CISA publishes a post-quantum shopping list for agencies. Security professionals aren\u2019t sold | CyberScoop<\/title> <meta name=\"description\" content=\"A guide aims to help tech buyers navigate their switch to post-quantum encryption, but experts cautioned that most products and backend internet protocols have yet to be updated.\"> <link rel=\"canonical\" href=\"https:\/\/cyberscoop.com\/cisa-post-quantum-cryptography-procurement-guide-expert-criticism\/\"> <meta property=\"og:locale\" content=\"en_US\"> <meta property=\"og:type\" content=\"article\"> <meta property=\"og:title\" content=\"CISA publishes a post-quantum shopping list for agencies. Security professionals aren\u2019t sold\"> <meta property=\"og:description\" content=\"A guide aims to help tech buyers navigate their switch to post-quantum encryption, but experts cautioned that most products and backend internet protocols have yet to be updated.\"> <meta property=\"og:url\" content=\"https:\/\/cyberscoop.com\/cisa-post-quantum-cryptography-procurement-guide-expert-criticism\/\"> <meta property=\"og:site_name\" content=\"CyberScoop\"> <meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/cyberscoop\/\"> <meta property=\"article:published_time\" content=\"2026-01-27T00:20:30+00:00\"> <meta property=\"article:modified_time\" content=\"2026-01-27T00:20:33+00:00\"> <meta name=\"author\" content=\"djohnson\"> <meta name=\"twitter:card\" content=\"summary_large_image\"> <meta name=\"twitter:image\" content=\"https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2026\/01\/cisa-publishes-a-post-quantum-shopping-list-for-agencies-security-professionals-arent-sold-2.jpg\"> <meta name=\"twitter:creator\" content=\"@CyberScoopNews\"> <meta name=\"twitter:site\" content=\"@CyberScoopNews\">  <link rel=\"dns-prefetch\" href=\"\/\/securepubads.g.doubleclick.net\">\n<link rel=\"dns-prefetch\" href=\"\/\/use.typekit.net\">\n<link rel=\"alternate\" type=\"application\/rss+xml\" title=\"CyberScoop \u00bb Feed\" href=\"https:\/\/cyberscoop.com\/feed\/\">\n<link rel=\"alternate\" type=\"application\/rss+xml\" title=\"CyberScoop \u00bb Comments Feed\" href=\"https:\/\/cyberscoop.com\/comments\/feed\/\"> <link rel=\"stylesheet\" id=\"all-css-2\" href=\"https:\/\/cyberscoop.com\/wp-includes\/css\/dist\/block-library\/style.min.css?m=1765909325g\" type=\"text\/css\" media=\"all\"> <link rel=\"stylesheet\" id=\"all-css-6\" href=\"https:\/\/cyberscoop.com\/wp-content\/mu-plugins\/search\/elasticpress\/dist\/css\/related-posts-block-styles.min.css?m=1767719924g\" type=\"text\/css\" media=\"all\"> <link rel=\"stylesheet\" id=\"all-css-8\" href=\"https:\/\/cyberscoop.com\/wp-content\/themes\/scoopnewsgroup\/dist\/css\/frontend.css?m=1767808656g\" type=\"text\/css\" media=\"all\">\n<link rel=\"stylesheet\" id=\"typekit-css\" href=\"https:\/\/use.typekit.net\/itk2qbh.css?ver=13897d660a0ac2c9c7d1\" media=\"all\"> <link rel=\"https:\/\/api.w.org\/\" href=\"https:\/\/cyberscoop.com\/wp-json\/\"><link rel=\"alternate\" title=\"JSON\" type=\"application\/json\" href=\"https:\/\/cyberscoop.com\/wp-json\/wp\/v2\/posts\/87563\"><meta name=\"generator\" content=\"WordPress 6.8.3\">\n<link rel=\"shortlink\" href=\"https:\/\/cyberscoop.com\/?p=87563\">\n<link rel=\"alternate\" title=\"oEmbed (JSON)\" type=\"application\/json+oembed\" href=\"https:\/\/cyberscoop.com\/wp-json\/oembed\/1.0\/embed?url=https%3A%2F%2Fcyberscoop.com%2Fcisa-post-quantum-cryptography-procurement-guide-expert-criticism%2F\">\n<link rel=\"alternate\" title=\"oEmbed (XML)\" type=\"text\/xml+oembed\" href=\"https:\/\/cyberscoop.com\/wp-json\/oembed\/1.0\/embed?url=https%3A%2F%2Fcyberscoop.com%2Fcisa-post-quantum-cryptography-procurement-guide-expert-criticism%2F&format=xml\">   <link rel=\"icon\" href=\"https:\/\/cyberscoop.com\/wp-content\/uploads\/sites\/3\/2023\/01\/cropped-cs_favicon-2.png?w=32\" sizes=\"32x32\">\n<link rel=\"icon\" href=\"https:\/\/cyberscoop.com\/wp-content\/uploads\/sites\/3\/2023\/01\/cropped-cs_favicon-2.png?w=192\" sizes=\"192x192\">\n<link