Canadian post-quantum cybersecurity company specializing in enterprise PQC migration, quantum-resistant entropy, identity, and secure data infrastructure. Operating across 13 countries with 11 value-added distributors and active engagements spanning enterprise, public-sector, and government procurement channels. Generating revenue today through enterprise deployments, channel partnerships, and renewals — with a flagship migration platform (QPA v2) launched March 31, 2026 and the first municipal government pilot signed March 18, 2026.
Organizations are now moving from understanding quantum risk to actively planning for it. QPA v2 is designed to support that transition — assess current state, prioritize risk, plan the migration.
Most public quantum names trade on a "someday" thesis — Q-Day arrives, encryption breaks, the world rewires. That story is real, but distant. The story that's measurable today is the regulatory migration ahead of it. And on that timeline, QSE has been moving on a different cadence than the rest of the sector — global footprint, channel growth, government engagement, productized platform, recurring revenue.
Operational footprint expanded from four markets to thirteen countries in approximately four months — a 3.25× expansion driven by enterprise demand for structured post-quantum migration capability across multiple regions.
Eleven value-added distributors across multiple global regions, with two additional partnerships expected to finalize in the near term. Channel-led GTM positioning QSE for scaled enterprise deployment without proportionate sales headcount.
First municipal government post-quantum security pilot announced March 18, 2026 — conducted through MISA, Canada's municipal IT systems association. Additional municipalities currently in discussion. Bridge from pilot to broader public-sector procurement.
Memberships in the Canadian Association of Defence and Security Industries (CADSI) and Municipal Information Systems Association (MISA) — formal pathways into Canadian federal defense, security, and municipal cybersecurity tenders involving PQC readiness.
Granted stock options to purchase up to 2,600,000 common shares at an exercise price of $0.40 per share, expiring five years from the grant date and subject to vesting requirements as determined by the board. Issued to directors, officers, employees, and consultants — supporting alignment of leadership and the team to long-term execution of the post-quantum platform strategy across global enterprise and public-sector markets.
Official launch of QPA v2 — QSE's enterprise post-quantum cryptographic migration platform. Includes PQC Planning Wizard, AI-enhanced assessment and questionnaire modules, integrated software, hardware, and cryptographic inventory analysis, centralized executive dashboard, and integrated reporting. Live and actively being utilized by both existing and prospective clients.
Announced QSE's first municipal government post-quantum security pilot through engagement with MISA (Municipal Information Systems Association), Canada's municipal IT collaboration body. Pilot uses the QPA platform to evaluate cryptographic exposure and migration readiness. The Company is currently engaged in discussions with additional municipalities evaluating similar PQC readiness initiatives.
Confirmed participation in Quantum Security Defence World Symposium (Paris), GITEX Quantum Expo Asia (Singapore), Cyber UK 2026 (Glasgow), GISEC Global (Dubai, as part of a Canadian cybersecurity delegation), Gartner Security & Risk Management Summit (Washington, D.C.), and Q2B 2026 Tokyo — pipeline-building cadence aligned with enterprise and government PQC procurement timing.
Operational footprint expanded from 4 markets to 13 countries since November 2025. Value-added distributor channel grew to 11 partners across multiple regions, with two additional partnerships expected to finalize in the near term. QPA platform enhanced with automated SBOM, CBOM, and HBOM inventory analysis. Quantum-resistant entropy integrated into QAuth identity workflows.
QAuth identity platform integrated with QSE's proprietary quantum-resistant entropy — entropy embedded into SSO key generation. QPA v2 enhancements aligned with publicly available Canadian government PQC migration roadmap principles (preparation and identification phases). Risk prioritization includes long-term exposure scenarios such as "harvest now, decrypt later" (HNDL) threats.
NIST IR 8547 establishes the timeline: RSA and ECC algorithms operating at 112-bit security are deprecated after 2030, and quantum-vulnerable public-key algorithms are disallowed in NIST standards and FIPS guidelines after 2035 — regardless of key length. These are the algorithms protecting virtually every TLS connection, banking transaction, and identity certificate in modern infrastructure. Federal contractors and FedRAMP-authorized systems are in scope by reference.
