IBM & Entrust: Cryptography for Post-Quantum Security Risks

As the industry scrambles to adopt quantum safe technologies ahead of Q-day, Entrust has announced a new collaboration with IBM Consulting to help enterprises take control of their cryptography.

The partnership combines IBM’s expertise in quantum-safe transformation services with Entrust’s established capabilities in PKI, cryptographic security and hardware security to execute a governed transition to quantum safety.

The goal is to establish an enterprise-wide cryptographic operating model built around the Entrust Cryptographic Security Platform (CSP). 

The CSP acts as a unified control plane, delivering continuous discovery, visibility, policy enforcement and lifecycle automation across certificates, keys and secrets. 

This is a strong move from merely understanding post-quantum risks to actively addressing them through structured execution.

“With regulatory expectations increasing and quantum computing advances continuing to accelerate, organisations can no longer treat quantum risk as a future concern,” says Dinesh Nagarajan, Executive Partner and Global Service Line Leader for Quantum-Safe and Data Security at IBM Consulting. 

“Preparation can no longer be delayed. By partnering with Entrust, we can help organisations move decisively toward post-quantum readiness, with solutions built for sustainable governance, resilience and scale.”

Why enterprises must act on cryptographic risk now

Technological advancements have ensured that quantum computing is no longer a distant concept, but has rapidly claimed the mantle of being a board-level concern. 

This is particularly true for regulated industries and organisations managing long-lived sensitive data. 

Threat actors on the other hand are already harvesting encrypted data today with the intention of decrypting it in the future and this happens as global regulatory pressure continues to mount.

Regardless, this transformation is not without hurdles. Cryptographic sprawl being a premier concern. 

The concern emerges around the fragmentation of cryptographic assets such as certificates, keys and secrets, which are so often scattered across legacy systems, cloud platforms and DevOps pipelines, each of which are governed by inconsistent policies. 

Traditional one-off assessments and isolated tools are no longer sufficient. 

Organisations need a unified control and remediation framework that can provide continuous oversight and enable consistent governance across all cryptographic assets.

This is where the Entrust and IBM Consulting collaboration aims to deliver measurable value.

A structured approach to quantum-safe transformation

The joint solution by the partners offers a comprehensive, end-to-end programme designed to guide organisations through their transition to quantum-resistant cryptography. 

Starting with enterprise-wide discovery and risk assessment, to using Entrust Cryptographic Security Platform to provide visibility into cryptographic assets followed by mapping the  exposure to business services, data longevity and regulatory requirements.

From there, IBM Consulting develops a business-aligned migration roadmap using its Quantum Safe Migration Orchestrator. 

This converts insights into a prioritised, risk-based plan tailored to operational and compliance needs. 

The final phase focuses on managed execution and ongoing governance, ensuring changes are implemented safely while enforcing policy and automating lifecycle processes.

“Quantum preparedness starts with regaining control of your cryptography across applications, clouds, identities and infrastructure,” says Mike Baxter, Chief Technology & Product Officer, Entrust.

“We are excited to partner with IBM Consulting, which brings deep expertise in orchestrating the enterprise transformation required to deliver effective cryptographic management. 

“Entrust supports this with its unified control plane for PKI, keys, certificates, and secrets, anchored in post-quantum compliant hardware security modules. 

“Together, we can help customers establish governance, reduce operational risk today and adopt crypto-agility so they can transition to post-quantum standards with confidence.”

A key strength of the collaboration lies in its ability to deliver centralised control while reducing operational complexity. 

Entrust provides a single control plane across PKI, certificates, keys and secrets, while IBM Consulting oversees deployment and operation to ensure consistent governance at scale.

The partnership also enables organisations to align cryptographic maturity with business risk. 

By linking cryptographic exposure to critical services and regulatory demands, enterprises can prioritise remediation efforts and demonstrate audit-ready compliance.

Ultimately, the combined solution is designed to help organisations reduce cryptographic debt, minimise disruption and build long-term resilience.

As quantum threats continue to evolve, this approach supports a smoother transition to post-quantum standards while maintaining security and operational stability.