Phased Timelines: DSCI roadmap for India's PQC migration

One of the things that we've talked is also essentially not just likely acceleration of these timelines from 2033 for enterprises to maybe early 2000s or pre 2000s, but also adoption of intermediary technologies. Our own research experiences in quantum computing have actually shaped a lot of this thinking as well. Welcome to Shielded, the last line of Cyber Defense by PQ Shield, the podcast where we are moving the conversation around post quantum cryptography from the why to the how. I'm Joel Lindsen, your host, and I'm here to guide you through the challenges, innovations and solutions that will help your organization stay secure in the quantum era. Let's future proof your defenses together. Welcome to Shielded. I'm your host Joel Linson and today we're joined by two leaders shaping India's quantum landscape, Teja Chintalapati, Senior Consultant at the Data Security Council of India, and Vinayak Godse, Chief Executive Officer of dsci, who has spent almost three decades building national cybersecurity frameworks. Together, Tejra and Vinayak are guiding India's national roadmap for quantum migration, covering everything from critical infrastructure classification to hybrid cryptography strategies and QKD investment. They're here to share insights on the philosophy, strategy, strategy and practical steps behind building a quantum resilient nation. Vinayak Teja, welcome to Shielded. Of course, thanks. Glad to be here, Joe. It's great to have you. And I know Teja, you're traveling at the moment, so I appreciate you joining us even though you're I think, close to the Himalayas at the moment. Yeah, my apologies in advance I think if my audio and video are not that good. But thanks Jo for the introduction and also for inviting us for such a critical discussion. We are quite fan of the work that you've been doing in hosting this podcast and we are quite happy to share our perspective into what India has been working on over the last couple of years and then what we have in terms of the roadmap that is formally launching in very short time. Absolutely. And I'm excited to have you on today. And of course the reason we're talking is that you have released the Quantum Roadmap, as you mentioned, India's roadmap for Quantum Resiliency just a few months ago, I believe in February. So maybe you can share a little bit of an overview how this work came together, what the involvement of the DSCI is, and give us a little bit of a high level overview of that roadmap. So DSCI has been invited for this to Contribute to this. And Vinayak is a chair of a committee that essentially made this roadmap. Right. So I think it's better that audience perhaps hear from his perspective because other than Quantum, Vinayak has been engaged as tsci, CEO, CEO, DSA has been engaged in a lot other conversations and all of the contributions we've been working for the last 15, 17 years in cyber security ecosystem culminated into this roadmap. I think Vinayak, why don't you share how this all document has come together and then we'll go from there. Yeah. So as a Data Security Council of India, this topic quantum technology. We had been engaged with the Department of Science and technology since 2015 where we worked with one of the technology forecasting report which we envisioned that time by 2025 probably quantum technology will become a significant force. And since then we started following this domain well. So one is creating community of people interested in quantum technology and quantum computing and also quantum security for that matter. And eventually as we work on a national cybersecurity agenda and we also with help of the government of India set up a specific effort for this national center for Excellence for Cybersecurity. So there we started focusing on quantum technology and quantum security and quantum resiliency as an important area for us to work on creating the ecosystem, accelerating startup in this area, engage with all of these researchers working on different universities across the globe and also giving quite a good visibility to the early adventures that happen in cyber in quantum security. And we had that time around 2016 17. I remember a couple of company fueled by some of the researchers came in the ecosystem and they started getting good traction. And fortunately defense forces came ahead to work with some of those company work with researcher ecosystem. And that has progressed quite intensely. And then as we are coming closer to 2025 and Quantum came out of the research to industrial ecosystem and because of the investment happening, because of a lot of breakthroughs is happening. So suddenly the utility grade quantum computing started coming into horizon and we started seeing that probably it will happen in next four or five years of time. And that worried government of India a lot. And the kind of geopolitics we are in kind of a strategic advantage some adversarial nation would have. So this worry led them to set up this task force for quantum safe migration. And I was part of that. And under that there was two subcommittee. One was looking at a testing and certification of the quantum security or algorithm or crypto system. And one I was leading subcommittee as a devising this migration roadmap and India being such a big country with such a diverse industry