On November 27, 2024, the German Federal Office for Information Security (BSI), together with cybersecurity authorities from 17 other EU member states, published a joint statement titled “Securing Tomorrow, Today: Transitioning to Post-Quantum Cryptography.” The statement urged public administration, critical infrastructure providers, and industry to begin the transition to post-quantum cryptography, according to the BSI press release.
Initiated by France, Germany, and the Netherlands, the statement was first presented during the European Cyber Security Meeting in Athens in September 2024. It warned that “store now, decrypt later” attacks posed the most imminent threat and recommended that the most sensitive use-cases be protected by the end of 2030. BSI President Claudia Plattner said: “we need to act now and take protective measures.”
Key recommendations included making PQC transition a top priority, deploying hybrid solutions for most use-cases, and starting migration immediately. A PQC workstream co-chaired by France, Germany, and the Netherlands would develop a harmonized EU transition roadmap.