documented ownership, expiry tracking, or purpose classification. Without complete inventory and ownership attribution, quantum-vulnerable key rotation cannot be scoped, prioritized, or executed. Unknown certificates represent a material risk to PQC migration timeline and post-quantum cryptographic agility.
Cryptographic agility questionnaire sent to 14 critical technology vendors (identity, network infrastructure, cloud platforms, security tooling). To date, 8 vendors have not provided PQC migration timelines or algorithm support roadmaps. Vendor crypto-agility is a dependency for the enterprise PQC migration window beginning 2028. Non-responsive vendors represent an unquantified supply-chain risk to the CNSA 2.0 compliance timeline.
Prioritized action plan ranked by risk severity and dependency order. Each item maps to a finding from the assessment and targets a specific readiness improvement.
| Rank | Finding | Domain | Risk | Effort | Target |
|---|---|---|---|---|---|
| 1 |
TLS 1.3 Migration — All Production Endpoints
Prerequisite for ML-KEM PQC key establishment integration
|
PQC | Critical | 3 months | Q3 2026 |
| 2 |
Certificate Inventory & Ownership Mapping
QA-validated certificate register with expiry tracking and owner attribution
|
PQC | Critical | 6 weeks | Q2 2026 |
| 3 |
Vendor PQC Readiness Assessment
Escalate and complete cryptographic agility questionnaires for 14 critical vendors
|
PQC | High | 8 weeks | Q2 2026 |
| 4 |
Quantum Networking Protocol Audit — Extended Scope
NetSquid simulation of QKD integration for inter-data-center links
|
Networking | Medium | 4 weeks | Q3 2026 |
| 5 |
ML Pipeline Quantum Advantage Screening
SQOUT analysis of operations research workloads for hybrid quantum-classical candidates
|
Optimization | Low | 3 weeks | Q4 2026 |
Regulatory deadline for financial and critical infrastructure sectors. Organizations that begin today gain a 12–18 month advantage in vendor negotiations, architecture planning, and regulatory positioning.
Enterprise PQC Compliance Window
Banks and regulated enterprises begin mandatory migration. Regulatory pressure from OCC, ECB, and MAS expected to align with this deadline.
Your dashboard is updated as new assessment data becomes available. Schedule a review session with our team to walk through the findings and remediation plan.