ecosystem, it took us time to get people together, discuss about the challenges. One hand working with government and National Security Agency and other hand working with the industrial ecosystem from across sector to see how they look at. And this deliberation lasted for last 6, 7, 8 months of time to the level of this DAO document we published some time back and most likely in some time we'll publish that as a final document. That's great. Yeah, thanks for that, Vinayak. And of course you mentioned that this initiative really started back in 2015, so more than a decade ago. And I'd be curious to hear back then, what was the big focus? You know, because you're talking about quantum technology, of course, that's a very broad set of technologies from qkd, quantum sensing, core quantum computing, and then last but not least, also pqc. So I'm curious to hear from your experience looking back at that last decade, how sort of the priorities shifted during that journey. Yeah. So one is the quantum information theory, I think was evolving quite better. Right. And people started talking about how you can harness this quantum weird behavior to develop the entire quantum computing ecosystem. Basically. Right. And that led to entire the concept of the qubit. I remember that time qubit was not something discussed that aggressively. Right. So this early discussion about this is something different and this is something very unconventional and this is leveraging and probably harnessing this weird laws of the nature, quantum mechanics that you talk about. Right. And how do you use this? The first is understanding superposition, entanglement and all of these concepts, quantum measurement for that matter. Yeah, Teleportation that we talk about, basically. Right. So all of these concepts were quite interesting to even think about and learn about and talk about, basically. Right. And then I think during that time, I remember 16, 17 is the 1 15, 14 around Nehrashti set up this group and they started talking about Kibai 23, 24. Probably quantum age will start coming and it will start challenging at least some cryptography. And that triggered some of the work that we started doing in quantum tech and quantum security. And eventually we share very great relation with the defense forces. And because of that, I think quantum sensing, because they are the one who focus their attention to see whether they can leverage quantum sensing or quantum material science for some of the applications. So we started getting into one is the computing and what can it do for the security. Because of our relation with defense and national security, we started getting interested to other areas of quantum technology as well, that led to very heated discussion started coming in. When people started talking about nisq, they started talking about quantum advantage. Now the big company like Google, Microsoft and IBM really realizing this weird nature into something which is very physical, kind of tangible picture started coming in. We started seeing those quantum computer. I visited Silicon Valley to see the quantum PAB as well. So all that pushed us to get more deeper into entire ecosystem. And by the time government of India also started this national quantum mission, which was a kind of a ground for us to explore many possibilities with that. So you've also repeatedly mentioned the Indian ecosystem and how it is very, very specific to India. And from a cybersecurity landscape also quite different I believe to others like the European Union or even the US one. Maybe you can talk a little bit about that as well. Like what is it that makes the Indian ecosystem so special in this regard? Yeah. So if you look at around 2015, 16, we started giving lot of impedance on digital as a way to enhancing the prospect of Indian economy. And digital India was a key critical message where the leadership like a Prime Minister took that as a personal as well as overall government agenda to transform the society to digital one. Right. And you know, for the country of the scale and volume at which the transactions happen, right. And getting somebody to do very small transaction of 10 rupees and getting them to transact that in a digital way was a big push and transformation. So there's something called digital infrastructure, right. So we say this is a digital public infrastructure. There are a lot of these interfaces and infrastructure Government of India setup which connects with the entire ecosystems and they make this transaction happen. They democratize the entire vehicles and transition ecosystem of the country by digital means. Basically I was a Data Century Council of India was a part of the initiative which defined around 2015-16 which defined the strategy for digitization of the entire financial ecosystem of the country. And that initial work with the Minister of Relativity and it lay down to setting up this. There was already national level entry program named Aadhaar. And on top of that there was this UPI Unified Payment interface got set up and that transformed the entire economy. And by looking at this experimentation financial sector, we started replicating in other sectors as well. Like in there is a. There's a digiyatra in the airport or travel transport, there is a digital locker for your managing a certificate. There was like National Health