The encryption that protects almost everything has an expiration date. QuSecure builds the off-ramp - so banks, governments, and infrastructure can reach quantum-safe ground before the clock runs out.
// Post-Quantum Cryptography Made Simple · San Mateo, CA
In early 2026, the World Economic Forum published its annual list of Technology Pioneers. The usual giants were there. So was a cybersecurity outfit from San Mateo with roughly fifty-three employees and a single, very specific obsession: the day a quantum computer becomes powerful enough to break the encryption the world currently runs on. That company is QuSecure, and it has spent the past few years quietly turning a theoretical doomsday into a software migration.
QuSecure does not sell fear, which is impressive given how much fear is available in its market. It sells a product called QuProtect - a layer that finds the cryptography buried inside an organization's systems and swaps it for quantum-resistant standards, ideally without anyone having to rewrite their applications. The pitch is almost suspiciously calm: keep your infrastructure, change your math.
The quantum threat isn't a distant possibility - it's a reality that organizations need to address today.
Here is the uncomfortable part. The encryption protecting your bank transfers, your medical records, and a fair amount of national security traffic relies on math that classical computers find effectively impossible to reverse. A sufficiently large quantum computer would not find it impossible. It would find it tedious.
Adversaries already know this, which is why they have a strategy with an unusually honest name: harvest now, decrypt later. Encrypted data is being copied and warehoused today, on the bet that the key will be crackable tomorrow. The data you encrypt this afternoon could be read in plain text a few years from now. For a one-time secret that hardly matters. For a government cable or a decade-long financial record, it matters quite a lot.
FIG. A - The most patient heist in history: steal the locked box now, wait for the lockpick to ship.
The standards bodies saw it coming. After years of public competition, the U.S. National Institute of Standards and Technology finalized its first post-quantum cryptography standards. That solved the math. It did not solve the harder problem: getting thousands of real-world systems to actually adopt it. That gap - between a published standard and a running, protected network - is precisely where QuSecure decided to live.
NIST set the standards. Someone still had to make a sprawling, legacy enterprise actually use them.
QuSecure was founded in 2019 by Dave Krauthamer, Skip Sanzeri, Rebecca Krauthamer, and Kosta Vilk. Their wager was subtle. Most security companies sell you a better lock. QuSecure decided the smarter product was the ability to change locks quickly - what the industry calls crypto-agility.
The logic holds up. Nobody knows for certain which algorithm survives the next twenty years of cryptographic scrutiny. Betting the company on one specific cipher would have been the kind of confident mistake that ages badly. Betting on the ability to swap any cipher for the next one, on demand, across an entire network? That ages well no matter which algorithm wins.
FIG. B - Four founders, one premise: the safest cipher is the one you can replace before it breaks.
In February 2025, Rebecca Krauthamer - a Stanford Symbolic Systems graduate who landed on Forbes' 30 Under 30 for quantum work before turning thirty - stepped into the CEO seat. The handoff arrived alongside fresh money, which tends to make a leadership change look less like a gamble and more like a plan.
Don't sell a better lock. Sell the ability to change every lock in the building overnight.
You cannot protect what you cannot see, and most large organizations genuinely do not know where all their cryptography lives. It is scattered across applications, devices, network gear, and cloud services that nobody has fully mapped in years. QuProtect starts there: it discovers cryptographic assets and assembles them into an inventory - a Cryptographic Bill of Materials, in the trade.
From that map, the current R3 generation of the platform handles the unglamorous, important work: remediation, orchestration, policy enforcement, and compliance reporting. The selling point that customers actually care about is the part it avoids - migrating without rewriting application code or scheduling painful downtime. It is a centralized control plane for an organization's encryption, which is a sentence that sounds boring until you realize nobody had built a good one.
The crypto-agility platform: centralized discovery, remediation, orchestration, and compliance reporting, built on a modular architecture so post-quantum standards can drop in fast.
Builds a live inventory and Cryptographic Bill of Materials, so security teams finally know where every cipher hides and what to fix first.
Swaps existing cryptography for NIST post-quantum standards across networks, cloud, IoT, edge, and satellite - without changing application code.
Policy enforcement and orchestration across the whole estate, so the next migration is a setting to change, not a project to survive.
FIG. C - Four modules, one promise: the most disruptive security upgrade in a generation, delivered as a non-event.
Keep your infrastructure. Change your math. Try not to make headlines while doing it.
Talk is cheap in cybersecurity, where every vendor claims to be quantum-ready. QuSecure's answer was to do something hard enough to be checkable. In March 2023 it ran what it says was the first live, end-to-end quantum-resilient cryptographic communications link through space, bouncing protected data off a Starlink satellite. Weeks later, with Accenture, it pulled the same trick across multiple orbits - low-Earth and geosynchronous - which is a strange flex until you remember satellites are exactly the long-lived systems that harvest-now-decrypt-later targets.
FIG. D - Small headcount, large blast radius. The math of a company that picked one hard problem.
Then came the buyers who do not hand out endorsements lightly. The U.S. Army awarded an SBIR Phase II contract for quantum-resilient software on tactical edge and IoT devices. The Air Force followed with a $3.9M TACFI contract. On the commercial side, the customer base reportedly spans telecoms, energy companies, global cloud providers, and financial institutions including European bank Banco Sabadell.
SERIES A FUNDING · $28M TOTAL · ANNOUNCED FEB 2025
Bars indicate relative round prominence, not exact dollar splits. Accenture is both an investor and a satellite-demo partner - rare alignment of money and proof.
You can argue with a pitch deck. It's harder to argue with encrypted data that survived a trip to a satellite and back.
The Series A itself reads as a vote on the calm thesis. Two Bear Capital led, Accenture Ventures joined, and the same Accenture had already been in orbit with the product. When your strategic investor has personally watched the thing work, the due diligence tends to go faster.
QuSecure's unique ability to facilitate this migration, without disruption to existing technology solutions, positions them as a pivotal player. - MIKE GOGUEN, TWO BEAR CAPITAL
QuSecure's stated mission is almost anti-dramatic: make post-quantum cryptography simple. Strip away the marketing and it means something concrete - turn a once-in-a-generation cryptographic transition into a normal operational task, the kind of thing a security team schedules rather than fears.
There is a longer-game ambition underneath it. If crypto-agility becomes the default, then the next migration after post-quantum - whatever threat shows up in 2040 - is no longer an emergency either. The company is, in effect, trying to make encryption changes boring forever. In security, boring is the highest compliment available.
The goal isn't to win the quantum migration. It's to make every migration after it a non-event.
Nobody can tell you the exact day a cryptographically relevant quantum computer arrives. That uncertainty is the whole problem. You cannot wait for the announcement, because by then the harvested data is already exposed and the migration takes years you no longer have. The only sane move is to start before you are sure - which is an awkward thing to budget for, and exactly the behavior QuSecure is built to enable.
So return to that 2026 Technology Pioneer list, the one with the giants. A fifty-three-person company landed there not because it predicted the quantum future, but because it built the thing that lets everyone else stop having to. The encryption protecting almost everything still has an expiration date. QuSecure's bet is that the date stops being scary the moment changing your cryptography is as routine as changing a password. They have demos in orbit, contracts in uniform, and a strategic investor who watched it work. The clock is still ticking. They are just no longer the ones sweating it.