Quantum security requirements will hit parts of the organization you did and did not expect, from the security team looking to upgrade its public key infrastructure (PKI), to the development team making sure that upcoming releases are quantum safe, to the infrastructure team looking at hardware refreshes and legacy IoT devices. To build out a successful quantum security roadmap, assemble a cross-functional team that will review cryptographic inventory, prioritize systems, and oversee remediation. This team will own the quantum migration roadmap, track progress, and address any exceptions.   

In our latest report, Technology Leaders Must Work Together To Prepare For Q-Day, we lay out six key technology stakeholders who must engage in the quantum security migration process: security, infrastructure, innovation, development, risk, and procurement. Let’s meet a few members of the team: 

  • Security leaders orchestrate quantum migration. Security leaders lead the cross-functional quantum migration effort by aligning stakeholders on urgency, risks, and timelines; educating less familiar teams on quantum security fundamentals; and keeping pace with evolving standards and vendor capabilities. Their responsibilities include driving cryptographic discovery and inventory, ensuring that data classification supports informed prioritization, and coordinating upgrades to identity and access management systems that rely heavily on vulnerable PKI infrastructures.  
  • Infrastructure leaders lay the quantum-safe foundation. Infrastructure leaders help ensure that every platform, from data center to cloud to edge, can withstand the shift to postquantum cryptography. Infrastructure leaders will find themselves leading a comprehensive readiness assessment across all infrastructure environments, including SaaS, public cloud, CDNs, IoT/OT, and legacy systems, since cryptography is embedded everywhere. They must evaluate vendor timelines for postquantum cryptography (PQC) adoption, initiate discussions with third-party platform providers, and secure formal attestations or SLAs that confirm migration commitments. For infrastructure under direct enterprise control, leaders must prioritize upgrades to networking components and verify that routers, firewalls, switches, and back-end communication paths support quantum-safe protocols.  
  • Procurement leaders shape quantum-safe purchasing requirements. Procurement leaders play a critical and often underestimated role in Q-day readiness. Because quantum-safe security hinges not only on internal migration but also on vendor maturity, procurement becomes a strategic gatekeeper. They must embed quantum security requirements into RFPs, SLAs, and standard contract language, ensuring vendors disclose their PQC roadmaps, support timelines, and evidence of readiness. Procurement leaders must assess the broader vendor ecosystem to determine which partners offer crypto-agile, upgradeable technologies and which pose long-term risk due to slow PQC adoption. 

To learn more about the roles of security, infrastructure, innovation, development, risk, and procurement leaders and properly prepare for Q-day, check out our report, Technology Leaders Must Work Together To Prepare For Q-Day, and schedule an inquiry or guidance session with us. We will also be hosting a webinar for Forrester clients on Monday, March 16.