The Quantum Migration Divide: Why Critical Infrastructure Risks Being Left Behind

The world’s cryptographic backbone is slowly being re-engineered for a quantum future. But while IT systems are inching forward with post-quantum cryptography (PQC) support, unmanaged devices—from factory controllers to hospital communications gear—remain worryingly behind.

The State of PQC Adoption

Fresh analysis from Forescout shows measurable progress but also sharp disparities. SSH servers are leading the charge: 8.5% of all deployed servers now support PQC, a bump from earlier this year, and within OpenSSH the figure is even higher at 26%. Most of this growth comes from newer OpenSSH releases that default to standardized PQC key exchange algorithms like SNTRUP and ML-KEM.

The transport layer tells a different story. TLS 1.3 adoption, the only protocol version that can accommodate PQC algorithms, has stagnated at 19%. Worse, TLS 1.2—still quantum-unsafe—actually climbed in usage to 46%. The inertia underscores how difficult it is to push protocol upgrades across sprawling networks.

The Weakest Links: Unmanaged Devices

Where the numbers get truly grim is outside the world of traditional IT. Roughly 42% of IT endpoints running OpenSSH are already quantum-capable, but adoption craters to 20% for IoT, 11% for operational technology and network equipment, and a negligible 2% for internet-connected medical devices.

Those gaps matter. Routers, VPN appliances, and firewalls—many of which run on outdated or proprietary crypto stacks—are exactly the targets state-aligned hackers favor for persistence and espionage. If these devices transmit credentials or control commands over breakable encryption, they become prime candidates for long-term compromise.

Industry Breakdown

The divide is sector-specific too. Business and professional services, which tend to rely on more modern IT infrastructure, show the highest PQC uptake. Manufacturing, oil and gas, and mining remain at the bottom, reflecting their dependence on unmanaged and embedded systems that can’t be upgraded with a patch.

Beyond TLS and SSH

Even if every server flipped to PQC tomorrow, the migration wouldn’t be complete. VPN protocols such as IPsec and WireGuard, industrial standards, and healthcare-specific communications protocols all have their own PQC roadmaps. Many embedded stacks rely on outdated cryptographic libraries—or in some cases, bespoke implementations—making the transition even harder.

What Organizations Should Do

Security teams are being urged to treat PQC migration not as a single upgrade but as a multi-year inventory and risk-management project. That means:

• Classifying data by sensitivity and shelf life. Short-term data may be safe under today’s crypto, but anything with long-term value—like health records or merger files—must be prioritized.

• Building asset inventories. Organizations need visibility into which devices already support PQC and which are stuck on legacy crypto.

• Contextualizing risk. A TLS 1.2 session in a closed enclave may be tolerable; a legacy FTP server holding intellectual property is not.

• Designing for agility. Quantum-safe does not mean future-proof. Networks must support key rotation and algorithm agility as standards evolve.

Countdown to Q-Day

Global migration deadlines set for 2030–2035 might sound far away, but the pace of adoption suggests that laggards could remain exposed well past that horizon. And with threat actors already stockpiling encrypted data for “harvest now, decrypt later” campaigns, the stakes aren’t theoretical.

The quantum transition is no longer about “if,” but about “how fast.” Organizations that wait to act will find themselves stuck with legacy infrastructure while adversaries quietly wait for Q-Day.