Amazon Web Services (AWS) and Accenture are collaborating to accelerate enterprise adoption of post-quantum cryptography (PQC), addressing the emerging threat posed by large-scale quantum computing to current asymmetric cryptographic systems. Announced November 11, 2025, this joint effort combines AWS’s quantum-safe services and developer tools with Accenture’s enterprise transformation expertise to support PQC implementations across AWS-native, hybrid, and on-premises environments. Recognizing that systemic cryptographic upgrades can take years—and with regulatory compliance deadlines approaching as early as 2027—the collaboration emphasizes a phased approach built on cryptographic agility to protect long-lived data and devices.
Quantum Threats and the Need for Cryptographic Agility
Large-scale quantum computing poses a significant threat to current cryptography, specifically asymmetric algorithms used for data protection and secure communication. Experts predict regulatory enforcement of quantum-safe measures as early as 2027, with broader compliance needed by 2030. This isn’t a distant problem; organizations must begin upgrading now, prioritizing long-lived data and devices. Ignoring this threat could result in compromised data and non-compliance. AWS and Accenture are collaborating to accelerate this transition, combining cloud infrastructure with enterprise transformation expertise.
A key to navigating this shift is “cryptographic agility”—the ability to efficiently update cryptographic components, similar to standard patch management. This isn’t a one-time fix, but a phased approach starting with data-in-transit security, then quantum-safe certificates, and adapting to evolving quantum capabilities. AWS focuses on infrastructure-level security and a shared responsibility model – providing quantum-safe cloud services while customers manage their configurations and deployments.
Accenture’s approach centers on establishing a Cryptographic Center of Excellence (CCOE) to map quantum risks and develop actionable roadmaps. They emphasize automation for certificate renewals and policy updates, integrating with existing security programs. This framework isn’t just about immediate security, but building sustainable agility to adapt to new algorithms and standards, ensuring long-term protection in a post-quantum world.
AWS Shared Responsibility for Post-Quantum Security
AWS and Accenture are collaborating to address the looming threat of quantum computing breaking current encryption standards. The core strategy centers around a shared responsibility model – AWS secures the cloud infrastructure itself, including services and tools, while customers are responsible for securing what they put in the cloud – their data, applications, and configurations. This means leveraging AWS’s emerging post-quantum cryptography (PQC) capabilities—delivered via SDKs and service updates—and proactively deploying those updates within your own environments.
A phased approach is crucial, starting with a thorough cryptographic inventory to understand where vulnerable algorithms are used. Accenture leads this assessment, establishing a Cryptographic Center of Excellence (CCOE) to map quantum threats and create actionable roadmaps. Importantly, this isn’t a one-time fix; building cryptographic agility—the ability to quickly swap out algorithms—is key. Accenture provides orchestration engines to automate updates to client-side code, endpoint policies, and certificate renewals, minimizing manual intervention.
The timeline is critical. Regulatory compliance for quantum-safe measures is expected by 2030, with some highly regulated industries facing deadlines as early as 2027. Systemic upgrades take years, so starting now is essential. AWS is contributing tools like AWS-LC, a performance-optimized, FIPS-validated library as a drop-in replacement for OpenSSL, to ease the transition. Together, AWS provides the infrastructure and Accenture the strategic guidance for a proactive, future-proof approach.
Implementation Journey: A Four-Phase Approach
Accenture and AWS advocate a four-phase approach to post-quantum cryptography (PQC) implementation, recognizing it’s not a one-time fix. Phase one centers on a strategic assessment and detailed cryptographic inventory, spearheaded by establishing a Cryptographic Center of Excellence (CCOE). This involves mapping quantum threat impacts across all workloads – AWS-native, hybrid, and on-premises – with clear timelines and budgets. The goal is defining quantum security objectives aligned with business outcomes, crucial given regulatory deadlines loom around 2027-2030.
The second phase focuses on building a robust policy framework and operational infrastructure for PQC transition. Accenture’s Discovery Plus process leverages AWS’s developer tools and automation capabilities for comprehensive coverage. For legacy systems lacking source code, in-depth manual analysis is conducted to identify cryptographic vulnerabilities. Upgrading or replacing outdated components is key, with Accenture prioritizing areas where data isn’t yet protected with quantum-safe cryptography.
Finally, building cryptographic agility is paramount. Accenture deploys an orchestration engine automating updates for client-side encryption, endpoint policies, and certificate renewals. This solution integrates with existing identity programs, preparing organizations for ongoing quantum-safe modernization beyond 2030. Continuous monitoring, progress assessment, and stakeholder reporting ensure sustained alignment with business objectives and evolving regulatory demands – a true partnership between AWS’s infrastructure and Accenture’s strategic guidance.
Progress Monitoring and Ongoing Management
Progress monitoring throughout the post-quantum cryptography (PQC) transition is crucial, extending beyond initial implementation. A robust framework should automate updates for new algorithms and standards, seamlessly integrating with existing security and compliance programs. Regular stakeholder reporting, coupled with governance reviews, ensures ongoing alignment with both organizational objectives and evolving regulatory demands – like those expected by 2027/2030. This isn’t a ‘set it and forget it’ task; continuous assessment validates effectiveness.
A key element of ongoing management is building cryptographic agility. Accenture’s approach centers on an orchestration engine that automates client-side updates, endpoint policy changes, and certificate renewals. This minimizes manual intervention and streamlines the adaptation process as quantum computing advances. Integrating with existing certificate & identity programs facilitates a smooth evolution towards quantum-safe requirements, ensuring long-term sustainability and reducing future remediation costs.
AWS and Accenture emphasize a shared responsibility model for sustained quantum readiness. AWS provides the foundational, quantum-safe cloud infrastructure and continually updates its SDKs and services. Organizations are then responsible for deploying those updates and managing cryptographic assets within their own applications and configurations – whether native to AWS, hybrid, or on-premises. This collaborative approach ensures both immediate security and the ability to adapt to future cryptographic challenges.