Authority which set up some kind of infrastructure for health service provider. So many such kind of interfaces started coming in. So what they did, they democratized the entire transaction processing industry and also made it more interconnected, integrated kind of ecosystem, basically. And that really is a story of India in terms of digitization, basically. Right. And then this also transformed the lives of the individuals as well. Because if you do transaction digitally, then you become very active part of the economy, transaction processing, basically. So your prospect of enhancing your economic fortune with this transaction record and assess lot basically empower the individual, empower the society, empower the entire economy as well. And that's why if you talk about India as a country with this volume and velocity in this transaction that we have been doing, and digital is central to it. So the challenges about security and now quantum resiliency is quite immense and diverse and complex in nature. Just to add to some of the points that Vinayak mentioned. Right. So in this context, I mean, one thing, it may look like essentially perhaps India is going at it alone, but there are a lot of, for example, take Digi atra, for example. India's DPI is largely now, I mean, regarded as one of the most mature digital public infrastructures in most of the world. And a lot of these DPIs are actually being adopted by countries that are physically nearby India, maybe in Southeast Asia, Asian geographies. Right. So increasingly the lot of conversations are also revolving around how do you make them interoperable. Right. So essentially most of the conversations are working on essentially building interoperability in terms of applications, interoperability in terms of essential data flows. But it's only imperative that cryptography will also be a central part of the discussion. Right. In that sense, India is certainly working with, I mean, there are some early discussions that at a country to country level, people are working on in Asian geography, wherein essentially in terms of which cryptography to adopt, what does hybrid approach mean in pqc? So a lot of these things India is not essentially acting, going at it alone, but in fact working with a lot of other countries in ensuring interoperability. In our DPA story and more importantly as our wider digital story that Vinayak mentioned about. Yeah, absolutely. I think those are the main points of tying this back together. Right. So the way Vinayak laid it out in Tejas, you're underscoring some of those main points. Really, the roadmap for quantum resiliency that was published in the beginning of the year is just one relatively small building block, viewed with that entire program of digital transformation of the entire nation. So oftentimes us folks working in pqc, where we got our blindfolds on and are a little focused on Just the PQC part, but it's great to see and hear you talk about how that ties into that bigger transformation strategy and program that has been going on for quite some time. Right. And then now if we talk about timing, we did mention February was the release date for the initial roadmap for quantum resiliency. So of course you're now in good company with some of the other nations that you cooperate with, the U.S. european Union, UK, Australia and many others that are now formalizing their own national transition mandates. Right. So I want to hear a little bit about your thoughts on why the timing is good for pushing in that direction. Now. Yeah. Before I essentially let give hand it to Naik, but I just wanted to have one small clarification through you Joe. In February, what we released is not a document that is in the final form. February we released the document for public consultation actually and a lot of the comments came, I mean I would say almost 40 to 50% of comments actually came from non Indians, from Spain, from US and from Singapore. So. So that is not a final document. So our final document is still pending release. I think more or less, maybe in very short time frame. I think by the time the podcast gets released, it probably will get launched. But we release a document for public consultation and that's not a final document. So with that I'll give the floor to Vinayak to explain more about timing and the importance. But by and large the migration or milestone will in terms of timeline domain probably same. That's what we believe the final document would be something similar in terms of the migration or timeline that we are seeing in dub document. So when we talk about suddenly when people talk about quantum the first thing comes in mind and sometimes we struggle with that. Quantum is backing crypto, right. And this equation is sometimes people relate quantum only to breaking crypto and we sometimes struggle with that. We want people to look at other parts of the quantum technology as well. Right. But there is a pre mathematics understanding and process Methodist understanding. Right. So pre certainly when it will get broken and post method understanding is what is required to get it broken. Basically how many qubit, how many get count how much time it will require. So there's a lot of work including this researcher from Google and many people are now started putting those document giving quite a good nuance scientific post mathematics