Global Standards, Regional Variants: Designing for PQC Across Jurisdictions

Episode notes

As quantum computing accelerates, organizations can no longer treat cryptographic migration as a distant technical task. Dr Richard Searle of Fortanix explains how confidential computing and a software-first model enable enterprises to adopt post-quantum cryptography (PQC) rapidly while maintaining control, compliance, and agility. He describes how Fortanix integrates standardized PQC algorithms within trusted execution environments to protect data in use, at rest, and in motion, providing a verifiable layer of defense against quantum-era threats. Richard clarifies that crypto agility, not a one-off migration, is the real target, enabling algorithm rotation and policy enforcement as new standards evolve. He also outlines how global companies must account for regional algorithm preferences, such as those emerging in Europe and Asia, without fragmenting global operations. Through examples from finance and technology sectors, he highlights how auditability, attestation, and workload geolocation now define compliance readiness across DORA, GDPR, and CNSA 2.0 frameworks.