The EU's coordinated post-quantum cryptography implementation roadmap, published in June 2025 by the NIS Cooperation Group with European Commission backing, calls on all member states to begin PQC transition by the end of 2026. Critical infrastructure is targeted for transition by the end of 2030. The Commission's January 2026 NIS2 amendment proposal contains the first explicit PQC requirement written into directive text — moving the framework from coordinated guidance toward formal regulation.
Executive Order 14144 (January 16, 2025) embedded post-quantum cryptography migration deadlines into federal cybersecurity policy, including CISA's PQC product category list and the January 2030 TLS 1.3 requirement. Executive Order 14306 (June 6, 2025) amended EO 14144 while preserving its core PQC framework. Federal procurement is increasingly contingent on PQC-readiness — a structural tailwind for vendors with productized migration platforms.
The Canadian government has published its post-quantum cryptography migration roadmap — preparation, identification, planning, execution. QPA v2 is structurally aligned to this guidance. CADSI and MISA memberships provide formal procurement pathways into federal defense and municipal cybersecurity tenders.
Enterprises and agencies don't migrate because of a quantum breakthrough — they migrate because the regulators have already set the calendar. QSE is selling into a market that has been mandated, not just predicted.
Most quantum investments rest on the assumption that quantum computing arrives at scale and breaks today's encryption. That's a real risk and a real day, but the investment timing is uncertain. QSE's revenue thesis doesn't require Q-Day to arrive — it requires NIST 2030, EU end-of-2026, and EO 14144/14306 to remain on the books. They will.
4 → 13 countries since November 2025. 11 VADs with two more pending. First municipal pilot signed March 18. CADSI and MISA government procurement memberships secured. QPA v2 launched March 31 and live with both existing and prospective clients. These are the operational signals that separate execution from press releases.
The Company explicitly states it generates revenue through enterprise deployments, channel partnerships, and renewal activity from existing customers. That is meaningfully different from the broader quantum cohort, where many companies remain pre-revenue or revenue-light and depend on government grants and capital markets to fund operations.
QPA v2 (migration), qREK SDK + Entropy-as-a-Service (foundation), QAuth (identity), QSE-Chat (communications), and decentralized encrypted storage (data-at-rest) — anchored on NIST standards–aligned hardware QRNG. Enterprises don't buy point tools for cryptographic migration; they buy structured platforms. QSE has built one and is selling it through channel.
Quantum-themed equities have meaningfully retraced from late-2025 highs as the market has rotated away from speculative themes. The mandates haven't changed. NIST 2030 hasn't changed. The EU 2026 calendar hasn't changed. EO 14144 and 14306 haven't changed. QSE's commercial traction over that period has accelerated. For investors with conviction in the regulatory tailwinds, the asymmetry has improved, not deteriorated.
The broader quantum cohort trades on a future-state thesis: hardware companies betting on the eventual arrival of fault-tolerant quantum computing, and software companies positioned for what happens when that arrival breaks today's encryption. Both are real, but both are timing-uncertain. QSE's thesis is different — it's not built on Q-Day arriving, it's built on the regulatory migration that has to happen before Q-Day. NIST has set after-2030 deprecation and after-2035 disallowance for RSA/ECC. The EU's coordinated roadmap calls on member states to begin PQC transition by end-of-2026 with critical infrastructure transitioned by 2030. U.S. EO 14144 and EO 14306 set federal PQC policy. The Canadian government has published its PQC roadmap. Those are scheduled events, not speculation. QSE is selling the platform that does the scheduled work — and is generating revenue today through enterprise deployments, channel partnerships, and renewals while the rest of the sector waits for the headline.