understanding about when this will going to happen. Right. And every three months we are seeing the new estimates coming and the current estimate especially talks about it may not require millions of qubit to bring. It may probably in 10,000 qubit would happen. And now increasing the discussion is shifting to the logical qubit. And ratio of one logical to physical qubit is going down month by month for that matter. Right. So now increasingly there is a discussion which is pointing that we probably would see early utility grid or CRQC cryptography relevant quantum computer by 2930 for that matter. And just look at five, six months back we are talking about 33, 34. Now suddenly last one or two months, the things are changed to probably it will happen in 2029, 30. Right. So that tells why this timeline is device and little bit aggression that we are seeing in this timeline. And we also probably think one of the important part of here is we have to also understand the difficult geopolitical situation of the country as well the adversarial geopolitical that India probably exposed to. And we also know, and this is one part that we cover as a part of national security as well, because we work on that particular domain. There is adversarial significant strategic kind of a benefit a country would have if they possess the powerful quantum computer. Basically. Right. And you would deny those strategic advantage if you migrate early basically. Right. To that adversarial nation, basically. So this was definitely national security agencies had been very cautious about what kind of timeline we are putting together. And one is one side the progression, advancement and acceleration of quantum innovation and research happening that we are seeing. That other side there's a National Security Council, basically. Right. So both of these converge together to define this timeline, basically. So if you look at approaches that we've seen in migration guidelines coming from the US or some of the members of the European Union or the UK or Australia. How do you compare, you know, the current Indian guidelines? Yeah, I think if I to talk about that, probably those guidelines was defined early 2020s. Right. 21, 22, 23. Right. And that's why that time you saying that it will happen in 15 years of time. So when you are defining a kind of guideline in 2026, we have to factor the realities of last three years as well. And this acceleration that we have been seeing. So that way I will believe it's definitely aggressive in nature. And we know our sectors will struggle with this aggressive timeline. But one of the important thing here is the distinction that we try to bring together. So there's a separate timeline for critical sector and separate for the normal industrial sector, basically. Right. And that is required because of all of the last three, four years has been lot of the years of a quantum and national Security discussion basically. And we are also seeing quantum technology is increasingly discussed in terms of national security. Some of the expert control norms are also coming there basically. Right. And I think those got factor to think about this dual timeline or migration roadmap. One for the critical sector, another for the normal sector. Yeah. So just to add to point. So essentially India's milestones I think for viewers and audience who are listening to this. Right. So largely divided into two different categories. One is for what we call as a critical information infrastructure and then the timelines are essentially 2027 for largely preparation and 2028 is migration of high priority systems and 2029 is full migration. So 31st December 2029 is when we are saying that essentially all the critical information infrastructure entities should essentially migrate. Not migrate, rather build quantum resiliency is what we are saying. Right. So migration is part of quantum resiliency, but quantum resiliency we feel it's a lot broader in terms of what quantum resiliency means wherein I think Vinayak in the subsequent questions we'll talk about crypto agility and everything. So all for us, all of them constitutes a part of quantum resilience. So that we feel is one of the most aggressive and ambitious timelines in whole world. Only that applies to only CII for larger enterprises. The timelines are still very close to what NIS3 has given. So our milestone one which is essentially largely preparation is 2028 and then milestone three which is essentially the full migration extends close to 2033. But the document, our document also speaks that essentially the enterprises should expect essentially the change of the these timelines. Maybe these timelines will be accelerated. Given as India I think we have also quite a good substantial investment not just in QKD but also a lot of investment went into superconducting qubit photonics, qubit trap, Dion neutral atom. So our own research is shaping these timelines as well. Right. So one of the things that we've talked in the document is also essentially not just likely acceleration of these timelines from 2033 for enterprises to maybe early 2000s or pre 2000s, but also adoption of intermediary technologies. For example, one of the things that I remember Vinayak very strongly proposed is essentially having intermediary solution in place for when the Q day happens, maybe tomorrow. Right. So that