rel=\"apple-touch-icon\" href=\"https:\/\/cyberscoop.com\/wp-content\/uploads\/sites\/3\/2023\/01\/cropped-cs_favicon-2.png?w=180\">\n<meta name=\"msapplication-TileImage\" content=\"https:\/\/cyberscoop.com\/wp-content\/uploads\/sites\/3\/2023\/01\/cropped-cs_favicon-2.png?w=270\"> <\/head><body class=\"wp-singular post-template-default single single-post postid-87563 single-format-standard wp-theme-scoopnewsgroup wp-child-theme-cyberscoop\" id=\"readabilityBody\"> <a href=\"https:\/\/cyberscoop.com\/cisa-post-quantum-cryptography-procurement-guide-expert-criticism\/#main\" class=\"skip-to-content-link visually-hidden-focusable\">Skip to main content<\/a> <\/p>\n<div class=\"ad ad--top ad--top-desktop\">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<p> <main id=\"main\" role=\"main\" tabindex=\"-1\"> <\/p>\n<div class=\"ad ad--top ad--top-mobile\">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<section id=\"stickybar\" class=\"stickybar stickybar--newsletter js-stickybar\" readability=\"0.82\"> <button class=\"stickybar__close js-stickybar-close\" aria-controls=\"stickybar\"> <svg class=\"icon icon--close\" width=\"21\" height=\"22\" viewBox=\"0 0 21 22\" fill=\"none\"><path d=\"m.822.518-.805.805L9.695 11 .017 20.678l.805.805 9.678-9.678 9.677 9.678.806-.805L11.305 11l9.678-9.677-.806-.805-9.677 9.677L.822.518Z\" fill=\"currentColor\" \/><\/svg> <span class=\"visually-hidden\">Close<\/span> <\/button> <\/section>\n<article class=\"single-article content\">\n<div class=\"single-article__container js-single-article-content\">\n<header class=\"single-article__header \" readability=\"26.1\">\n<div class=\"single-article__header-content\" readability=\"34.755230125523\">\n<ul class=\"single-article__eyebrow\">\n<li class=\"single-article__category\"> <a class=\"single-article__category-link\" href=\"https:\/\/cyberscoop.com\/cisa-post-quantum-cryptography-procurement-guide-expert-criticism\/\"> <span>Cybersecurity<\/span> <\/a> <\/li>\n<\/ul>\n<p> A guide aims to help tech buyers navigate their switch to post-quantum encryption, but experts cautioned that most products and backend internet protocols have yet to be updated. <\/p>\n<p>  <br \/>\n<audio id=\"audio-player\" src=\"https:\/\/wp-tts-cdn.api.scpnewsgrp.com\/cyberscoop\/87563\/english.openai.mp3\"><\/audio> <\/p>\n<div readability=\"11\">\n<div>\n<p>Listen to this article<\/p>\n<p>  <\/p>\n<p>0:00<\/p>\n<\/p><\/div>\n<p>  <\/p>\n<p> <span id=\"tts-tooltip\">Learn more.<\/span> <span> This feature uses an automated voice, which may result in occasional errors in pronunciation, tone, or sentiment. <\/span> <\/p>\n<\/div>\n<p>  <\/div>\n<div class=\"single-article__cover-wrap\">\n<figure class=\"single-article__cover\"> <img data-recalc-dims=\"1\" fetchpriority=\"high\" width=\"640\" height=\"426\" src=\"https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2026\/01\/cisa-publishes-a-post-quantum-shopping-list-for-agencies-security-professionals-arent-sold.jpg?resize=640%2C426&ssl=1\" class=\"single-article__cover-image wp-post-image\" alt decoding=\"async\" fetchpriority=\"high\" srcset=\"https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2026\/01\/cisa-publishes-a-post-quantum-shopping-list-for-agencies-security-professionals-arent-sold-2.jpg 7926w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2026\/01\/cisa-publishes-a-post-quantum-shopping-list-for-agencies-security-professionals-arent-sold-2.jpg?resize=300,200 300w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2026\/01\/cisa-publishes-a-post-quantum-shopping-list-for-agencies-security-professionals-arent-sold-2.jpg?resize=768,512 768w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2026\/01\/cisa-publishes-a-post-quantum-shopping-list-for-agencies-security-professionals-arent-sold-2.jpg?resize=1024,683 1024w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2026\/01\/cisa-publishes-a-post-quantum-shopping-list-for-agencies-security-professionals-arent-sold-2.jpg?resize=1536,1024 