QRAMM: The Cryptographic Migration to a Post Quantum World
Emily Fane, Abdel Sy Fane
DEF CON 33 · Day 1 · Main Stage
In this critical DEF CON presentation, Emily Fane and Abdel Sy Fane introduced the **Quantum Readiness Assurance Maturity Model (QRAMM)**, an open-source framework designed to guide organizations through the complex and urgent transition to post-quantum cryptography (PQC). The talk underscored the imminent threat posed by quantum computers to current public-key encryption standards, emphasizing that while large-scale quantum computers are still in development, adversaries are already engaged in a "harvest now, decrypt later" strategy, collecting encrypted data today with the expectation of decrypting it once quantum capabilities mature.
AI review
QRAMM is a well-intentioned maturity model wrapper around PQC migration guidance that's largely available in NIST documentation, CSA whitepapers, and a dozen consulting firm frameworks. The talk synthesizes existing public knowledge competently but doesn't contribute original research, novel tooling, or insider insight that a DEF CON audience couldn't get from reading the NIST IR 8547 and spending an afternoon on the Open Quantum Safe project.