is something that we feel key, that is only specific advocating to use intermediate solution is one of the very few documents in the whole world talks about this. That's what we feel and our own Research experiences in quantum computing have actually shaped a lot of this thinking as well. That makes a lot of sense. And you bring up cii, of course, critical infrastructure that is called out specifically with shorter timelines and a more aggressive path towards planning and then executing the migration. So I'm curious to hear your thoughts on how you define and classify those systems of critical infrastructure. Is there also some guidance already available and how do you foresee that being communicated in the future? Yeah, I think one part is there is a Government of India guideline on which sector qualifies as a critical sector or not. So those sectors call as a critical sector. Certainly that's a reference point, but individual regulators could probably also come into this and they would have some say in terms of calling a particular their sector or part of their sector was critical as well. But largely the reference of government dependence definition of critical sector would apply here. Right. And also to add one, just add to Vinayak's perspective. Right. So I think each sectoral regulator can define, and this document is largely essentially advisory in nature. And rather than a mandate, as you probably have seen, this is one of the differentiations as well, right. From what US has done, from what Europe has done to some degree. The larger idea is essentially we've been engaged quite intensely with different sectoral regulators and in India, as Vinayak mentioned, right. So the complexity and velocity changes with respect to each sector. And there's a nuanced understanding that is required specific to the sector. And the broader idea within the Indian roadmap is essentially each sector will give their own roadmap, their own strategy. Most likely, we expect them to conform to this national confirmations guidelines in terms of the entire roadmap. But essentially each sector can have a bit more context into what it means for quantum building, quantum resilience, because I think they understand a lot more nuances of that particular sector. And so that also defines the roadmap. So there's subsequent roadmaps that gets launched. And one more thing that we also wanted to mention is that it's. This document is one of the first in the series of documents. So, for example, what does crypto agility mean? What does QRA mean? What do you mean by a quantum risk assessment? How do you classify a system as high priority, high priority system? Because these are very difficult questions, I think, to answer. And without guidance or without some sort of input coming from National Quantum Mission or dsei, it will be difficult for enterprises to essentially build quantum resiliency. So this document is one of the first in the in the series of many documents that will come from the national quantum mission from India rather. Yeah, thanks for laying that out, Teja. And. And you've already answered the question that I had. Right. Because you did say this is meant as a guideline, not a mandate. And my question would have been how do we enforce these things within the critical sectors? But then also following up on that, all the other sectors like who holds the carrot and who holds the stick, who's going to actually make this happen? So you already said this document is meant as a guideline. And of course the subsequent documents are going to help create this common language and common understanding of those terms that we use in the context of quantum safe migrations or making systems more quantum resilient. Is there anything to add on that thought process, Vinayak? Maybe on enforcements. Enforcement usually happens if an institution has an enforcement authority and mostly the regulator has it. Right. And sector regulators does that. And there are also one kind of authority which is looking at cybersecurity preparedness and response of entire critical sector. I think. So if you have such a legal empowered entities. So they would probably take this guideline and enforce in their respective sectors. And that's why this is a guideline at a national level. But enforcement would probably happen at a sector level through the sector regulators. That sounds great. And then of course we've spoken a little bit. Teja, you brought it up a few times. And Vinayak, I think you used the term as well, crypto agility and everything that comes with it. Right. So what I've seen, and I have not read every word in the document, but what I've seen in the document is that you mostly follow the globalness standards when it comes to choice of algorithms. So ML Chem is mentioned for instance. I would be curious to hear your thought on how you see that going forward. Of course interoperability is a big factor here, but then also there's a sovereign aspect that always is worthwhile to be mentioned in that context. So I'm curious to hear your thoughts on that as well. Well, so this is certainly an era of a discussion about the sovereignty and the way the infrastructure until now which is more interconnected, interoperable. And lot of the digital signature ecosystem has to work globally, so it has to be interoperable in nature and that's the one kind of