Skip to content
Close
SEARCH
en
it
Request demo
en
it
Request demo

CyberGrant protects every aspect of your digital security

Discover the modular solutions designed to protect your company from external and internal threats, as well as new challenges like AI.

Solutions Overview
key-minimalistic-square-3-svgrepo-com

DATA LOSS PREVENTION

Digital asset protection

Automatic classification

Cloud encryption

Email protection

Anti-phishing

password-minimalistic-input-svgrepo-com

ACCESS MANAGEMENT

RDP protection

Access rules

Stolen Device

Internet access

email grant

EMAIL SECURITY

Post-send control

Protected Attachments

Human error

Advanced encryption

laptop-svgrepo-com (1)

ENDPOINT PROTECTION

Malware blocking

Insider threat

Remote access

Application control

Zero trust

Zero-day defense

pulse-svgrepo-com

MONITORING

Device control

Shared files

password

CREDENTIALS PROTECTION

Company vault

Controlled sharing

Zero-trust encryption

Logging and generation

share

FILE SHARING

Third-party users

RBAC

Anti-AI scraping

VDR

medal-ribbons-star-svgrepo-com

COMPLIANCE

Standards

Compliance risks

bot-svgrepo-com

ARTIFICIAL INTELLIGENCE

AI control

Automated classification

AI blocking 

magnifer-bug-svgrepo-com

ASSESSMENT

Surface scan

Vulnerability check

Pen Test

Ransomware simulation

Phishing test

DDoS simulation

 

Tailored cybersecurity for every business.
Scalable solutions compatible with legacy systems, designed for both SMEs and large enterprises requiring full control over data, access, and sharing.

Industry Overview

FINANCIAL

SERVICES

IT
Consulting
Travel
Advertising

REAL ESTATE

Construction
Real Estate

LEGAL

MULTIUTILITIES

Oil & Gas
Electricity
Telco

HEALTHCARE

RETAIL & LOGISTICS

E-commerce
Transportation
Shipping
Retail chains

MANUFACTURING

Design
Automotive
Industrial

PUBLIC ADMINISTRATION

Central agencies
Local agencies
Supranational orgs

Discover security features to protect your data, files, and endpoints

FileGrant Features
RemoteGrant Policies
FileGrant
FileGrant

Securely store, share, and manage your files with an advanced, easy-to-use, and highly customizable platform

 

Explore FileGrant
SG_pittogramma_blu
SecretGrant

Control every credential like a file. Share, track, and revoke access instantly.

 

Explore SecretGrant
RemoteGrant
RemoteGrant

RemoteGrant protects your business from attacks and data loss by enabling employees to securely access workstations and files from anywhere.

 

Explore RemoteGrant
EmailGrant
EmailGrant

Encrypt every email and keep control of attachments, even after sending.

 

Explore EmailGrant
AG_pittogramma_blu
AIGrant

AIGrant is your personal assistant - it understands your data, keeps it secure, and delivers exactly what you need.

 

Explore AIGrant
AdobeStock_2031466207-Quantum-safe
CyberGrant TeamJun 8, 2026 6:39:52 PM15 min read

Post-quantum encrypted file sharing: 2026 guide

Post-quantum encrypted file sharing: 2026 guide
21:23

Post-quantum encrypted file sharing: a practical guide for regulated organizations in 2026

 

 

Key takeaways

  • CRYSTALS-Kyber, standardized by NIST as FIPS 203 in August 2024, is the only post-quantum encryption algorithm recognized by an international standard. FileGrant Enterprise applies it automatically to every file uploaded to the platform; with Lock&Go, that same encryption persists after download, on the recipient's device.
  • The "harvest now, decrypt later" threat is already active: attackers are collecting classically encrypted files today, waiting for quantum computers to make them readable. Contracts, patents, and medical records are at risk even without a current breach.
  • TLS 1.3 channel encryption does not protect file contents once delivered to the recipient. Persistent, file-centric encryption that travels with the document is the only protection that holds after delivery.
  • According to the Verizon DBIR 2026, 48% of documented breaches involve third parties: up 60% year over year. For regulated organizations, every file shared with a vendor is a potential attack vector.
  • NIS2 (Italy: D.Lgs. 138/2024), DORA (EU Regulation 2022/2554), and GDPR (EU Regulation 2016/679) all require demonstrable access traceability. Saying files are protected is no longer enough: you need exportable logs to prove it.
  • Data residency in Italy (or within the EU) is an operational resilience issue, not just a legal formality. Who holds the encryption keys matters as much as where the data lives.

