POST-QUANTUM CRYPTOGRAPHY FRAMEWORKS FOR SECURING GLOBAL CLOUD SYSTEMS

Abstract

This study addresses the emerging problem that quantum attacks can undermine classical public key cryptography that secures global cloud platforms, leaving long lived, cross border data at risk, and evaluates how far organizations have progressed toward post quantum cryptography (PQC) frameworks. The purpose is to quantify PQC framework maturity and its security, compliance, and performance implications in cloud and enterprise cases. Using a quantitative, cross sectional, case-based design, survey data were collected from 220 organizations that provide or consume multi region cloud services, with key informants in security, cloud architecture, and compliance rating Likert five-point items. Core variables included PQC awareness, adoption intention, regulatory and contractual pressure, security governance capability, perceived performance impact, PQC framework maturity, perceived quantum resilient security posture, perceived regulatory compliance, and perceived operational performance. Descriptive statistics, reliability and validity tests, Pearson correlations, and multiple regression models with sector, size, region, and deployment model as controls were applied. Results show moderate PQC maturity (mean 3.21) but higher awareness (3.68) and adoption intention (3.55). PQC maturity correlated strongly with quantum resilient security posture (r = 0.68) and regulatory compliance (r = 0.64), and significantly predicted both outcomes (β = 0.59 and β = 0.55, R² = 0.47 and 0.42). Regulatory pressure (β = 0.34) and governance capability (β = 0.18) were also significant drivers of maturity. These findings imply that building systematic, governance anchored PQC frameworks can measurably strengthen cloud security and compliance while maintaining acceptable performance, guiding prioritized, phased PQC migration for global cloud providers and enterprise users.