corrupt interest. But other corporate interest is certainly in last two years. So discussion is very strong. Mounting lot of the vices across the globe, including Europe and India as well. So yes, the choice will remain with a individual organization what kind of algorithm they would take it. And it's largely based on the risk appetite that they have. But it's there will be some sector where so on consideration will be dominant defense on some of the strategy critical sector. And they have until now not even used the same global algorithms. They always worked on their own algorithm. And that will probably happen here as well. But we also understand that having your own algorithm PQC would be a long run process, basically. Right. So if you start now, it will happen probably five, six years down the line. Right. And I'm sure defense and critical strategic sector must be looking at that as an era. But largely if you look at the testing guideline, the first part of this particular document, it does talk about first three levels. Consider probably the global PQC algorithm will be probably used and organizations will be allowed to use that. But there's a level four probably which allows you to have your own sovereign approach in terms of algorithm, basically. Right. So it gives that kind of flexibility to those organization which are sensitive in nature. And that basically already introduces the concept of crypto agility in that sense. Yeah. So crypto agility, the context is little different in terms of how the migration would happen. Right. So we know. So the algorithm may not be independent of the system. Right. Application basically. Right. And we are seeing that for such a large bank, large capital sector organization for that matter, the way the IT systems are evolved and procure and deployed and they are integrated to the enterprise environment. And also as we looked at digital industry also connected to interactional ecosystem through different purposes. So the implementation of the crypto wouldn't have happened in terms of maintaining that modularity between the algorithm and system. Basically. Right. And crypto agility, why we are calling for agility because we are in the age where things are. The capabilities are augmented a lot currently. If you look at the kind of discussion happening around AI, we thought all this will happen because of quantum. But this year it seems like AI is taking on cyber security a lot. Right. We thought it will happen because of quantum. Right. So there are a lot of this capability acceleration that would happen should challenge your crypto deployment and implementation. And we still don't know as of now if the powerful quantum computer how that will behave. Right. So then whatever algorithm you define, the shelf life may not be that, as we have seen until now, may not be indicated in the years, basically. Right. So you need to have your ability to retire algorithm add one add property for that matter. And that's why crypt agility becomes very important and that's very significant, intense engineering effort that organization needs to be taking to ensure the migration is happening. And that's why this document gives enough attention to crypto agility and also advocates very strong effort and investment has to be made by individual organization on this particular part. So maybe just to add to what Vinayak mentioned, essentially, by and large, I think we expect most of the enterprises will adopt, if they're adopting PQC for building residency, then by and large, mostly the NIST algorithms are going to be mostly standardized. And that testing, testing framework that we've defined is essentially also very strongly says, essentially nest algorithms will be taken for implementation as of today, and all the testing and certification mechanism is essentially carried around certifying the NIST standardized algorithms. So in that sense it's, it's quite clear. But as Vinayak mentioned, building India's own PQC algorithms is going to be many years of effort. And if and when they do happen, then essentially then anyway are advocating about crypto agility very strongly in the document. But I think for the foreseeable future it's going to be nested for quantum resiliency. Thanks for sharing that. And then tying it back to timelines. You did mention the document that was released in February was open for public comment. A final version is coming soon. There are some additional documents that you're working on explaining those important concepts of cryptographic agility and how to transition. Do you have a timeline on when those documents will be released? Is it within sort of the next 12 months or what are your thoughts on that? Some documents, I would say the idea is essentially to have these documents released in the next two odd years. So some of them certainly will come. I think mostly in terms of QRA as tsa, we've been seeing a lot of larger enterprises, larger banks, for example, and very critical entities in capital markets are already starting to build their quantum resiliencies. But it's very important to define what that means. So essentially some documents will most likely come out in the next six to 12 months of time. There'll be one, at least one or two documents that may get launched and then from there, essentially the rest of the documents, I think will take a slightly