 

A contract with an investment bank. The technical specifications of a pharmaceutical plant. An oncology patient's medical record. These files travel every day via email, sharing platforms, and shared links. They arrive at their destination with the transport encrypted, then become readable. From that point on, anyone who received them can open, copy, or forward them...and you will never know.

The question is not whether an attacker will intercept the channel. It is what happens to your data after the channel delivers it.

 

Why post-quantum encrypted file sharing is already urgent for regulated organizations

The quantum threat is not a 2035 problem. It became relevant in 2024, and the groundwork has been laid for years. The logic is straightforward: an attacker with access to compromised network connections or servers can collect today's RSA- or ECC-encrypted files, archive them, and wait until quantum hardware reaches the processing power needed to break them. This approach has a specific name: harvest now, decrypt later (HNDL).

For long-lived data, the risk is real and present. An industrial patent is valid for twenty years. A critical supply contract spans five to ten. A medical record may stay relevant for decades. Any file shared today using only classical encryption is a file being staked on the bet that no one is collecting it for future decryption.

Current quantum computers still face significant hardware constraints: they require near-absolute-zero temperatures, vacuum chambers, and extreme environmental stability. Conservative estimates place cryptanalytically relevant quantum computers 10 to 15 years away. Some put that timeline at 2029 or earlier. Either way, the data archive being built by adversaries today is not waiting for that deadline.

The NIST responded by standardizing CRYSTALS-Kyber as FIPS 203 (ML-KEM) in August 2024, the first internationally recognized post-quantum standard, following a selection process launched in 2016. Agencies including ENISA, France's ANSSI, and the UK's NCSC have endorsed NIST's guidance, and several have set compliance deadlines. For organizations handling data with multi-year value, adopting quantum-safe encryption is now part of standard risk management, not a forward-looking investment.

 

How classical cryptography works and why quantum computers break it

Understanding what makes CRYSTALS-Kyber different starts with how today's encryption works.

Encryption algorithms protect information through mathematical transformations, making data unreadable to anyone without the right key. Two families cover most of what is in use today.

Symmetric algorithms (such as AES-256) use the same key to encrypt and decrypt. Think of a safe that you and one authorized recipient each hold an identical copy of the key to. They work well for large volumes of data at rest. The problem is securely delivering that shared key to someone you cannot reach through a direct, trusted channel.

Asymmetric algorithms (such as RSA and ECC) use two separate keys: one public, one private. The public key can be shared with anyone: it works like a mailbox slot. Anyone can drop a message in by encrypting it with the public key, but only the recipient, holding the private key, can open it. This architecture underlies the internet: it secures TLS sessions, encrypted email, and digital signatures.

The security of RSA and ECC depends on the mathematical difficulty of factoring large integers or computing discrete logarithms. For a classical computer, these operations would take an astronomical amount of time. A sufficiently powerful quantum computer running Shor's algorithm can perform them in seconds. Every key protecting billions of today's transactions would become breakable.

AES-256 holds up better. Known quantum algorithms cut its effective security in half (from 256 to 128 bits) but do not eliminate it. Symmetric encryption with sufficiently long keys is still considered solid in a post-quantum scenario. The true vulnerability is key exchange, which is exactly where RSA and ECC operate.

 

What TLS encryption actually protects (and what it does not)

There is a persistent misconception worth addressing before discussing solutions.