1536w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2026\/01\/cisa-publishes-a-post-quantum-shopping-list-for-agencies-security-professionals-arent-sold-2.jpg?resize=2048,1365 2048w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2026\/01\/cisa-publishes-a-post-quantum-shopping-list-for-agencies-security-professionals-arent-sold-2.jpg?resize=600,400 600w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2026\/01\/cisa-publishes-a-post-quantum-shopping-list-for-agencies-security-professionals-arent-sold-2.jpg?resize=252,168 252w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2026\/01\/cisa-publishes-a-post-quantum-shopping-list-for-agencies-security-professionals-arent-sold-2.jpg?resize=506,337 506w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2026\/01\/cisa-publishes-a-post-quantum-shopping-list-for-agencies-security-professionals-arent-sold-2.jpg?resize=1013,675 1013w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2026\/01\/cisa-publishes-a-post-quantum-shopping-list-for-agencies-security-professionals-arent-sold-2.jpg?resize=1265,843 1265w\" sizes=\"(max-width: 1013px) 100vw, 1013px\"><figcaption> The interior of the IBM Quantum System Two is seen at IBM Thomas J. Watson Research Center on June 6, 2025 in Yorktown Heights, New York. A guide aims to help tech buyers navigate their switch to post-quantum encryption, but experts cautioned that most products and backend internet protocols have yet to be updated. (Photo by ANGELA WEISS \/ AFP) (Photo by ANGELA WEISS\/AFP via Getty Images) <\/figcaption><\/figure>\n<\/p><\/div>\n<\/header>\n<div class=\"single-article__content\">\n<div class=\"single-article__content-inner has-drop-cap\"> <html readability=\"71.938385269122\"><body readability=\"145.57127429806\"><\/p>\n<p>The Cybersecurity and Infrastructure Security Agency is hoping to guide federal agencies through the murky process of updating their technology stack with quantum-resistant encryption.<\/p>\n<p>On Jan. 23, the agency <a href=\"https:\/\/www.cisa.gov\/resources-tools\/resources\/product-categories-technologies-use-post-quantum-cryptography-standards\">released<\/a> a list of different IT software and hardware products that are commonly purchased by the federal government and use cryptographic algorithms for encryption or authentication.<\/p>\n<p>The guidance covers cloud services like Platform-as-a-Service and Infrastructure-as-a-Service, collaboration software, web software like browsers and servers, and endpoint security tools that provide full disk and at-rest data encryption.<\/p>\n<p>CISA pointed to these products as examples where hardware and software post-quantum cryptography standards are \u201cwidely available\u201d and designed \u201cto protect sensitive information\u2026including after the advent of a cryptographically relevant quantum computer (CRQC).\u201d<\/p>\n<div class=\"ad ad--inline_1 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<p>Federal agencies and the private sector are preparing for the long-term threat posed by quantum computers, which many cryptographers believe will one day be able to break through some forms of classical encryption.<\/p>\n<p>The federal government is currently operating under an <a href=\"https:\/\/www.google.com\/search?q=Executive+Order+14144+%282025%29&rlz=1C5CHFA_enUS1092US1092&oq=post+quantum+agency+timelines+executive+order&gs_lcrp=EgZjaHJvbWUyCQgAEEUYORigATIHCAEQIRirAjIHCAIQIRiPAtIBCTEwNTUwajBqOagCBrACAfEF9yaqHZ2Cyos&sourceid=chrome&ie=UTF-8&ved=2ahUKEwjr7vaam6qSAxWgGlkFHQXTJjUQgK4QegQIARAE\">executive order<\/a> mandating that agencies shift most of their high value systems and devices to post-quantum encryption by 2035. Last year, the Trump administration <a href=\"https:\/\/cyberscoop.com\/trump-administration-quantum-computing-executive-action\/\">held discussions<\/a> with allies and quantum industry executives about a potential executive order that would further move up that timeline.