CISA releases PQC product categories list
Public Sector Action
Summary
Hide ▲
Show ▼
On January 23, 2026, CISA released an initial list of product categories for technologies that use post-quantum cryptography (PQC) standards. The resource is intended to help organizations plan PQC migration and prioritize PQC-capable procurement. The list was developed with the National Security Agency (NSA) and covers categories such as cloud services, collaboration and web software, endpoint security, and networking hardware and software. CISA said the guidance will be updated as quantum-resistant technologies evolve, with some additional categories still transitioning and certain areas outside the current scope.
Related Happenings
CISA publishes Be Air Aware guidance for UAS threats
Public Sector Action
First: 11.02.2026 14:00
Last: 11.02.2026 14:00
Sources 1
About this happening:
CISA published the **Be Air Aware™** guidance suite, giving organizations a federal playbook for **Unmanned Aircraft System Threats**. The guides were issued in **November** after...
CISA publishes Be Air Aware guidance for UAS threats
Public Sector ActionAbout this happening: CISA published the **Be Air Aware™** guidance suite, giving organizations a federal playbook for **Unmanned Aircraft System Threats**. The guides were issued in **November** after...
CISA releases secure OT communications guide
Public Sector Action
First: 10.02.2026 14:00
Last: 10.02.2026 14:00
Sources 1
About this happening:
CISA released **Barriers to Secure OT Communications: Why Johnny Can’t Authenticate**, a new guide meant to help **OT owners and operators** adopt **secure communications** and re...
CISA releases secure OT communications guide
Public Sector ActionAbout this happening: CISA released **Barriers to Secure OT Communications: Why Johnny Can’t Authenticate**, a new guide meant to help **OT owners and operators** adopt **secure communications** and re...
CISA end-of-support edge device decommissioning mandate (BOD 26-02)
Advisory/Mitigation
First: 06.02.2026 10:41
Last: 06.02.2026 10:41
Sources 1
About this happening:
CISA's **BOD 26-02** now forces **U.S. federal agencies** to inventory, decommission, and replace **end-of-support edge devices** that no longer receive security updates. The dire...
CISA end-of-support edge device decommissioning mandate (BOD 26-02)
Advisory/MitigationAbout this happening: CISA's **BOD 26-02** now forces **U.S. federal agencies** to inventory, decommission, and replace **end-of-support edge devices** that no longer receive security updates. The dire...
CISA orders federal agencies to remediate end-of-support edge devices
Public Sector Action
First: 05.02.2026 14:00
Last: 05.02.2026 14:00
Sources 1
About this happening:
**CISA** issued **Binding Operational Directive 26-02** to require **FCEB agencies** to inventory, update, and remove **end-of-support edge devices** within a specified timeframe....
CISA orders federal agencies to remediate end-of-support edge devices
Public Sector ActionAbout this happening: **CISA** issued **Binding Operational Directive 26-02** to require **FCEB agencies** to inventory, update, and remove **end-of-support edge devices** within a specified timeframe....
US National Security Agency (NSA) / Zero Trust Implementation Guidelines (ZIGs) Released Phase One and Phase Two guidance for zero trust maturity for Published on 2026-02-02 152
Public Sector Action
First: 02.02.2026 18:05
Last: 02.02.2026 18:05
Sources 1
About this happening:
The **US National Security Agency (NSA)** released **Zero Trust Implementation Guidelines (ZIGs)** to help organizations move toward **target-level zero trust maturity**. The guid...
US National Security Agency (NSA) / Zero Trust Implementation Guidelines (ZIGs) Released Phase One and Phase Two guidance for zero trust maturity for Published on 2026-02-02 152
Public Sector ActionAbout this happening: The **US National Security Agency (NSA)** released **Zero Trust Implementation Guidelines (ZIGs)** to help organizations move toward **target-level zero trust maturity**. The guid...
Timeline
-
26.01.2026 18:15 2 articles · 4mo ago
CISA publishes PQC product categories list
Industry Or Public Sector UpdateCISA published an initial list of hardware and software product categories that support or are expected to support post-quantum cryptography (PQC) standards, following Executive Order 14306 issued on June 6 2025 and compiled with the National Security Agency (NSA). The guidance covers cloud services, collaboration and web software, endpoint security, and networking hardware and software, while additional categories such as identity and access management (IAM) systems and enterprise security software are still transitioning; organizations are told to prioritize PQC-capable products for future procurements, and automated cryptographic discovery tools plus OT and IoT devices are outside the current scope.
Show sources
- CISA Releases List of Post-Quantum Cryptography Product Categories — www.infosecurity-magazine.com — 26.01.2026 18:15
- CISA Releases List of Post-Quantum Cryptography Product Categories — www.infosecurity-magazine.com — 26.01.2026 18:15
-
23.01.2026 14:00 2 articles · 4mo ago
CISA releases PQC product categories list
Legal Policy Action UpdateCISA, a component of DHS, unveiled an initial list of product categories for technologies that use post-quantum cryptography (PQC) standards, including cloud services, web software, networking hardware and software, and endpoint security, to help organizations prioritize PQC-capable procurement and migration planning as quantum computing threatens public-key cryptography. The resource was developed in close collaboration with NSA and aligned with Executive Order 14306.
Show sources
- CISA Releases Product Categories List to Propel Post-Quantum Cryptography Adoption Pursuant to President Trump’s Executive Order 14306 — www.cisa.gov — 23.01.2026 14:00
- CISA Releases Product Categories List to Propel Post-Quantum Cryptography Adoption Pursuant to President Trump’s Executive Order 14306 — www.cisa.gov — 23.01.2026 14:00