Quantum urgency: 'harvest now, decrypt later' — Turing Award spotlights PQC

ACM announced Charles H. Bennett and Gilles Brassard as co‑recipients of the 2025 A.M. Turing Award on March 18, 2026 for foundational work in quantum cryptography and quantum information science. (acm.org) Major outlets and industry commentary paired the award with renewed warnings about “harvest now, decrypt later,” explicitly urging organizations to inventory cryptographic usage and begin PQC migration planning immediately. (cyberscoop.com) U.S. agencies (CISA, NSA, NIST) and NIST’s NCCoE practice guide recommend a formal Quantum‑Readiness Roadmap and a cryptographic discovery program that catalogs algorithms, TLS endpoints, certificate lifetimes, KMS usage, and firmware/software signing keys. (cisa.gov) NIST IR 8547 and SP 1800‑38 call out prioritization by secrecy lifetime and impact, and advise hybrid/crypto‑agility testbeds for phased ML‑KEM/ML‑DSA adoption as part of enterprise migration plans. (csrc.nist.gov) Detection engineering guidance tied to the award’s urgency recommends ingesting TLS handshake logs, certificate transparency and OCSP telemetry, KMS audit trails, and code‑signing events into Splunk to map algorithm usage and flag long‑lived keys or legacy ciphers. (postquantum.com) Splunk analytic artefacts to operationalize that telemetry include correlation searches for (a) successful cloud console logins without MFA, (b) spikes in encrypted data egress concurrent with anomalous credentials, and (c) access to private key stores — all patterns documented in Splunk Threat Research and detection playbooks. (beta.splunkresearch.com) DoD Zero Trust materials define the User (Identity) pillar and enumerate outcomes such as user inventory, conditional access, and MFA coverage; Splunk’s DoD solution guide maps visibility and analytics controls to those DoD capabilities for reporting. (media.defense.gov) For multi‑client deployments supporting defense and commercial customers, Splunk recommends tenant isolation via separate indexes and RBAC boundaries, using Splunk SOAR/Phantom multi‑tenant features for playbooks while noting Enterprise Security lacks native multi‑tenancy and requires careful architecture or separate instances. (splunk.com) Threat research and policy papers note nation‑state and criminal actors are already stockpiling encrypted traffic and signatures for later decryption or signature‑forgery, making telemetry that exposes exfiltration of encrypted bulk data and unusual certificate‑use a priority intelligence feed. (federalreserve.gov) DoD policy documents (DTM 25‑003, DoD Zero Trust Reference Architecture) and DoD roadmaps require demonstrable maturity across seven pillars by established timelines and recommend artifactable metrics (user inventory completeness, MFA percentage, anomalous auth rate) for assessments submitted to the ZT PfMO. (esd.whs.mil)