<\/p>\n<p>National security officials have cited concerns that foreign nations could be harvesting encrypted data now in the hopes of accessing them once a quantum codebreaking computer is developed. Industry executives have also pointed to lingering concerns around China\u2019s burgeoning quantum industry as <a href=\"https:\/\/www.bloomberg.com\/news\/articles\/2025-10-23\/us-weighs-quantum-computing-boost-in-effort-to-counter-china\">another factor<\/a> making U.S. businesses and policymakers in Washington nervous.<\/p>\n<p>However, the transition to quantum-resistant encryption protocols is expected to be a massive societal task, one that will require parallel collaboration and buy-in from not only from hardware and software vendors but also the constellation of standards bodies, protocols and backend processes that help transport data across the internet.<\/p>\n<p>That reality can lead to an uneven procurement field for buyers, who are being pressed to purchase and implement post quantum encryption solutions today.<\/p>\n<div class=\"ad ad--inline_1 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<p>Alongside the more mature industries, CISA also listed a variety of other technologies \u2013 including networking hardware and software, Software-as-a-Service, security tools like password managers and intrusion detection systems \u2013 as product categories where implementation and testing of PQC capabilities is \u201cencouraged\u201d by manufacturers.<\/p>\n<p>Even the list of seemingly \u201cPQC safe\u201d technologies offered by CISA comes with a caveat: most have post-quantum standards in place for key encapsulation and key agreement, but not for digital signatures or authentication. <\/p>\n<p>Adopting newer post-quantum cryptography will also require redesigning much of the core backend infrastructure that encrypts our data across the internet. Major internet cryptographic protocols like Secure Shell Protocol (SSH) and Transport Layer Security have done some foundational work in this area.<\/p>\n<p>But Surabhi Dahal of Encryption Consulting <a href=\"https:\/\/www.encryptionconsulting.com\/current-landscape-of-post-quantum-cryptography-migration\/\">noted<\/a> in September that \u201cmost protocols are still in the early stages, with proposals being drafted, prototypes being and testing underway to determine how quantum-safe methods can be integrated into existing systems.\u201d<\/p>\n<p>A 2024 <a href=\"https:\/\/www.osti.gov\/servlets\/purl\/2337525\">study<\/a> from the Department of Energy\u2019s Pacific Northwest National Laboratory looked at technical challenges associated with post-quantum migration in just one industrial sector: electric vehicle charging infrastructure. The study found companies faced numerous internal and external obstacles, including \u201cinteroperability concerns, the computational and memory demands of PQC algorithms, and the organizational readiness for such a transition.\u201d<\/p>\n<div class=\"ad ad--inline_1 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<p>Roberta Faux, head of cryptography and field chief technology officer at Arqit, a firm that provides post-quantum encryption services, told CyberScoop that CISA\u2019s guide \u201comits much\u201d detail needed to credibly guide organizations as they navigate their post-quantum security options.<\/p>\n<p>For instance, she said the document provides little to no insight on how to set up cryptographic inventories or timelines, what performance data should be used to measure tradeoffs, how CISA measures or defines what it means by \u201cPQC-capable\u201d or guidance on how to set up hybrid models.<\/p>\n<p>The document \u201cends up feeling optimized for procurement compliance rather than security outcomes,\u201d she said.