Prototype — for demonstration purposes only This dashboard and the information within were developed as a prototype to demonstrate concept and format. Its contents have not been fully vetted or independently verified and should not be relied upon for decision-making purposes.
{{ viewCrumb }}

{{ viewTitle }}

Analyst estimate
As of
Q2 2026
Post-quantum readiness is not publicly disclosed by these organizations. Scores are analyst estimates inferred from observable signals (public crypto posture, NIST / CNSA alignment, cloud platforms, certifications, disclosures) and carry a stated confidence. Use them as a directional planning aid — not as audited fact.
For executives · Start here

The encryption that protects our data has an expiration date.

Quantum computers, once powerful enough, will break the cryptography (RSA and elliptic-curve) that secures today's networks, software updates, and stored data. Governments have already published the replacement standards. This dashboard shows how ready Caterpillar is for that transition, how we compare to competitors, and where our most critical suppliers stand — so leadership can act before the deadline, not after a breach.

The threat

A future quantum computer could crack the math behind today's encryption in hours. Every system that relies on it — VPNs, websites, signed firmware, stored secrets — becomes vulnerable at once.

Why it matters now

"Harvest now, decrypt later." Adversaries can steal encrypted data today and decrypt it once quantum computers arrive. Caterpillar's designs, IP, and contracts must stay secret for decades — so the clock has already started.

What good looks like

Know where we use cryptography, be able to swap algorithms quickly ("crypto-agility"), protect long-life data first, and hold critical suppliers to a credible migration plan — well ahead of the 2030–2035 deadlines.

How to use this dashboard

Each section answers one executive question. Click a card to jump in.

How to read the readiness scores

Every organization is placed on a 0–100 scale and one of five maturity stages. Higher is better.

{{ s.name }} {{ s.range }}
Confidence labels matter. A score marked Low confidence rests on thin public signal — treat it as a prompt to ask the organization directly, not as a verdict. Nothing here uses confidential or organization-supplied data.
{{ k.label }}
{{ k.value }} {{ k.unit }}
{{ k.foot }}

Caterpillar readiness profile

Composite of six post-quantum migration dimensions
{{ catOverall }}
/ 100
{{ catStage }}
Strong IT governance and a heavy cloud footprint, but cryptographic discovery, crypto-agility, and the vast OT / telematics estate remain largely unaddressed.
Confidence: Low · peer rank #{{ catRank }} of 6
{{ d.name }}
{{ d.score }}
Why this matters

A "42" is not a grade — it's a head start that isn't being used yet.

Caterpillar has the governance muscle to migrate well, but the work hasn't started in earnest. The weakest dimensions — algorithm adoption and crypto-agility — are exactly the ones that take the longest to fix across machines and embedded systems.

The single highest-value move right now: inventory where we use cryptography and identify our longest-life secrets. You can't protect what you can't see, and the data stolen today is the data decrypted in 2032.

Peer benchmark

Detail
Estimated readiness · heavy-equipment sector
{{ c.rankLabel }} {{ c.name }}
{{ c.score }}

Third-party exposure

Detail
{{ tpCount }} observable relationships scored on criticality & readiness
{{ exposureCount }}
Critical / High vendors below 65 readiness
{{ readyCount }}
Vendors quantum-ready (≥80)
{{ medianTp }}
Median vendor readiness
Highest exposure
{{ t.crit }} {{ t.name }} {{ t.cat }} {{ t.score }}
{{ catOverall }}
/ 100
Post-quantum readiness

Caterpillar is in the Assessing stage

Strong enterprise IT governance and a heavy cloud footprint give Caterpillar a credible starting position. But a formal cryptographic inventory, crypto-agility across its OT, embedded and telematics estate, and adoption of NIST's finalized PQC algorithms are not yet evident. The gap to quantum-ready is wide, and the engineering-IP attack surface is unusually long-lived.

