CISA Issues Federal Buying Guidance for Post-Quantum Cryptography

Insider Brief

• CISA issued new federal guidance identifying technology product categories where post-quantum cryptography is widely available and directing agencies to procure only quantum-resistant products in those categories.
• The guidance responds to a 2025 executive order and aligns federal procurement with NIST-standardized post-quantum algorithms designed to protect data against future quantum-enabled cyber threats.
• CISA divided products into categories that are already post-quantum capable and those still transitioning, signaling where vendors must accelerate implementation to meet future federal security requirements.

CISA on Jan. 23 published new federal guidance urging agencies and critical-infrastructure operators to buy only post-quantum cryptography–capable products in technology categories where such tools are now widely available, marking a concrete step in the U.S. government’s transition to quantum-resistant cybersecurity.

The guidance, issued by the Cybersecurity and Infrastructure Security Agency, responds to a June 2025 executive order directing the Department of Homeland Security to identify product categories in which post-quantum cryptography, or PQC, is already commercially mature. The lists are intended to shape federal procurement decisions and signal to industry where quantum-resistant security is no longer optional.

CISA said the lists are designed to move PQC adoption from long-range planning into day-to-day buying decisions. Once a product category is deemed to have widely available PQC-capable options, agencies are expected to plan acquisitions so that only PQC-capable products are purchased in that category.

According to Crick Waters, CEO of Patero, the guidance goes beyond a mere bureaucratic nudge.

“The list is a necessary compliance step, but it’s also an early market-shaping signal,” said Waters in a statement. “The categories are broad, which makes it difficult for network engineers to identify what’s actually required to deploy PQC upgrades across networks, databases, and code repositories. For vendors, the list effectively provides keyword categories that agencies and integrators will use to discover products — so how you map your offerings to these categories will matter.”

Post-quantum cryptography refers to encryption and authentication methods designed to withstand attacks from future quantum computers, which could break many of today’s widely used cryptographic systems. While such machines do not yet exist at scale, the data they could expose — government records, infrastructure controls, health information and intellectual property — often needs to remain secure for decades.

CISA’s guidance focuses on mainstream information-technology products typically acquired by the federal government, rather than experimental systems or niche tools. “Widely available,” as used in the document, means products that can be purchased through normal procurement channels without special arrangements.

What Counts as Post-Quantum Security

The guidance centers on two core cryptographic functions — key establishment and digital signatures. Key establishment governs how encryption keys are securely shared, enabling confidential communications. Digital signatures are used to verify the origin and integrity of data and software, helping ensure that systems are talking to the right parties and that information has not been altered.

Many current products already implement quantum-resistant methods for key establishment, even if they still rely on older approaches for digital signatures. CISA said that distinction matters, because it means some products provide partial — but not complete — protection against future quantum attacks.

Automated tools that scan networks to discover and inventory cryptography are explicitly excluded from the scope of the lists.

CISA identified several product categories where PQC-capable offerings are already broadly available and should now be the default choice for federal buyers.

These include cloud services such as infrastructure-as-a-service and platform-as-a-service offerings, collaboration tools like chat and messaging software, core web software including browsers and servers and endpoint security products that protect data stored on devices, such as full-disk encryption systems.

In most of these areas, vendors have implemented quantum-resistant techniques for establishing encryption keys, even if quantum-safe digital signatures are not yet common. CISA said these products still belong on the “widely available” list because a primary security function is already quantum resistant.

A second list highlights product categories where PQC adoption is underway but not yet considered widespread. For these technologies, CISA encouraged manufacturers to continue implementing and testing PQC across all core and secondary functions, including software updates.

This transition list spans much of the enterprise technology stack, including networking hardware and software, software-as-a-service platforms, telecommunications equipment, operating systems, storage systems, identity and access management tools, enterprise security software and collaboration platforms such as email and file sharing.

CISA said products in these categories should not only support PQC in primary functions but also ensure that auxiliary features — such as update mechanisms — are protected against future quantum attacks. As these technologies mature, categories will be moved from the transition list to the widely available list in future updates.

Anchored in NIST Standards

The guidance is closely tied to work by the National Institute of Standards and Technology, which has spent nearly a decade evaluating and standardizing quantum-resistant algorithms.

NIST has already published federal standards for several PQC algorithms, including lattice-based methods for key establishment and digital signatures, as well as hash-based signature schemes designed to remain secure even against powerful quantum computers. These standards are intended to replace widely used cryptographic systems that are vulnerable to quantum attacks.

CISA pointed agencies to NIST’s transition guidance, which outlines how organizations should move from quantum-vulnerable encryption to quantum-resistant alternatives over time. That process is expected to unfold gradually, with additional algorithms and application-specific guidance added in the coming years.

Beyond federal procurement, the guidance serves as a market signal to technology vendors and infrastructure operators. By naming specific product categories and linking them to acquisition expectations, CISA is effectively drawing a line between technologies that should already be quantum ready and those that must accelerate their transition.

The agency emphasized that the lists are not exhaustive and will be updated regularly as products evolve and new categories mature. Operational technology and internet-of-things devices, while also expected to migrate to PQC, are outside the scope of the current guidance.

Read the complete list of CISA guidelines here.