<\/p>\n<p>Peter Bentley, chief operating officer for Patero, another post-quantum encryption company, expressed similar sentiments, noting that \u201cthe hardest part isn\u2019t selecting a post-quantum algorithm\u2014it\u2019s knowing where cryptography actually lives\u201d because most organizations don\u2019t have detailed inventories. <\/p>\n<p>\u201cWithout that visibility, and arguably developing a Cryptographic Discovery and Inventory best practice, \u2018PQC-enabled\u2019 becomes a marketing label instead of a verifiable capability, especially in hybrid or mixed-vendor environments,\u201d Bentley said. <\/p>\n<div class=\"ad ad--inline_1 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<p>Faux said CISA\u2019s guidance also \u201cconcedes a weakness in today\u2019s post-quantum transition,\u201d namely that most vendor offerings labeled as \u201cPQC-capable\u201d really only address parts of the cryptographic process, leaving some functions like digital signatures and key establishment, with the same classical forms of encryption policymakers are trying to replace.<\/p>\n<p>Cryptographic transitions, she said, are measured in decades, largely due to the time it takes to work out interoperability, performance and operational tradeoffs, with the result being \u201can extended period of half-measures.\u201d<\/p>\n<p>One footnote in the agency guidance acknowledges that two of the post-quantum algorithms approved by the National Institute for Standards and Technology, ML-DSA or SLH-DSA, currently lack production-ready support for implementation. Faux noted that \u201cthis is not a minor caveat.\u201d<\/p>\n<p> \u201cKey agreement without quantum-safe authentication provides limited protection,\u201d she said. \u201cAn attacker can still forge certificates, impersonate endpoints, or conduct man-in-the-middle attacks, even if the session keys are quantum-resistant. In this context, \u2018partial resistance\u2019 is functionally equivalent to no resistance.\u201d<\/p>\n<p><\/body> <\/p>\n<footer class=\"single-article__footer\" readability=\"3.3968804159445\">\n<div class=\"author-card\" readability=\"13\">\n<div class=\"author-card__avatar\">\n<figure class=\"author-card__image-wrap\"> <img data-recalc-dims=\"1\" decoding=\"async\" class=\"author-card__image\" src=\"https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2026\/01\/cisa-publishes-a-post-quantum-shopping-list-for-agencies-security-professionals-arent-sold-1.jpg?w=640&ssl=1\" alt=\"Derek B. Johnson\"> <\/figure>\n<\/p><\/div>\n<p><h4 class=\"author-card__name\">Written by Derek B. Johnson<\/h4>\n<p> Derek B. Johnson is a reporter at CyberScoop, where his beat includes cybersecurity, elections and the federal government. Prior to that, he has provided award-winning coverage of cybersecurity news across the public and private sectors for various publications since 2017. Derek has a bachelor\u2019s degree in print journalism from Hofstra University in New York and a master\u2019s degree in public policy from George Mason University in Virginia. <\/p>\n<\/p><\/div>\n<div class=\"single-article__tags-container\">\n<h4 class=\"single-article__tags-title\">In This Story<\/h4>\n<\/p><\/div>\n<\/footer>\n<p> <\/html><\/div>\n<\/p><\/div>\n<\/p><\/div>\n<div class=\"single-article__ads js-single-article-sidebar\">\n<div class=\"ad ad--sidebar js-single-article-sidebar-5 ad--rightrail_1 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<div class=\"ad ad--sidebar js-single-article-sidebar-4 ad--rightrail_2 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<div class=\"ad ad--sidebar js-single-article-sidebar-3 ad--rightrail_3 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div><\/div>\n<\/article>\n<div class=\"popular-stories popular-stories--single-post\">\n<div class=\"popular-stories__container\">\n<h2 class=\"popular-stories__title\"> More Scoops <\/h2>\n<p>  <\/div>\n<p>\n<\/div>\n<p> <\/p>\n<section class=\"latest-podcasts\">\n<h2 class=\"latest-podcasts__title\"> Latest Podcasts\t<\/h2>\n<\/section>\n<div class=\"top-categories\">\n<div