longer time, given that, as Vinayak mentioned, we have. Yeah, but because the timeline is so aggressive, we need to work on that early. Do not wait for 6 to 12 minutes of time because our timeline is very aggressive. So we certainly need to work on this document early so that people will get a good guidance in terms of what needing to do, right? And then of course as a call to action. If you would give advice to an organization today instead of waiting for those documents to be released. What can an organization already do today? What steps should they take? Yeah, enough material available globally, there are lot of best practices available. We ourselves have been producing lot of things. So what we are saying, once you have this guideline and once you have the regulatory kind of enforcement mechanism kicks in, the market ecosystem takes care of that. There are consulting company, there are services company, there are product company like yours which caters to and most of us in a technology ecosystem we work on creating awareness first and then so that we create market and enhance the prospect of the organization basically. Right. So market need this push, right? And there is a driver of this guideline and this regulation followed by that is coming in that itself will create quite a big ecosystem push. And there will be role for us, role for individual consulting, services, product and entra ecosystem basically. Are you seeing enough updates within that vendor supply chain? Is that something that you're tracking? If you look at this kind of timeline and if you look at this crypto agility work and entire overall that may require to make system more agile and other side buy the PQC kind of solutions and deploy them. And also sometimes you may require to change the infrastructure as well. And you also need to govern this better. So these four, five areas will create enough opportunity for somebody which has a technology product or somebody which has services to offer or somebody which can help you to govern this better, assess this better. Yeah, just to I mean again add to Vinay's point. Right. I think now that essentially Google and Cloudflare also talking about 2029 as a timeline, right. I think it sort of like forces a lot of vendors to support PQC into their products. And to some degree some companies have already started offering this as a commercial advantage. Right. In terms of products. So in that sense I think now with more definitive convergence point in terms of not 2035, but in very near future of 2029, I think there's much more incentive for vendors to essentially offer quantum resiliency or PQC capabilities in their product. Right. So I think that will only improve from where we are right now. I think services as an ecosystem has already seen early adoption from different stakeholders within the Indian ecosystem. I think within the next one, two years we feel a lot more products and services will position as enabling quantum resiliency or having native quantum PQC capabilities inherently with them. I think that's a fair point on that outlook. Over the next 12 to 24 months, that supply chain is certainly going to move in that direction. I think I can certainly agree to that point and then always like to ask our listeners where is a good website or information point they can follow your work? Is there anything you want to call out specifically? Right. So essentially, I mean DSCI website is one one information source that you can get. It's dci.in but specifically for Quantum, we have set up a domain called post quantum.in that largely talks about not just in Quantum resiliency, but what India has been doing in Quantum. So specific information can be received from there, but also for sector specific information. I think each regulator has their own website, but I don't know. Essentially specific information is available, but essentially one source of truth can be either BSC or post quantum.in for quantum. Fantastic. Well, thanks for sharing that as well. And any other topic, any other things that we haven't touched on that we should have before we wrap it up. I think we've tied it all together. Good ground here Joe, so I don't think we missed. I know there are a lot of things in Quantum, but we cover quite a significant ground. That's great and I'm very grateful for you were able to spend your time with us today and share your thoughts on, you know, how this transformation is going to take place. So appreciate you taking the time. Thanks for joining us today. Very much enjoyed the conversation. Thank you, thank you, thank you. Pleasure to open us. Teja thank you. Thank you. And as always to our listeners as well, don't forget to like, share and subscribe so you don't miss a future episode. In the meantime, stay safe, stay vigilant and stay shielded. Thank you. Thank you. The Quantum Era is already here. One with the right tools, the right knowledge and the right mindset, together we can face it head on. To find out more about PQShield and how our cutting edge solutions can help you secure your data against the Quantum threat, visit pqshield.com make sure to search for Shielded, the last line of cyber defense in Apple podcasts, Spotify or anywhere else you get your podcasts. Don't forget to click subscribe so you never miss an episode. On behalf of the team here at PQ Shield, thanks for listening.