When you send a file by email or upload it to a sharing platform, the transmission channel is encrypted with TLS 1.3. The file is protected in transit. But TLS encrypts the transport, not the content. The moment the file is delivered to its destination, the channel has done its job and its protection ends there.

The file becomes readable again. The recipient opens it, downloads it, and may forward it. If the recipient's email account is compromised, if their device is infected, or if the file ends up on an unauthorized server, TLS encryption offers no protection. It was never designed to.

File-centric protection works differently: the document is encrypted at creation, and that encryption persists regardless of where the file goes: inside the network, outside it, on a vendor's device, attached to an email. Anyone without valid credentials cannot open it. Anyone whose access was revoked can be locked out in real time, even after delivery.

 

How CRYSTALS-Kyber works in file sharing

CRYSTALS-Kyber is a Key Encapsulation Mechanism based on lattice-based cryptography. Unlike RSA and elliptic curve algorithms, its security does not rely on the difficulty of integer factorization or discrete logarithm computation, problems that a sufficiently powerful quantum computer would solve quickly using Shor's algorithm. The lattice problems underlying Kyber resist all known quantum algorithms.

The NIST post-quantum standardization process began in 2016, with researchers worldwide submitting and analyzing candidates through multiple rounds of public scrutiny. CRYSTALS-Kyber was published as FIPS 203 (ML-KEM) in August 2024.

In FileGrant Enterprise, CRYSTALS-Kyber encryption is applied automatically to every file uploaded to the platform. The Lock&Go function extends that protection beyond the platform itself: when a file is downloaded, post-quantum encryption persists on the recipient's device and opening it requires active authentication. Keys are managed by the organization in zero-knowledge mode: CyberGrant cannot access the contents. Access revocation, audit trails, and RBAC controls all operate on the encrypted file, not on the channel.

 

Audit trails and governance: what NIS2 requires in 2026

Italy's NIS2 implementation (D.Lgs. 138/2024, effective October 16, 2024) lists operation traceability and incident management among mandatory security measures. The scope covers essential and important entities in critical sectors, with a general threshold of 50 employees or €10 million in revenue, plus organizations involved as supply chain vendors.

The ACN Determination 127437 of April 13, 2026 tightened this framework considerably, shifting the compliance standard from declared measures to demonstrable resilience. The critical distinction: it is no longer sufficient to describe what security controls are in place. You must document them with data. In the event of an incident or inspection, you need to reconstruct who accessed which file, from which device, at what time.

An effective document-sharing audit trail must log: document opens, downloads, shares with third parties, denied access attempts, and revocations. Logs must be tamper-proof and exportable for compliance review. File-centric protection generates these logs by design: every interaction with an encrypted file produces a traceable event, even after the document has left the corporate network.

Without this granular traceability, NIS2 compliance stays formal. The ACN Determination made clear that regulators distinguish between organizations with a written policy and organizations that can prove the policy works.

 

Data residency: why it goes beyond GDPR

GDPR (EU Regulation 2016/679, Article 32) made risk-appropriate encryption mandatory for personal data. NIS2 extends that principle to operational data in critical sectors. But data residency answers a different question.

When files live on infrastructure outside the EU, control over that data depends on the provider's jurisdiction. A legal dispute, a regulatory change, or a terms-of-service update can remove access at the worst possible moment. For regulated Italian organizations, keeping data on Italian or EU infrastructure is not a compliance checkbox, it is an operational resilience condition.

Two elements determine real control:

  • Where the data lives physically: on-premises deployment or Italian infrastructure ensures files do not transit non-EU servers.
  • Who holds the encryption keys: in a zero-knowledge architecture, encryption keys stay with the organization. Not even the platform provider can access the contents.

CyberGrant's R&D and founders are based in Italy, with operational headquarters in Milan. FileGrant Enterprise on-premises deployment keeps files and keys under the organization's direct control.

