Workshops Cyber Defence HNDL Risk Assessment
Cyber Defence Full Day Workshop

Harvest-Now-Decrypt-Later Risk Assessment

This workshop equips security teams to quantify harvest-now-decrypt-later exposure across their data assets and build risk-prioritised PQC migration plans.

Full day (6 hours + Q&A)
In person or online
Max 30 delegates
Commission This Workshop View Agenda

Proud to recommend our expert members

Qrypto Cyber
Eclypses
Arqit
QuantBond
Krown
Applied Quantum
Quantum Bitcoin
Venari Security
QuStream
BHO Legal
Census
QSP
IDQ
Patero
Entopya
Belden
Atlant3D
Zenith Studio
Qudef
Aries Partners
GQI
Upperside Conferences
Austrade
Arrise Innovations
CyberRST
Triarii Research
QSysteme
WizzWang
DeepTech DAO
Xyberteq
Viavi
Entrust
Qsentinel
Nokia
Gopher Security
Quside
Qrypto Cyber
Eclypses
Arqit
QuantBond
Krown
Applied Quantum
Quantum Bitcoin
Venari Security
QuStream
BHO Legal
Census
QSP
IDQ
Patero
Entopya
Belden
Atlant3D
Zenith Studio
Qudef
Aries Partners
GQI
Upperside Conferences
Austrade
Arrise Innovations
CyberRST
Triarii Research
QSysteme
WizzWang
DeepTech DAO
Xyberteq
Viavi
Entrust
Qsentinel
Nokia
Gopher Security
Quside

Workshop Description

Harvest-now-decrypt-later is the most immediate quantum threat facing organisations today. Nation-state adversaries and sophisticated threat actors are already intercepting and storing encrypted communications and data transfers for future decryption once cryptographically relevant quantum computers (CRQCs) become available. The question is not whether this is happening but which of your data assets are worth harvesting and how long they need to remain confidential.

This workshop provides a structured methodology for answering that question. The Mosca inequality gives a precise framework: if the time your data must remain confidential plus the time needed to migrate to PQC exceeds the time until a CRQC exists, the data is already at risk. Participants apply this framework to their own data assets, building a cryptographic inventory that maps data classification (public through to top secret) against retention periods (transient through to 25+ years) and encryption protocols (identifying where RSA key transport or ECDH key agreement creates quantum vulnerability). The output is a prioritised HNDL risk profile and a sequenced mitigation plan covering immediate actions (forward secrecy enablement, retention period reduction) and medium-term migration (hybrid ML-KEM key agreement deployment).

What participants cover

  • HNDL threat model: how adversaries collect encrypted data today for future quantum decryption, and which data types are highest-value targets (diplomatic, M&A, trade secrets, healthcare, classified)
  • Mosca inequality: quantitative risk scoring with worked examples for 5-year, 10-year, and 25-year retention data under optimistic, median, and conservative CRQC timeline assumptions
  • Cryptographic exposure mapping: protocol-level audit of TLS, VPN, email (S/MIME, PGP), and database encryption to identify quantum-vulnerable key agreement operations
  • Forward secrecy assessment: why ephemeral Diffie-Hellman provides limited HNDL protection and what additional measures are required
  • Mitigation sequencing: immediate actions (forward secrecy, retention reduction, symmetric encryption under customer control) before full PQC key agreement deployment
  • Board communication: translating HNDL risk into business language with timeline visualisations for different CRQC arrival scenarios

Preliminary Agenda

Full-day session structure with scheduled breaks. Content is configurable to your data classification framework, regulatory jurisdiction, and threat profile.

# Session Topics
1 The HNDL Threat Model Why harvest-now-decrypt-later is the most immediate quantum risk
2 Data Classification for HNDL Exposure Identifying which data assets face retroactive decryption risk
  • Mosca inequality: if data confidentiality period + migration time exceeds time to CRQC, the data is at risk now. Worked examples for 5-year, 10-year, and 25-year retention data.
  • Data sensitivity tiers: mapping classification levels (public, internal, confidential, restricted, top secret) against retention requirements to produce HNDL risk scores
  • High-value HNDL targets: diplomatic communications, M&A activity, trade secrets, patient records, classified intelligence, long-term contracts, and cryptographic key material itself
Break, after 50 min
3 Cryptographic Exposure Mapping Auditing which encryption protocols are vulnerable to retroactive quantum attack
  • Protocol-level exposure: TLS session keys (ephemeral versus static), VPN tunnel encryption, email encryption (S/MIME, PGP), and database TDE key wrapping
  • Key agreement vulnerability: RSA key transport and ECDH key agreement are the quantum-vulnerable operations. AES-256 symmetric encryption remains resistant.
  • Forward secrecy assessment: protocols using ephemeral Diffie-Hellman provide limited HNDL protection (captured ciphertext still decryptable if the key exchange is broken). Only PQC key agreement eliminates the risk.
4 Hands-On Exercise: HNDL Risk Assessment Building your organisation's HNDL exposure profile
  • Cryptographic inventory: cataloguing data assets by classification, retention period, encryption protocol, and key agreement mechanism
  • HNDL risk scoring: applying the Mosca inequality to each data class using configurable CRQC timeline assumptions (optimistic: 2035, median: 2040, conservative: 2050)
  • Priority heat map: visualising which data assets require immediate PQC migration versus those with acceptable remaining protection windows
Break, after 60 min
5 Mitigation Strategies and Migration Sequencing Practical steps to reduce HNDL exposure before full PQC migration
  • Immediate mitigations: enabling forward secrecy where not yet active, reducing data retention periods where regulations permit, and encrypting data at rest with quantum-resistant symmetric keys under customer control
  • PQC migration sequencing for HNDL: prioritise highest-sensitivity longest-retention data first. Key hierarchy migration before bulk re-encryption.
  • Hybrid key agreement: deploying ML-KEM alongside classical ECDH during the transition period to provide quantum resistance without breaking backward compatibility
6 Regulatory Landscape and Board Communication Compliance requirements and risk escalation for HNDL
  • CNSA 2.0 (NSA): explicit guidance that HNDL makes PQC migration urgent for classified and sensitive data. ENISA, BSI, ANSSI, and UK NCSC equivalent guidance.
  • NIST SP 1800-38 (Migration to Post-Quantum Cryptography) and its HNDL risk assessment recommendations
  • Board communication: translating HNDL risk into business language. Timeline visualisations showing when specific data classes become exposed under different CRQC arrival scenarios.
7 Q&A and Action Planning

Designed and Delivered By

Workshops are designed and delivered by QSECDEF in collaboration with sector specialists. All facilitators have direct experience in both quantum technologies and cyber defence operations.

QD

Quantum Security Defence

Workshop design and delivery

QSECDEF brings world-leading expertise in post-quantum cryptography, quantum computing strategy, and defence-grade security assessment. Our advisory membership spans 600+ organisations and 1,200+ professionals working at the intersection of quantum technologies and critical infrastructure security.

CY

Threat Intelligence Partners

Domain expertise and operational validation

HNDL risk assessment workshops are co-delivered with threat intelligence specialists who bring direct operational experience in data classification, adversary capability assessment, and cryptographic risk management for organisations handling sensitive and classified data.

Commission This Workshop

Sessions are configured around your data classification framework, regulatory retention requirements, threat profile, and existing encryption architecture. Get in touch to discuss requirements and schedule a date.

Contact Us
Cyber Defence Workshops All Consulting Services All Workshops