Workshops Smart City Quantum Security Governance For City...
Smart City Deep Dive Session

Quantum Security Governance for City Authorities and Smart City Programmes

This workshop equips city authorities and smart city programme leaders with practical quantum security governance strategies for critical infrastructure and procurement.

Half day (3 hours)
In person or online
Max 30 delegates
Commission This Workshop View Agenda

Proud to recommend our expert members

Qrypto Cyber
Eclypses
Arqit
QuantBond
Krown
Applied Quantum
Quantum Bitcoin
Venari Security
QuStream
BHO Legal
Census
QSP
IDQ
Patero
Entopya
Belden
Atlant3D
Zenith Studio
Qudef
Aries Partners
GQI
Upperside Conferences
Austrade
Arrise Innovations
CyberRST
Triarii Research
QSysteme
WizzWang
DeepTech DAO
Xyberteq
Viavi
Entrust
Qsentinel
Nokia
Gopher Security
Quside
Qrypto Cyber
Eclypses
Arqit
QuantBond
Krown
Applied Quantum
Quantum Bitcoin
Venari Security
QuStream
BHO Legal
Census
QSP
IDQ
Patero
Entopya
Belden
Atlant3D
Zenith Studio
Qudef
Aries Partners
GQI
Upperside Conferences
Austrade
Arrise Innovations
CyberRST
Triarii Research
QSysteme
WizzWang
DeepTech DAO
Xyberteq
Viavi
Entrust
Qsentinel
Nokia
Gopher Security
Quside

Workshop Description

Executive governance briefing for city council technology leads and elected officials on smart city boards. Covers NIS2 Article 21 and GDPR Article 32 quantum security obligations for local authorities, PQC procurement clause drafting, vendor quantum readiness assessment, and long-lifetime infrastructure risk for traffic controllers, smart meters, and tunnel SCADA.

City authorities face a governance problem that commercial organisations do not. Smart city infrastructure has exceptionally long operational lifetimes: traffic signal controllers remain in service for 15-20 years, smart meters for 10-15 years, and tunnel SCADA systems for 20 years or more. Technology procured today under current contracts will still be operational when cryptographically relevant quantum computers arrive. If those procurement contracts do not include quantum readiness requirements, the city will face expensive retrofit programmes or accept quantum-vulnerable critical infrastructure. NIS2 Article 21 requires essential service operators (which includes many local authority functions) to implement "state of the art" security measures. As NIST PQC standards (FIPS 203/204/205) enter European procurement frameworks, "state of the art" will include post-quantum cryptography. GDPR Article 32 requires "appropriate technical measures" for personal data, and city authorities hold some of the longest-retention personal datasets in any sector: council tax records, housing applications, social services case files, and electoral rolls. This briefing equips decision-makers with the regulatory knowledge, procurement language, and vendor assessment criteria needed to embed quantum readiness into city technology governance before current contracts expire.

What participants cover

  • NIS2 Article 21 obligations: when "state of the art" security measures will mandate PQC for essential services operated by local authorities
  • GDPR Article 32 quantum risk: long-retention personal data (council tax, housing, social services) encrypted with quantum-vulnerable algorithms
  • Procurement governance: drafting quantum readiness clauses for cloud, IoT, and managed service contracts before current frameworks expire
  • Vendor assessment: evaluating technology suppliers on cryptographic agility, PQC roadmap maturity, and hybrid deployment capability
  • Long-lifetime infrastructure: traffic controllers (15-20 years), smart meters (10-15 years), and tunnel SCADA (20+ years) must survive the quantum transition
  • National guidance alignment: NCSC (UK), ANSSI (France), and BSI (Germany) PQC recommendations mapped to city authority governance frameworks

Preliminary Agenda

Deep Dive Session structure with scheduled breaks. Content is configurable to your organisation's technical level and operational environment.

# Session Topics
1 The Quantum Threat to City Infrastructure What elected officials and programme directors need to understand
2 NIS2, GDPR, and Quantum Security Obligations Regulatory exposure for local authorities
  • NIS2 Article 21 "state of the art" requirements: when post-quantum cryptography becomes a mandatory security measure for essential services operated by city authorities
  • GDPR Article 32 and long-retention data: council tax records, housing applications, and social services case files encrypted with quantum-vulnerable algorithms
  • National critical infrastructure frameworks: how NCSC (UK), ANSSI (France), and BSI (Germany) guidance on PQC applies to smart city programmes
Break, after 60 min
3 Procurement and Contract Governance Embedding quantum readiness into city technology procurement
  • PQC procurement clauses: requiring quantum readiness in cloud hosting, managed services, and IoT infrastructure contracts before current frameworks expire
  • Vendor assessment criteria: evaluating technology suppliers on cryptographic agility, PQC roadmap maturity, and hybrid deployment capability
  • Long-lifetime infrastructure risk: traffic controllers (15-20 years), smart meters (10-15 years), and tunnel SCADA (20+ years) procured today must survive the quantum transition
4 Discussion and Action Planning

Designed and Delivered By

Workshops are designed and delivered by QSECDEF in collaboration with sector specialists. All facilitators have direct experience in both quantum technologies and smart city systems.

QD

Quantum Security Defence

Workshop design and delivery

QSECDEF brings world-leading expertise in post-quantum cryptography, quantum computing strategy, and defence-grade security assessment. Our advisory membership spans 600+ organisations and 1,200+ professionals working at the intersection of quantum technologies and critical infrastructure security.

SM

Smart City Partners

Domain expertise and operational validation

Smart City workshops are co-delivered with sector specialists who bring direct operational experience in smart city organisations. This ensures workshop content is grounded in regulatory, operational, and technical realities specific to the sector.

Commission This Workshop

Sessions are configured around your organisation's technical level, operational environment, and regulatory jurisdiction. Get in touch to discuss requirements and schedule a date.

Contact Us
Smart City Workshops All Consulting Services All Workshops