 

Third-party risk in 2026: the numbers that matter

According to the Verizon Data Breach Investigations Report 2026, 48% of documented breaches involve third parties: a 60% increase over the previous year. That figure was 15% in 2023 and 30% in 2025. In the manufacturing supply chain specifically, the DBIR 2026 puts third-party involvement at 61% of sector breaches.

The Clusit Cybersecurity Report (March 2026) reports a 42% increase in Italy's total incident count in 2025 compared to 2024. Italian manufacturing accounts for 16% of all global incidents in that sector — a significant overrepresentation that reflects the structure of Italian industrial supply chains and the uneven security maturity of their vendors.

According to the IBM Cost of a Data Breach Report 2025, the average breach cost in Italy was USD 3.44 million in 2025. Supply chain compromise ranked as the second most frequent initial attack vector (15% of cases) and the second most costly at USD 4.91 million per incident, ahead of compromised credentials.

The ACN Determination of April 13, 2026 made supply chain exposure an explicit compliance checkpoint: organizations must map critical dependencies and demonstrate that data protection holds outside the perimeter. File-centric encryption answers that requirement structurally. A compromised vendor finds files they cannot open without active credentials.

 

Which regulated sectors need to move first

The short answer: any sector covered by NIS2, DORA, or GDPR in combination with data that retains value over years. In practice:

Financial services and banking: DORA (EU Regulation 2022/2554, applicable from January 17, 2025) requires ICT risk management across the full vendor chain. Contracts, credit files, and due diligence documentation carry decade-long confidentiality horizons. The Clusit 2026 report notes a 27% increase in Financial/Insurance sector incidents in 2025 despite DORA-driven security investments.

Insurance: same DORA framework, with the addition of claims files and actuarial data that retain value for years.

Pharma and healthcare: patents, EMA regulatory dossiers, clinical trial data. A patent is valid for twenty years. The Verizon DBIR 2026 places third-party involvement at 32% of healthcare breaches. Average Italian breach cost: USD 3.44 million (IBM Cost of a Data Breach Report 2025).

Legal and notarial firms: deeds, contracts, and strategic case files leave the office daily, headed to clients and counterparties. Email attachments with no persistent encryption are not a defensible model for data with multi-decade relevance.

Public administration and defense: essential entities by definition under NIS2, with traceability requirements the ACN Determination has made operational and auditable. The Clusit 2026 data shows a 290% increase in incidents targeting the Italian government and defense sector in 2025 compared to 2024.

Manufacturing and industrial supply chains: Italy is significantly overrepresented in global manufacturing incidents (16% of the worldwide total). Technical specifications, plant designs, and OEM vendor contracts travel across long supply chains with highly variable security maturity.

 

How to implement a post-quantum encrypted file sharing platform

Deploying quantum-safe file sharing does not require rebuilding existing infrastructure. FileGrant Enterprise works alongside what organizations already use, SharePoint, OneDrive, corporate email, without replacing it, adding the file-centric protection that those tools do not provide.

The key implementation steps:

1. Automatic document classification: identify which files contain critical data (personal data, trade secrets, contractual documentation, regulatory dossiers) and apply protection policies automatically at creation.

2. Automatic encryption with CRYSTALS-Kyber: every file uploaded to the platform is encrypted automatically with post-quantum protection. With Lock&Go, that encryption persists after download: the file stays protected on the recipient's device and requires active authentication to open.

3. Granular RBAC: permissions by role, by document, by validity period. Access can be revoked in real time, even after delivery to an external recipient.

4. Complete, exportable audit trail: every access, every download, every denied attempt is logged with timestamp, user identity, and device. Logs are exportable for NIS2 and DORA compliance reviews.

5. Anti-screen capture and anti-AI scraping: the file cannot be photographed from the screen or extracted by unauthorized generative AI tools, even when opened on an external device.

6. Post-sharing revocation: if a vendor is compromised or an access grant is no longer valid, the file becomes inaccessible retroactively, no physical document retrieval required.

7. On-premises deployment with zero-knowledge keys: keys stay with the organization. The platform provider cannot access the contents.