Stage 2 of 5 · Assessing {{ catGapPts }}-pt gap to ready Confidence: Low

Readiness by dimension

Each scored 0–100 against a crypto-agility maturity rubric
{{ d.name }} {{ d.score }} · {{ d.stage }}
{{ d.note }}
Why this matters

Think of these six dimensions as a chain. Governance (our strongest) sets direction, but readiness is only as good as the weakest link — and ours are the hands-on ones: knowing where crypto lives and being able to change it.

Machines, controllers, and telematics units stay in the field for 10–20 years. Whatever crypto ships in them today, we live with for a long time — so embedded migration must start now, even though the deadline looks far off.

Recommended migration roadmap

A defensible path to quantum-ready
{{ r.window }} {{ r.status }}
{{ r.title }}
{{ r.detail }}

Heavy-equipment sector — estimated readiness

Caterpillar ranks #{{ catRank }} of 6. The whole sector trails technology and financial industries; no peer is quantum-ready.
{{ c.rankLabel }} {{ c.name }} CAT
{{ c.score }}
{{ c.stage }}
Why this matters

Being mid-pack in a slow field is still a risk — not a comfort.

The benchmark answers "are we behind our competitors?" The honest answer: the entire sector is behind. No rival has solved this, which means there's a real window to lead — quantum-safe practices can become a procurement and trust differentiator with customers and dealers.

It also means we can't lean on suppliers or peers to drag us forward. The pull will come from regulators, large customers, and our cloud providers — covered in the timeline and third-party views.

Competitor detail
Company Readiness Stage Confidence Observable signal
{{ c.name }} {{ c.score }} {{ c.stage }} {{ c.conf }} {{ c.note }}

Exposure quadrant

Relationship criticality × PQC readiness. Hover a vendor for detail; click a level to filter.
PQC readiness →
Exposure zone Critical & ready
{{ p.short }}
{{ p.name }} {{ p.score }}
{{ p.crit }}{{ p.cat }}
{{ p.note }}
Relationship criticality to Caterpillar →
Why this matters

Our data is only as confidential as our weakest critical supplier.

The lower-right "exposure zone" is where the danger concentrates: vendors we depend on heavily, who are not yet quantum-safe. The big cloud providers are actually ahead of us — the risk sits with embedded, telematics, and mid-tier operational suppliers.

Whatever confidential data those vendors hold inherits their readiness, not ours. A perfectly migrated Caterpillar still leaks if a critical supplier is breached and harvested.

Action: put contractual PQC commitments and roadmaps into critical-vendor agreements, and reduce concentration on any single lagging provider.

Third-party register ({{ tpCount }})
Vendor Category Criticality {{ critArrow }} PQC readiness {{ readyArrow }} Stage Conf. Observable signal
{{ t.name }} {{ t.cat }} {{ t.crit }}
{{ t.score }}
{{ t.stage }} {{ t.conf }} {{ t.note }}

The post-quantum timeline

From the first warnings to hard regulatory deadlines. Click any milestone to see what happened and what it means for Caterpillar.
{{ t.year }} {{ t.tag }}
Caterpillar today — Assessing (2026). The standards are final and providers are shipping support; the work of turning it on and migrating the fleet has barely begun.
{{ tlSel.year }}

{{ tlSel.title }}

{{ tlSel.detail }}

What this means for Caterpillar

{{ tlSel.impact }}

The deadline is closer than the calendar suggests

2030–2035 sounds distant, but machines sold today stay in service that long, and data stolen today can be decrypted then. For long-life assets and long-secret data, the practical deadline is now.

Questions for the leadership team

Post-quantum readiness is a business-risk decision, not just an IT project. Use these prompts to pressure-test our own posture and what we must demand of critical partners. If we can't answer one confidently, that's where to direct the next assessment.

{{ q.title }}

{{ q.stakes }}
{{ qi }}
The bottom line

Three ways this lands on the business

Confidentiality

If designs, pricing, and IP are decrypted by a competitor or state actor, we lose the differentiation that took decades to build — quietly, with no breach alarm.

Integrity

If software and firmware signatures can be forged, the trust in every update breaks — a safety, recall, and product-liability problem across the connected fleet.

Market position

Regulators and large customers will require quantum-safe practices. Migrating early is a credential; migrating late is a contract risk and a competitive disadvantage.