Meta’s engineering blog recently published a detailed account of their post-quantum cryptography (PQC) migration strategy. It is a rigorous piece — technically grounded, honestly scoped, and unusually transparent for an organization of Meta’s scale. The six-step framework they propose — from prioritization and cryptographic inventory through external dependencies, algorithm selection, guardrails, and integration — reflects the kind of structured thinking that most organizations still lack.
It is worth reading in full.
There is, however, one dimension worth adding — and for security executives building long-term cryptographic resilience, that addition is consequential.
What Meta Gets Right
The framework addresses something that most PQC migration guidance glosses over: the operational complexity of the transition itself.
Cryptographic inventory is treated not as a checkbox, but as a prerequisite — a recognition that you cannot migrate what you have not mapped. External dependencies are named explicitly, including the uncomfortable truth that HSM vendors, protocol standards bodies, and hardware supply chains move on their own timelines, independent of internal ambition. The prioritization model distinguishes between “store now, decrypt later” (SNDL)-vulnerable applications (high priority, act now) and signature-dependent systems (medium priority, longer runway) with a precision that is rarely seen in public guidance.
The “PQC Migration Levels” concept — from PQ-Unaware through PQ-Enabled — is a useful framing tool for board-level conversations. It gives security executives a vocabulary to describe where their organization stands, and what “progress” actually means before full deployment is achieved.
This is solid, practical work. It deserves the attention it is receiving.
The Dimension Worth Adding
Meta’s framework moves from implementing PQC guardrails (step 5) to integrating PQC components (step 6). Between these two steps lies an architectural question that the framework leaves open — deliberately, perhaps, given Meta’s engineering scale, but one that most organizations will need to answer explicitly: how do you build systems that can absorb a cryptographic change without requiring re-engineering?
This is the domain of crypto-agility, and it is where the framework naturally invites a complement.
Why Crypto-Agility Belongs in the Picture
The post-quantum transition is not a single event. It is a process that will unfold over years, across evolving standards, shifting threat intelligence, and hardware ecosystems that are still catching up.
Meta’s own article illustrates this clearly. The SIKE algorithm — a final-round NIST candidate — was invalidated by classical cryptanalysis. HQC, co-authored by Meta researchers, was recently selected by NIST as a backup to ML-KEM precisely because a single algorithmic failure should not compromise the entire transition. NIST is still drafting the HQC standard. PQC support in HSMs and protocol stacks remains incomplete.
In this environment, the ability to swap a cryptographic primitive — without redesigning the system that depends on it — is not a feature. It is a structural requirement.
Organizations that migrate directly from classical cryptography to a fixed PQC implementation are making a bet that today’s selected algorithm will remain unbroken, that their hardware will support it indefinitely, and that no future regulatory guidance will require a pivot. That bet may prove correct. Cryptographic history, however, does not encourage that level of confidence.
The Architectural Implication for Security Executives
For security executives, the relevant question is not only “are we migrating?” but “what happens if something changes mid-migration?”
A crypto-agile architecture provides the answer. It separates the cryptographic policy — which algorithm to use, at what key length, under which conditions — from the systems that enforce that policy. When an algorithm needs to be replaced, the change propagates through configuration rather than through a new engineering cycle. When a new regulatory standard requires a specific primitive, the organization can respond in weeks rather than years.
This matters in practice for three reasons.
- The migration window is long. Most critical infrastructure cannot be migrated overnight. Systems will run classical and post-quantum cryptography simultaneously, in hybrid configurations, for years. Managing that complexity without a governance layer is operationally difficult.
- Standards are still moving. NIST has published its first PQC standards, but the standardization process is not complete. Protocol-level standards — including PQC X.509 certificates and PQC PKI — are still in draft. Organizations that hardcode today’s answers will face re-engineering costs as those drafts mature.
- Threat intelligence can accelerate timelines. A significant cryptanalysis result — the kind that invalidated SIKE — could force organizations to reprioritize faster than their current roadmaps allow. Crypto-agility is the difference between a planned response and an emergency.
Building on a Strong Foundation
Meta’s framework is a genuinely valuable contribution to the field. The prioritization model, the maturity level concept, the honest discussion of external dependencies — these are exactly the structural tools that the broader industry needs as it navigates this transition.
Adding crypto-agility between steps 5 and 6 does not complicate the framework. It strengthens it. It is the architectural layer that ensures the integration work in step 6 remains durable — not because the first migration will fail, but because the field will continue to evolve long after it is complete.
For security executives building multi-year PQC roadmaps, the question is not whether to adopt post-quantum algorithms. That decision has effectively been made — by NIST, by NSA guidance, by DORA and NIS2, and by the organizations now driving enterprise procurement standards.
The question is whether your systems will be built to absorb the next change, whatever it turns out to be. That is the question crypto-agility answers. And it is the natural next step after everything Meta has laid out.
More categories:
