As massive enterprises modernize their networks for the AI period, one problem stands out: the looming threat posed by quantum computing. At Cisco Dwell 2026 Amsterdam, Cisco responded by introducing what we describe as the trade’s first full-stack post-quantum cryptography (PQC) structure.
This resolution applies quantum-safe cryptography throughout each layer—from gadget integrity at boot to information in transit safety for important connections—utilizing Nationwide Institute of Requirements and Know-how (NIST)-approved quantum-resistant algorithms. For community engineers and safety architects, this marks essentially the most important cryptographic leap in additional than 20 years.
Understanding the cryptographic problem
PQC addresses a structural weak point uncovered by quantum computing in fashionable cryptography. Whereas sturdy symmetric encryption akin to Superior Encryption Customary-Galois/Counter Mode (AES‑GCM) might already be in place to guard information, the cryptographic mechanisms used to set up and alternate these encryption keys are anticipated to turn into susceptible to quantum-based assaults.
For big-scale organizations working huge, multisite networks, this vulnerability represents not only a technical concern however a enterprise continuity threat. Algorithms akin to Rivest–Shamir–Adleman (RSA) and Elliptic Curve Cryptography (ECC) stay safe towards classical computing however is not going to stand up to cryptographically related quantum computer systems—techniques highly effective sufficient to interrupt right this moment’s broadly deployed public-key cryptography.
The rising risk of harvest now, decrypt later
This weak point is what makes the harvest now, decrypt later (HNDL) risk so critical. Delicate encrypted information is already being collected at scale throughout enterprise networks and digital providers. Whereas this information stays protected right this moment, it’s being retained by attackers with the expectation that quantum computer systems will expose it. When a cryptographically related quantum pc emerges, years of collected information may very well be uncovered directly, making a long-term threat for organizations that don’t act now.
The increasing scope of the threat
This threat spans each main safety area. At present, an attacker can obtain a signed working system picture and extract the general public keys used to confirm it. Whereas benign for now, this modifications in a quantum future. As soon as quantum computer systems can defeat right this moment’s code‑signing cryptography, an attacker may compromise a vendor’s non-public signing keys and use them to insert backdoors or malware into bootloaders and working techniques that also seem absolutely trusted.
The identical threat applies to encrypted community communications. Encrypted information over Web Protocol Safety (IPsec) or Media Entry Management Safety (MACsec) might be collected and saved right this moment with out being readable. When quantum computer systems turn into obtainable, the public-key cryptography used to set up session keys might be damaged, permitting beforehand captured information to be decrypted lengthy after it was transmitted.
Why a full-stack architectural method is important
Addressing this threat shouldn’t be confined to any single safety management, protocol, or layer. It requires a full-stack architectural method that applies quantum‑secure cryptography persistently throughout gadget integrity and community communications.
The Cisco full-stack PQC structure is constructed round this precept: defend what runs (gadget integrity) and what flows (information in transit) with quantum-safe cryptography utilized finish to finish. Safety begins earlier than the working system even hundreds, with Cisco Safe Boot establishing a quantum‑secure chain of belief for Cisco C9000 Good Switches from the second they energy on. By cryptographically validating every stage of the boot course of with quantum-resistant algorithms, it ensures that solely verified software program runs, making a stable and safe basis for community operations.
That very same architectural precept applies to how information strikes throughout the community. From IPsec tunnels connecting branches to MACsec securing the campus, Cisco integrates quantum‑resistant key alternate instantly into important community protocols. The result’s constant, quantum‑secure safety throughout the complete expertise stack with out requiring disruptive modifications to community design or operations.
For massive enterprise networks—the place real-time collaboration, AI-driven automation, and high-value information flows are the norm—this “safety fused into the community” mannequin is important for digital resilience at scale.
Engineering for resilience begins now
For IT leaders managing massive enterprise infrastructures, the most secure time to construct quantum resistance into the stack is throughout ongoing improve cycles—not after the risk turns into pressing.
Begin by auditing present gadget authentication and encryption workflows to pinpoint dependencies on RSA- and ECC-based algorithms. Prioritize upgrades to platforms supporting full-stack PQC, guaranteeing each gadget integrity and community visitors are secured towards quantum threats.
With quantum-resilient networking as a core functionality, enterprises can confidently deploy AI-driven functions, preserve uninterrupted operations, and mitigate dangers from quickly advancing cyberthreats.
Full-stack PQC is the new actuality for enterprise safety
Full-stack PQC is not a speculative idea; it’s physics. The transition to Cisco IOS XE 26 represents a maturing of the safety panorama wherein we cease assuming our encryption is unbreakable and begin engineering for a world the place it isn’t.
Whether or not you’re defending towards HNDL assaults right this moment or making ready for compliance with the NSA’s CNSA 2.0 timeline, the trail ahead is obvious. The quantum clock is ticking, and the time to behave is now.
Uncover how Cisco is modernizing networking for the AI period with quantum-resilient community safety at each layer. Go to our AI-ready safe community structure website to discover the newest improvements in safe networking.
Discover our AI-ready safe community structure to see how we’re redefining the way forward for safe connectivity.
