Post-Quantum becomes mandatory in cloud certification

6 min read

The new BSI criteria catalog C5:2026 includes 168 criteria-47 more than its predecessor. One change stands out: for the first time, the BSI demands verifiable handling of quantum threats. Initially, a demonstrable roadmap is required, not an immediate full transition. For those holding or pursuing C5 certification, this sets a clear deadline.

Related:Confidential Computing: Why encrypted data must stay protected during processing  /  Cloud misconfigurations: The most common breach cause no one fixes

What C5:2026 changes in the audit catalog

In the DACH cloud landscape, C5 isn’t just a nice-to-have-it’s a must. Many tenders require certification. For cloud providers serving the public sector or financial industry, it’s non-negotiable. The version published in April 2026 marks the first major update since 2020, expanding from 121 to 168 criteria and reorganizing them into 17 thematic areas.

The growth isn’t bureaucracy for bureaucracy’s sake. It reflects shifts in the threat landscape and technology. Containers now run in nearly every stack, confidential computing has moved out of niche applications, and the quantum question has leapt from research to compliance. For the first time, the catalog is also available as a machine-readable YAML file, making gap analysis against your own control system significantly easier.

Why Post-Quantum Needs to Be on Your Roadmap Now

The most common misconception about post-quantum cryptography is the timeline. A sufficiently powerful quantum computer capable of breaking today’s encryption methods doesn’t exist yet-but the risk is already here. The culprit is an attack strategy with an unassuming name: harvest now, decrypt later. An attacker collects encrypted data traffic today and waits until the necessary computing power becomes available.

In concrete terms, post-quantum cryptography means supplementing classical methods like RSA and elliptic curve cryptography with quantum-resistant algorithms. In 2024, NIST finalized the first standards, including ML-KEM for key exchange and ML-DSA for digital signatures. The algorithms are ready-the challenge lies in integrating them into existing systems, not in their availability.

For data requiring long-term protection, this is a real problem. Medical records, contracts, or engineering designs must remain confidential even a decade from now. Those relying solely on classical public-key cryptography today are betting that quantum computing development will progress slowly enough. C5:2026 turns this implicit assumption into a verifiable requirement. How far protection must extend depends on the processing model, as outlined in this article on Confidential Computing.

What Needs to Be on Your Checklist Before the Deadline

A cryptographic overhaul isn’t a patch you can deploy overnight. It requires lead time-and that starts with a seemingly mundane inventory. Four steps will determine whether your 2027 certification process runs smoothly.

1. Create a crypto inventory. If you don’t know where and which encryption methods are in use, you can’t migrate them. Libraries, certificates, protocols, and hardware modules all belong on a list. This work is tedious-and the most critical step.
2. Build crypto agility. Systems with hardcoded encryption methods are difficult to update. Where algorithms can be swapped out, migration becomes a configuration issue rather than a full-blown project.
3. Prioritize data by protection lifespan. Not everything needs quantum-safe encryption first. Data requiring long-term confidentiality takes precedence over short-lived session data. This prioritization saves migration budget.
4. Demand vendor roadmaps. If you use cloud services, ask providers now about their post-quantum plans. A certification is only as strong as the substance behind it.

An Honest Look at the Effort Involved

No one overhauls their cryptography over a weekend. In large environments, an inventory can take months because encryption lurks in places no one has checked in years. That’s precisely why an early start pays off. Those who wait until 2027 will certify under pressure-and risk overlooking that one legacy system that ultimately fails the audit. C5:2026 sets a deadline, and experience shows that’s when such overhauls actually get underway.

Frequently Asked Questions

What’s new in BSI C5:2026 compared to the previous version?

The catalog expands from 121 to 168 criteria and introduces first-time requirements for post-quantum cryptography, confidential computing, and container security. It’s also now available in a machine-readable YAML format.

When does C5:2026 become mandatory?

Type 2 certifications starting on or after 1 June 2027 must comply with the new catalog. Ongoing certifications remain unaffected for now.

Why is post-quantum cryptography relevant now, even though quantum computers don’t exist yet?

Because of the “harvest now, decrypt later” pattern. Attackers are already storing encrypted data today to decrypt it later. Data requiring long-term protection is therefore at risk now.

What’s the first practical step in preparing?

A complete crypto inventory. Without a clear overview of the algorithms, certificates, and libraries in use, no migration can be planned or effort estimated.

Does C5:2026 affect only cloud providers, or customers too?

Both. Providers must meet the criteria, while customers should demand their providers’ post-quantum roadmap and align their own data prioritization accordingly.

Editor’s Reading Recommendations

• Security Operations Center: Made in Germany
• The NIS2 Audit: How companies can prepare for the first inspection
• Insider Threats: When the danger comes from within your own company

More from the MBF Media Network

Image source: AI-generated (June 2026)

About the author: Alec Chizhik

More articles by Alec Chizhik