Introduction
Quantum computers harness the laws of quantum physics to process information in fundamentally different ways than classical computers, enabling them to solve certain complex problems far faster than today's most powerful supercomputers.1 Noting its "transformational capabilities" and national security implications, on June 22, 2026, President Trump signed two executive orders addressing the quantum computing landscape. The first order, Executive Order (EO) No. 14412, Securing the Nation Against Advanced Cryptographic Attacks, directs a government-wide migration to post-quantum cryptography and extends compliance obligations to federal contractors.2 The second order, EO No. 14413, Ushering in the Next Frontier of Quantum Innovation, establishes initiatives and commits resources to developing and commercializing quantum technologies.3 Together, they prescribe defensive efforts to guard against future threats of quantum-based cyberattacks and encourage proactive measures in the public sector to establish the United States as a world leader in the field of quantum information science and technology (QIST).
Defensive Measures vs. Proactive Efforts
Executive Order No. 14412
The first order addresses defensive measures that must be taken to guard against the cybersecurity threat that is posed by quantum-computing technology. The first order highlights the "harvest now, decrypt later" risk – the risk that adversaries are collecting encrypted U.S. data today to decrypt once quantum computers reach sufficient scale. The order mandates the transition of federal systems to post-quantum cryptography (PQC), algorithms built to resist both quantum and classical attacks. Although aimed at agencies, its reach extends to contractors, critical infrastructure operators, and vendors. Key requirements include:
- Strategic Coordination. The Office of Management and Budget (OMB) and the National Cyber Director lead nationwide PQC migration, with technical guidance from the National Institute of Standards and Technology (NIST) that may become benchmarks for the private sector.
- Agency Migration Plans. Within 30 days, each agency must name a "PQC migration lead"; within 90 days, OMB must require agencies to inventory high-value assets and adopt PQC for key establishment by year-end 2030 – a timetable vendors and contractors should plan around.
- Federal Contractor Compliance. Within 180 days, the Federal Acquisition Regulatory Council (FAR Council) must propose a rule requiring covered contractors to meet NIST's Federal Information Processing Standards (FIPS), including PQC-compliant algorithms, by year-end 2030; a further rule within 270 days will address contractor vulnerability disclosure, including cryptographic vulnerabilities.
- Critical Infrastructure. Sector Risk Management Agencies must work with the Cybersecurity and Infrastructure Security Agency (CISA) to help critical infrastructure owners migrate, and CISA must issue "cryptographic bill of materials" guidance, which outlines the hardware and software that will constitute "cryptographic assets."
- International Coordination. The State Department will engage foreign governments and industry to adopt NIST-standardized PQC, signaling converging requirements for cross-border transactions.
Executive Order No. 14413
Unlike the first order, which focuses on planning for the threat of quantum-computing attacks by hostile actors, the second order champions innovation in QIST. The second order establishes a "whole-of-government approach" to accelerate the deployment and commercialization of quantum technologies and for the U.S. to maintain a worldwide QIST advantage. Key provisions include:
- National Quantum Strategy Update. Within 180 days, the administration must update the National Quantum Strategy to promote commercialization and industry partnerships, opening new ways to engage with federal quantum programs.
- The Quantum Computer for Application Development and Discovery Science Effort. The "Quantum Computer for Application Development and Discovery Science" (QC ADDS) initiative targets delivery of at least one powerful quantum computer to a Department of Energy (DOE) facility. DOE must set specifications within 90 days and explore private-sector partnership models, including advance market commitments, within 180 days.
- Supply Chain and Domestic Manufacturing. Within 120 days, agency heads must plan to "encourage and partner with the private sector . . . to develop quantum-enabling component technologies" in the U.S., and the Secretary of Commerce must encourage "private sector adoption of QIST-related standards."
- Workforce Development. The Office of Personnel Management must develop a government-wide QIST recruitment and retention strategy within 90 days, and the National Science Foundation will establish QIST Workforce Development Institutes, expanding the talent pipeline employers rely on.
- Quantum Sensing and Networking. Within 60 days, the Secretary of Defense must identify at least three next-generation quantum sensor projects to field by September 30, 2028, and agencies must develop five year plans.
- International Competitiveness. The order aligns international engagements so U.S. quantum companies can reach allied markets while harmonized export controls keep critical technologies from adversaries – offering market access alongside tighter export obligations.
Impacts on the Private Sector
Though government contractors are the most directly impacted, these EOs create near-term strategic considerations for a wide range of businesses. If organizations were not already forecasting for the threat of a deployed quantum computer, what these EOs have highlighted is that any organization holding long-lived sensitive data – trade secrets, health, financial, or IP – faces the "harvest now, decrypt later" risk. As such, any delay in proofing against classical- and quantum-computing attacks will only widen the window of vulnerability. In addition, advance market commitments, public-private partnerships, and federal funding create significant openings for quantum hardware, software, and PQC companies and investors. As a result, companies should expect to see effects in supply chain contracts, vendor diligence, M&A cybersecurity representations, and export-control compliance, especially as the "cryptographic bill of materials" may become a market expectation.
So, with the EOs sure to weigh on the private sector, businesses should forecast for the transition to standards in QIST. Exemplary actions to take may include:
- Inventorying cryptographic assets and sensitive data, by prioritizing systems, vendors, and repositories that rely on public-key cryptography and data with long confidentiality lifecycles.
- Engaging vendors on their PQC roadmaps and building PQC-readiness requirements into procurement and contract renewals.
- Monitoring NIST and CISA guidance, including the cryptographic bill of materials guidance and the FAR Council's proposed rulemakings.
- Evaluating export-control and research-security exposure for quantum-enabling technologies used or transferred internationally.
- Exploring funding and partnership opportunities under the innovation order, such as advance market commitments and public-private partnerships.
Conclusion
Together, the two EOs push the public sector to defend against tomorrow's quantum threats while opening the door to new commercial opportunities in the quantum ecosystem. Companies, whether federal contractors, holders of long-lived sensitive data, or quantum-sector participants, should begin assessing their cryptographic readiness and potential opportunities now. Early movers will be best positioned to capture the advantages these orders create.
For questions regarding the quantum-computing landscape, strategy for implementation, and risk mitigation, please contact Dominic Rota or Leopoldo Yanez, or any member of Baker Donelson's Quantum Group.
Annie Blanchard and Jonathan Bogens, summer associates at Baker Donelson, contributed to this article.
---
1 NBC News, "Trump signs orders calling for powerful quantum computer," June 22, 2026, https://www.nbcnews.com/business/economy/trump-order-quantum-computer-rcna351237.
2 Exec. Order No. 14412, 91 Fed. Reg. 38,483 (June 25, 2026); Securing the Nation Against Advanced Cryptographic Attacks – The White House
3 Exec. Order No. 14413, 91 Fed. Reg. 38,487 (June 25, 2026); Ushering in the Next Frontier of Quantum Innovation – The White House