Know your exposure, get a prioritized plan, and speak your auditors' language — before you change a line of code. Fixed scope, fixed fee.
Most organizations don't know where cryptography lives in their systems, which of it is quantum-vulnerable, or what to fix first. The assessment answers exactly that — a productized diagnostic that turns an open-ended risk into a costed, sequenced plan you can act on and defend. It runs on our repeatable, NCSC-aligned methodology, so results are consistent and comparable, not dependent on which consultant you got.
A Cryptographic Bill of Materials — where and how cryptography is used across your applications, infrastructure, keys, certificates, and dependencies.
What is exposed to a future quantum adversary, classified by algorithm and use, against the published standards.
Which data is most at risk from "harvest now, decrypt later," scored by data-sensitivity lifetime so your longest-lived secrets come first.
A sequenced plan mapped to the NCSC phases (2028 / 2031 / 2035) — what to fix, in what order, and why, plus a board-ready summary.
Your cryptographic inventory is highly sensitive. We handle it under strict confidentiality and NDA, in a secure environment — protecting it is part of the engagement, not an afterthought.
We agree the systems in scope and the questions you need answered. Fixed fee from the outset.
We inventory your cryptography through interviews, configuration review, and tooling.
We map vulnerability and score harvest-now risk against the standards.
You receive the roadmap and an executive readout for your team, board, and auditors.
Book a readiness assessment and turn the deadline into a plan.
Book an assessment