Workshops Law & Policy Quantum Security Regulatory Landscape
Law & Policy Full Day Workshop

Quantum Security Regulatory Landscape: NIST, ETSI, and Global Standards

This workshop equips legal counsel, compliance officers, and policy advisers with a structured understanding of the quantum security regulatory framework across NIST, ETSI, and national mandates.

Full day (6 hours + Q&A)
In person or online
Max 30 delegates
Commission This Workshop View Agenda

Proud to recommend our expert members

Qrypto Cyber
Eclypses
Arqit
QuantBond
Krown
Applied Quantum
Quantum Bitcoin
Venari Security
QuStream
BHO Legal
Census
QSP
IDQ
Patero
Entopya
Belden
Atlant3D
Zenith Studio
Qudef
Aries Partners
GQI
Upperside Conferences
Austrade
Arrise Innovations
CyberRST
Triarii Research
QSysteme
WizzWang
DeepTech DAO
Xyberteq
Viavi
Entrust
Qsentinel
Nokia
Gopher Security
Quside
Qrypto Cyber
Eclypses
Arqit
QuantBond
Krown
Applied Quantum
Quantum Bitcoin
Venari Security
QuStream
BHO Legal
Census
QSP
IDQ
Patero
Entopya
Belden
Atlant3D
Zenith Studio
Qudef
Aries Partners
GQI
Upperside Conferences
Austrade
Arrise Innovations
CyberRST
Triarii Research
QSysteme
WizzWang
DeepTech DAO
Xyberteq
Viavi
Entrust
Qsentinel
Nokia
Gopher Security
Quside

Workshop Description

The quantum security regulatory landscape is fragmenting. NIST finalised three post-quantum cryptography standards in August 2024 (FIPS 203, 204, 205) with a fourth (FIPS 206) in draft. ETSI has published quantum-safe cryptography migration strategies and QKD interoperability specifications through its ISG QSC and ISG QKD working groups. The US has issued binding migration mandates through NSM-10, requiring federal agencies to inventory cryptographic systems and submit migration plans. The UK NCSC has published phased PQC migration guidance aligned with GovAssure. The EU Cybersecurity Act is developing quantum readiness requirements through ENISA. These frameworks overlap, sometimes conflict, and carry different enforcement timelines.

This workshop provides a structured comparison of every major regulatory framework affecting quantum security compliance. Delegates learn which standards apply to their jurisdiction, where frameworks diverge on algorithm selection and hybrid key exchange, and how to build a compliance roadmap that satisfies multiple overlapping requirements. The session is designed for professionals who must advise boards and regulators on quantum security obligations rather than implement the cryptography themselves.

What participants cover

  • NIST FIPS 203 (ML-KEM), 204 (ML-DSA), 205 (SLH-DSA): standard scope, parameter sets, and compliance implications for procurement and audit
  • ETSI quantum-safe specifications: TS 119 312 signature suites, TR 103 619 migration strategies, ISG QKD interoperability standards
  • US NSM-10 and CNSA 2.0: federal agency migration deadlines, CISA reporting obligations, and the ML-KEM + X25519 hybrid mandate
  • UK NCSC PQC migration guidance: phased approach, GovAssure integration, and Crown Commercial Service procurement alignment
  • EU Cybersecurity Act quantum dimensions: ENISA PQC readiness guidance and NIS2 Directive interaction with quantum risk
  • Cross-jurisdictional compliance: where NIST, ETSI, ANSSI, BSI, and CSA frameworks diverge and how to manage conflicting requirements

Preliminary Agenda

Full Day Workshop structure with scheduled breaks. Content is configurable to your organisation's regulatory jurisdiction, sector, and current compliance posture.

# Session Topics
1 The Regulatory Trigger: Why Quantum Changes Compliance Obligations From theoretical risk to binding mandates
2 NIST Post-Quantum Cryptography Standards FIPS 203, 204, 205, and draft FIPS 206 in detail
  • FIPS 203 (ML-KEM): key encapsulation mechanism based on Module-LWE, parameter sets ML-KEM-512/768/1024, performance characteristics
  • FIPS 204 (ML-DSA) and FIPS 205 (SLH-DSA): digital signature standards, when to use lattice-based versus hash-based signatures
  • Draft FIPS 206 (FN-DSA): NTRU lattice-based signatures, timeline to finalisation, and implications for early adopters
Break, after 50 min
3 ETSI Quantum-Safe Cryptography Standards European standards landscape and interoperability requirements
  • ETSI TS 119 312: cryptographic suites for electronic signatures and infrastructure, PQC algorithm inclusion timeline
  • ETSI TR 103 619: migration strategies for quantum-safe schemes, recommended transition architectures
  • ETSI ISG QKD specifications: GS QKD 004 (application interface), GS QKD 014 (security proofs), GS QKD 015 (network architecture)
4 Interactive Demonstration: Regulatory Gap Assessment Full-day format only
  • Mapping an organisation against NIST, ETSI, and national mandates to identify compliance gaps
  • Prioritising remediation by regulatory deadline, enforcement mechanism, and business impact
  • Building a jurisdiction-specific compliance timeline integrating multiple overlapping frameworks
Break, after 60 min
5 National Mandates and Sector-Specific Requirements US, UK, EU, and allied nation obligations
  • US NSM-10 (National Security Memorandum on Quantum): agency migration deadlines, CISA reporting requirements, CNSA 2.0 algorithm suite
  • UK NCSC PQC migration guidance: phased approach, GovAssure alignment, Crown Commercial Service procurement implications
  • EU Cybersecurity Act: quantum dimensions, ENISA guidance on PQC readiness, NIS2 Directive interaction with quantum risk
6 Cross-Jurisdictional Compliance and Emerging Frameworks Navigating divergent requirements across regulatory boundaries
  • Algorithm approval divergence: where NIST, ETSI, and national agencies disagree on algorithm selection
  • Hybrid key exchange mandates: CNSA 2.0 requiring ML-KEM + X25519 versus ETSI recommendations
  • Emerging frameworks: ANSSI (France) PQC guidance, BSI (Germany) Technical Guideline TR-02102, CSA (Singapore) advisory
7 Q&A and Compliance Roadmap Planning

Designed and Delivered By

Workshops are designed and delivered by QSECDEF in collaboration with sector specialists. All facilitators have direct experience in both quantum technologies and regulatory compliance frameworks.

QD

Quantum Security Defence

Workshop design and delivery

QSECDEF brings world-leading expertise in post-quantum cryptography, quantum computing strategy, and defence-grade security assessment. Our advisory membership spans 600+ organisations and 1,200+ professionals working at the intersection of quantum technologies and critical infrastructure security.

RC

Regulatory and Compliance Partners

Domain expertise and regulatory validation

Regulatory workshops are co-delivered with compliance specialists who have direct experience implementing NIST, ETSI, and national quantum security mandates. This ensures workshop content reflects current enforcement interpretation and practical compliance pathways.

Commission This Workshop

Sessions are configured around your organisation's regulatory jurisdiction, sector requirements, and current compliance posture. Get in touch to discuss requirements and schedule a date.

Contact Us
Law & Policy Workshops All Consulting Services All Workshops