uva.nl

Quantum Impact on Societal Security

Events

Upcoming QISS event: Post-quantum Cryptography Transition in the Financial Sector

Date:

Screenshot

Join us on 17 September 14:00-15:30 CEST for an online event on the post-quantum cryptography transition in such a critical sector as the financial system to discuss the state of play, challenges and the way forward with a line-up of distinguished experts in the field. 
Participation is free, but registration is required. The event link will be provided to registered participants.

Register_b



 Agenda:

14:00-15:00 Speaker presentations

15:00-15:30 Q&A and discussion

 

Speakers:

  • Laima Jančiūtė, Postdoctoral researcher, University of Amsterdam
  • Mike Silverman, Chief Strategy and Innovation Officer, FS-ISAC
  • Dennis van Heijst, Supervisor Operational and IT risk, De Nederlandsche Bank
  • Jaime Gómez García, Global Head of Santander Quantum Threat Program/Chair of the Europol Quantum Safe Financial Forum (TBC)
  • A speaker from the UK Financial Conduct Authority (TBC)

The context of the discussion
The financial sector is part of the critical infrastructure in which cyber threats represent systemic risks. Cryptographic security is fundamental for the functioning of the financial ecosystem. As warned by the International Monetary Fund in 2021, the anticipated “massive computing power of quantum machines threatens modern cryptography, with far-reaching implications for the financial stability and privacy” and that given that quantum computers also pose retroactive risks, “the time for action is now”. The Dutch PQC Migration Handbook identifies financial entities as “urgent adopters” who should start migration to quantum-resistant cryptography as soon as possible. Similarly, the Europol’s Quantum Safe Financial Forum has called in February 2025 for an urgent coordinated action to transition to PQC. Nevertheless, although various sector-specific initiatives to prepare for the mitigation of the quantum threat have already been taking place and awareness is gradually increasing, as some surveys have shown, there is still an overall lack of quantum-readiness and investment in related measures. At the same time, as a survey conducted by the German Information Security authority and KPMG indicated, regulatory requirements would stimulate a vast majority of organisations to adopt more proactive attitudes towards deployment of quantum-safe cryptography. In the EU, a sector-specific legislation DORA has been recently introduced highlighting the importance of strong cybersecurity requirements in the financial sector. General PQC transition-related policies have been also put in place in various countries, including in the US and the EU, alongside the existing data protection and cybersecurity frameworks. According to the Quantum Safe Financial Forum, at present “there is no need for additional legislation to be made; a voluntary framework established between regulators and the private sector would be sufficient to set guidelines for quantum-safe cryptography and promoting standardisation across institutions”. In the meantime, the first PQC algorithms have been standardised to facilitate practical implementations.

What is the state of play of the PQC transition in the financial sector? What governance steps are still needed for its full enactment?

 


Back