Irrelevant carrots and non-existent sticks: trust, governance, and security in the transition to quantum-safe systems

Quantum computing poses an urgent and widely recognised threat to global cybersecurity, enabling encrypted government, financial, and healthcare data harvested today to be decrypted in the near future. Transitioning to quantum-safe cryptography is therefore essential, demanding coordinated action across a complex, multi-actor innovation system. Drawing on insights from an expert workshop in Amsterdam, this study develops a socially informed vision for a quantum-safe future and analyses the current innovation landscape to identify critical gaps and the actions needed to address them. We map twelve key actor groups involved in the migration process, finding that regulators exert the strongest direct influence, while standardisation bodies play a crucial indirect role. This research provides one of the first system-level mappings of actors, influence pathways and governance responsibilities shaping the quantum-safe transition, revealing several responsibilities with unclear ownership. Although centred on the Netherlands, our findings are applicable to other national contexts navigating quantum-safe transitions.