class=\"top-categories__container\">\n<h3 class=\"top-categories__category-title\">Government<\/h3>\n<\/p><\/div>\n<div class=\"top-categories__container\">\n<h3 class=\"top-categories__category-title\">Technology<\/h3>\n<\/p><\/div>\n<\/p><\/div>\n<p> <\/main> <\/p>\n<div class=\"ad ad--bottom \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<div id=\"interstitial\" class=\"welcome__container\"> <button id=\"close-modal-1\" class=\"welcome__clickable_area\"><\/button> <\/p>\n<div class=\"welcome__ad_wrapper\">\n<p> <button id=\"close-modal-3\" class=\"welcome__continue-button\">Continue to CyberScoop<\/button> <\/p>\n<\/p><\/div>\n<\/p><\/div>\n<p>   <\/body> <a href=\"https:\/\/cyberscoop.com\/cisa-post-quantum-cryptography-procurement-guide-expert-criticism\/\">Source<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>CISA publishes a post-quantum shopping list for agencies. Security professionals<\/p>\n","protected":false},"author":11,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[78,2833,1583,117,927,3907,310],"tags":[86,2836,1587,119,929,3908,311],"class_list":["post-8299","post","type-post","status-publish","format-standard","hentry","category-cybersecurity","category-cybersecurity-and-infrastructure-security-agency","category-encryption","category-government","category-nist","category-post-quantum-cryptography","category-technology","tag-cybersecurity","tag-cybersecurity-and-infrastructure-security-agency","tag-encryption","tag-government","tag-nist","tag-post-quantum-cryptography","tag-technology"],"featured_image_urls":{"full":"","thumbnail":"","medium":"","medium_large":"","large":"","1536x1536":"","2048x2048":"","chromenews-featured":"","chromenews-large":"","chromenews-medium":""},"author_info":{"display_name":"Cyber Scoop","author_link":"https:\/\/ddi.mohflo.net\/index.php\/author\/cyberscoop\/"},"category_info":"<a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/cybersecurity\/\" rel=\"category tag\">Cybersecurity<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/cybersecurity-and-infrastructure-security-agency\/\" rel=\"category tag\">Cybersecurity and Infrastructure Security Agency<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/encryption\/\" rel=\"category tag\">encryption<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/government\/\" rel=\"category tag\">Government<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/nist\/\" rel=\"category tag\">NIST<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/post-quantum-cryptography\/\" rel=\"category tag\">post quantum cryptography<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/technology\/\" rel=\"category tag\">Technology<\/a>","tag_info":"Technology","comment_count":"0","jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/posts\/8299","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/users\/11"}],"replies":[{"embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/comments?post=8299"}],"version-history":[{"count":0,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/posts\/8299\/revisions"}],"wp:attachment":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/media?parent=8299"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/categories?post=8299"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/tags?post=8299"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}

{"id":8299,"date":"2026-01-26T18:20:30","date_gmt":"2026-01-27T00:20:30","guid":{"rendered":"https:\/\/cyberscoop.com\/?p=87563"},"modified":"2026-01-26T18:20:30","modified_gmt":"2026-01-27T00:20:30","slug":"cisa-publishes-a-post-quantum-shopping-list-for-agencies-security-professionals-arent-sold","status":"publish","type":"post","link":"https:\/\/ddi.mohflo.net\/index.php\/2026\/01\/26\/cisa-publishes-a-post-quantum-shopping-list-for-agencies-security-professionals-arent-sold\/","title":{"rendered":"CISA publishes a post-quantum shopping list for agencies. Security professionals aren\u2019t sold"},"content":{"rendered":"