About the PQC Migration Framework
The Applied Quantum PQC Migration Framework is an open-access, practitioner-grounded methodology for planning and executing enterprise-wide post-quantum cryptography migration. It was developed by Marin Ivezic and published by Applied Quantum.
The framework is not a theoretical exercise. It was built from direct experience leading real PQC migration programs — including programs generating up to 120,000 tasks in a single enterprise’s integrated master schedule. Of those, approximately 30,000 were direct cryptographic upgrade tasks, each addressing buckets of cryptographic functions numbering in the millions. The other 90,000 were enterprise enablement work: governance, vendor engagement, training, policy, infrastructure modernization, testing, and operational integration. That 1:3 ratio of direct-crypto-to-enablement tasks is one of the framework’s key insights — and one of the reasons PQC migration is far more complex than most organizations anticipate.
The framework provides the complete 8-phase lifecycle from securing executive mandate through sustained crypto-agility, with cross-cutting foundations covering maturity assessment, metrics, regulatory mapping, and team structure. Sector-specific extensions adapt the methodology for financial services, telecommunications, critical infrastructure / OT, and government & defense environments.
Marin Ivezic
Marin Ivezic brings over thirty years of experience at the intersection of cybersecurity, cryptography, and enterprise risk, and over twenty-five years of involvement with quantum technologies.
His classical cryptography career spans more than two decades of cryptographic upgrade programs across some of the world’s largest enterprises. His post-quantum work began over a decade ago, working with critical national infrastructure clients who recognized the need to prepare early.
Marin has held regional and global leadership positions at IBM, Accenture, PwC, and KPMG. He is the founder and CEO of Applied Quantum, a research-driven professional services firm focused entirely on quantum technologies and post-quantum security. He is the author of PostQuantum.com, a premier quantum security publication with over one million monthly readers.
He is the author of Quantum Sovereignty: Strategic Leadership in the Quantum Era (2026) and The Future of Leadership in the Age of AI (2020, co-authored with Luka Ivezic). He is a SANS Institute instructor for SEC529 (Quantum Security Readiness for Executives) and SEC531 (Applied Quantum Security: Quantum Computing for Security Professionals), and is completing a PhD in Quantum Computing.
Applied Quantum
A research-driven professional services firm focused entirely on quantum technologies and post-quantum security, serving financial services, government & defense, telecommunications, critical infrastructure, healthcare/pharma, and digital assets sectors.
PostQuantum.com
Marin’s personal blog on quantum security, with over one million monthly readers. Practitioner-grounded analysis aimed at CISOs, CTOs, security architects, and technology leaders. Every aspect of this framework has been analyzed in depth on PostQuantum.com over the past decade.
PQCFramework.com
This site — the dedicated companion for the framework, providing direct access to the framework documents, sector extensions, and supporting materials.