QSE sells a four-layer post-quantum platform anchored on proprietary quantum-delivered entropy. Layer 1 is QPA v2, the enterprise migration platform — customers run a structured assessment, generate cryptographic and software bills of materials (CBOM/SBOM/HBOM), prioritize risk, and receive a roadmap aligned to recognized frameworks including the Canadian government PQC roadmap. Layer 2 is qREK + Entropy-as-a-Service — quantum-resilient key generation backed by NIST standards–aligned hardware QRNGs, delivered via REST APIs that integrate into existing infrastructure. Layer 3 is QAuth, the identity and SSO platform with quantum-resistant entropy embedded into key generation. Layer 4 is QSE-Chat and decentralized encrypted storage — secure communications and storage for data-in-motion and data-at-rest. A typical engagement begins with QPA assessment, expands to qREK/EaaS for active key generation, integrates QAuth for identity, and can extend to QSE-Chat and storage based on customer needs.
QSE has explicitly stated that it generates revenue through enterprise deployments, channel partnerships, and renewal activity from existing customers. That is a different revenue mix than pilot-only or grant-funded revenue. Specific dollar amounts are reported through the Company's MD&A filings on SEDAR+; investors should review those filings for quarterly detail. The qualitative signals supporting traction include: 13-country operational footprint (up from 4 in November 2025), 11 value-added distributors with two more in late-stage discussion, a first municipal government pilot signed March 18, 2026, and commercial activity continuing across early 2026 according to the March 10 corporate update. Pilots are present in the mix but they are not the revenue thesis on their own — channel-led recurring deployments are.
QSE is a development-stage technology company with material risks identified in its public filings on SEDAR+. Those include, but are not limited to: market adoption pace of post-quantum cryptography across enterprise and government buyers, dependence on continued regulatory and standards-body activity (any rollback or delay of NIST/EU/EO timelines would directly impact buyer urgency), competition from larger cybersecurity vendors integrating PQC capabilities, capital markets access for a small-cap CSE-listed issuer, foreign exchange exposure across a 13-country operating footprint, and execution risk in scaling channel partnerships and government procurement engagement. The Canadian Securities Exchange has not passed upon the merits of the Company's business. Forward-looking statements are inherently uncertain and investors should review the latest MD&A and risk factors before sizing positions.
The competitive question is real. Larger vendors — IBM, Microsoft, Cloudflare, AWS, Palo Alto, CrowdStrike — will integrate PQC capabilities into their existing platforms over time. QSE's defensibility rests on three things: (i) the proprietary quantum-resistant entropy foundation backed by NIST standards–aligned hardware QRNG, which is non-trivial to replicate without specialized hardware investment; (ii) the productized assessment-to-migration workflow (QPA v2) which is purpose-built for the specific task of post-quantum migration rather than retrofitted into a broader product; and (iii) channel velocity — 11 VADs already deploying, with embedded distribution relationships in 13 markets that take years to replicate. Larger vendors will compete, but they will not own the SMB and mid-market PQC migration channel. QSE's window is the gap between regulatory mandate and large-vendor product readiness — typically a multi-year window in cybersecurity.
Three converging factors define the current window: (i) the EU coordinated roadmap calendar enters its execution phase by end of 2026 — that's procurement and budgeting cycles happening this calendar year, not next; (ii) QSE has compressed six material catalysts into approximately six weeks (entropy-SSO + Canadian roadmap alignment, 13-country footprint, conference pipeline, municipal pilot, QPA v2 launch, stock options grant) — building a multi-program book of work simultaneously while the rest of the sector has been re-pricing; and (iii) the broader quantum cohort has been oversold relative to the regulatory tailwinds underpinning it, creating an entry point where the published timelines remain intact but the implied probability of enterprise PQC adoption has been priced lower than the schedules warrant. Investors who wait for the EU 2026 milestone to publicly hit and the headlines to follow will be paying for confirmed news rather than backing the execution that produces it.
QSE — Quantum Secure Encryption Corp. (CSE: QSE / OTCQB: QSEGF / FSE: VN80) is a Canadian post-quantum cybersecurity company. Investor materials, the Company's MD&A filings on SEDAR+, recent press releases, and product information are available through the Company's website.