 

FAQ on post-quantum encrypted file sharing for regulated organizations

 

What is post-quantum cryptography and why does it affect file sharing?

Post-quantum cryptography refers to encryption algorithms designed to resist attacks from quantum computers, as well as classical ones. The most widely used public-key algorithms today, RSA and ECC, are based on mathematical problems (integer factorization, discrete logarithms) that a sufficiently powerful quantum computer could solve in seconds using Shor's algorithm. For file sharing, the implication is immediate: any document shared today with classical encryption can be archived by an attacker and decrypted later. For data with multi-year value, the threat is already active. The NIST standardized three post-quantum algorithms in 2024, including CRYSTALS-Kyber as FIPS 203.

What is CRYSTALS-Kyber and why does it matter for regulated organizations?

CRYSTALS-Kyber is the post-quantum encryption algorithm standardized by NIST in August 2024 as FIPS 203 (ML-KEM). Unlike RSA and ECC, it is based on lattice-based mathematical problems that resist all known quantum algorithms. For organizations handling long-lived data (contracts, patents, health records, regulatory dossiers) the relevance is immediate: harvest-now-decrypt-later attacks make classically encrypted files a target today, not at some future point.

Does a quantum-safe platform replace TLS encryption?

No, and the distinction matters. TLS 1.3 encrypts the transmission channel: it protects the file in transit. Once delivered, the file is readable again. CRYSTALS-Kyber file-centric encryption protects the document's contents persistently: the file stays encrypted after delivery, including on the recipient's device. The two protections are complementary, not alternatives.

Does NIS2 require a specific encryption algorithm?

No. NIS2 and the ACN Determination of April 13, 2026 require encryption appropriate to the risk, not a specific algorithm. In practice, that means at minimum AES-256 for data at rest and TLS 1.3 in transit. Adopting CRYSTALS-Kyber for file-centric protection addresses the adequacy requirement for data with long time horizons, where harvest-now-decrypt-later risk is concrete.

What does zero-knowledge architecture mean in practice?

It means encryption keys are generated and held by the client organization. The platform provider, in this case CyberGrant, has no access to the keys and therefore cannot open encrypted files. Even in the event of a provider-side breach, contents remain inaccessible. This architecture is relevant both for GDPR Article 32 compliance and for NIS2 data sovereignty requirements.

How do audit trails demonstrate NIS2 compliance?

The ACN Determination 127437 of April 13, 2026 requires compliance to be provable with data, not just declared. For document sharing, that means granular logs of every access event (opens, downloads, shares, denied attempts), recorded with timestamps, user identity, and device, tamper-proof and exportable for review. A file-centric protection system generates these logs by design: every interaction with an encrypted file produces a traceable event.

How is FileGrant Enterprise different from SharePoint or OneDrive for quantum-safe sharing?

SharePoint and OneDrive protect files while they remain on their platforms. Neither implements CRYSTALS-Kyber, guarantees persistent encryption after download, offers post-sharing revocation, or provides granular audit trails on interactions with downloaded files. FileGrant Enterprise works alongside SharePoint and OneDrive, it does not replace them. It adds file-centric CRYSTALS-Kyber protection for documents that leave the perimeter, heading to vendors, clients, and external counterparties.

What happens if a vendor I shared a file with gets compromised?

With file-centric protection, the exposure is fundamentally different from a traditional sharing scenario. The file is encrypted on the vendor's device with CRYSTALS-Kyber. An attacker who compromises the vendor's system finds files they cannot open without active credentials. If access needs to be revoked, revocation works retroactively: the file becomes inaccessible without physically retrieving the document. The audit trail logs every access up to the revocation and produces a record for compliance authorities.

 

Related reading

→ NIS2 and secure file sharing for Italian organizations: 2026 guide
→ Traditional DLP is obsolete: why NIS2 demands a new model
→ FileGrant Enterprise: file-centric protection for regulated industries

 

Sources
avatar
CyberGrant Team

You might also like