Entrust & IBM Consulting team up on quantum-safe security

Entrust is collaborating with IBM Consulting on services to help enterprises manage cryptography and move towards quantum-safe security. The partnership centres on a company-wide operating model for certificates, keys and secrets.

It combines IBM Consulting's quantum-safe transformation work with Entrust's cryptographic security, public key infrastructure and hardware security module products. The offering is aimed at organisations seeking to replace fragmented oversight of cryptographic assets with a single governance approach.

The move comes as concern about quantum computing shifts from research circles into corporate risk planning. Companies in regulated sectors, and those holding long-lived sensitive data, face particular pressure because encryption choices made now may affect information that must remain protected for years.

Many large organisations still manage certificates, keys and secrets across legacy systems, cloud environments and software development pipelines using separate tools and inconsistent policies. That creates what security specialists often call cryptographic sprawl, making it harder to track exposure, enforce standards and prepare for newer forms of encryption designed to resist quantum attacks.

Under the collaboration, Entrust's Cryptographic Security Platform will act as the central control layer. IBM Consulting will deploy and operate the platform as part of broader transformation work covering discovery, policy enforcement, lifecycle management and migration planning.

The service is designed to give customers continuous visibility across certificates, keys, secrets, algorithms and trust anchors. It will also map cryptographic exposure to business services, data longevity and regulatory obligations, helping firms prioritise remediation.

Governance focus

A central theme is the shift from one-off assessments to ongoing governance. Rather than treating quantum readiness as a periodic review, the model is intended to support regular monitoring of cryptographic assets and phased updates as standards and business risks change.

IBM Consulting will use its Quantum Safe Migration Orchestrator to turn assessment findings into a risk-based migration roadmap. According to the companies, that roadmap is intended to align technical changes with operational and compliance demands while reducing disruption as systems move towards hybrid and post-quantum cryptography.

The approach reflects a wider challenge for large enterprises. Replacing cryptography is rarely a single software update, because encryption is embedded across applications, devices, networks, cloud services and identity systems. In practice, organisations often need to identify where older algorithms sit, determine which data and services are most exposed, and sequence changes without interrupting core operations.

Entrust and IBM said their joint work is intended to reduce operational risk, support audit requirements and cut what they describe as cryptographic debt. The term commonly refers to the accumulation of outdated or poorly documented encryption methods that can slow security upgrades and create blind spots.

Rising pressure

The backdrop is increasing scrutiny from regulators and boards over preparedness for a future in which sufficiently advanced quantum computers could undermine some current public-key cryptography. Security professionals have also warned for years about "harvest now, decrypt later" tactics, in which attackers steal encrypted data in the expectation that it could become readable in future.

Dinesh Nagarajan, Executive Partner and Global Service Line Leader for Quantum-Safe and Data Security at IBM Consulting, said the issue had moved beyond long-term planning. "With regulatory expectations increasing and quantum computing advances continuing to accelerate, organizations can no longer treat quantum risk as a future concern. Preparation can no longer be delayed," he said. "By partnering with Entrust, we can help organizations move decisively toward post-quantum readiness, with solutions built for sustainable governance, resilience, and scale."

For Entrust, the partnership extends its push to position cryptography management as an operational discipline rather than a narrow security toolset. The company said its platform gives customers a single control plane across public key infrastructure, certificates, keys, secrets and other cryptographic controls, while remaining vendor-neutral across older and newer environments.

That may appeal to large organisations dealing with mixed technology estates. Many run long-established on-premises systems alongside cloud workloads and DevOps processes, each with different security teams and procurement histories. Bringing those areas under a shared policy framework is often one of the harder parts of a cryptographic overhaul.

Mike Baxter, Chief Technology & Product Officer at Entrust, said the first step was broader visibility and control. "Quantum preparedness starts with regaining control of your cryptography across applications, clouds, identities, and infrastructure. We are excited to partner with IBM Consulting, which brings deep expertise in orchestrating the enterprise transformation required to deliver effective cryptographic management. Entrust supports this with its unified control plane for PKI, keys, certificates, and secrets, anchored in post-quantum compliant hardware security modules. Together, we can help customers establish governance, reduce operational risk today, and adopt crypto-agility so they can transition to post-quantum standards with confidence," he said.