About Addie LaMarr
I’m Addie LaMarr, a post-quantum cryptographer and the founder of LaMarr Labs.
The short version
Fifteen years in cybersecurity, eight of them as an applied cryptographer in the U.S. Air Force working COMSEC and INFOSEC on the systems national security actually runs on. I came up through the military’s specialized cryptography schools and worked across borders alongside allied forces, including the UK Ministry of Defence, the French military, and the Japan Air Self-Defense Force. In the years since I’ve advised federal agencies, including the FBI and the Department of Justice, on cryptographic risk, contributed to NIST policy, and keynoted internationally on the quantum threat.
Today I run LaMarr Labs, an independent post-quantum cryptography consultancy. I take security teams and their boards through the migration off the public-key cryptography that quantum computers will break, mapping their cryptographic risk, setting a defensible timeline, and building the plan their board will actually fund.
The role of history
The quantum transition is a cryptography transition, and cryptography carries 2,500 years of precedent that these conversations almost always ignore. When a room sits down to answer how long until a quantum computer breaks today’s encryption, it fills with physicists, vendors, and engineers, and there is never a historian at the table.
I’ve had the rare privilege of living inside that history. I spent years in the United Kingdom a short drive from Bletchley Park, where the breaking of Enigma stayed secret for 30 years after it turned the war. My Air Force service took me to Japan and to Iwo Jima, where the Navajo code talkers built the one code the other side never broke and helped win the battle. In Mexico City I’ve stood at the end of the line the Zimmermann Telegram traveled, the intercepted message whose decryption helped pull a nation into a world war.
Every one of those places teaches the same lesson in a different century: a code the world trusts completely, right up until the quiet day it fails, and the people who moved early are the ones left standing. My military background, and the range of it across countries, is what lets me read the quantum shift as the next chapter of a very old story.
On my own time I’ve spent years deep in the history of secrets, from the first substitution ciphers through Room 40, Enigma, and Venona. That history is the clearest teacher we have for what’s coming. Every cryptographic break in the record was invisible while it mattered, landed on a schedule no one could set, and rewarded the people who acted before they had proof.
That is the lens I bring to this Guide: the pattern is 2,500 years old, and once you can see it, the whole transition becomes something you already know how to prepare for.
Why I built this Guide
The post-quantum transition is the most consequential cryptographic shift of my lifetime, and most of what’s written about it is either buried under academic notation or dressed up to sell something. The people who actually have to carry the migration out, the CISOs, architects, and engineers, deserve a map that’s honest, complete, cited to primary sources, and genuinely readable.
So I published my own working notes as this Field Guide. It’s free, there’s no email gate, and every load-bearing claim traces to its source. When a vendor’s marketing and a NIST document disagree, the Guide tells you which is which.
The fuller story of why it exists lives in Why This Exists.
Speaking & Press

I speak internationally on the quantum threat and the post-quantum transition, putting a deeply technical subject into terms a board can act on.
Recent stages include:
- “The Quantum Threshold: How Quantum Computing Changes the Next Era of Power and Security”, a keynote at CyberNova, part of the SuperNova festival in Antwerp, Belgium, 2026, on what the quantum transition means for enterprise and national-security posture, and the governance decisions leaders need to make before Q-Day shows up in audit reports instead of conference sessions.
- Forum Global Quantum USA Summit, Washington, DC, 2026. Panel: Cyber Resilience in the Quantum Era, alongside leads from NIST, DTCC, and the U.S. State Department.
For speaking, podcasts, or press on post-quantum cryptography and cryptographic risk, email addie@lamarrlabs.com.
What I do
I run the post-quantum transition the way a cryptographer would: decided like a portfolio, proven like an audit. Most advice in this field comes from a vendor steering you toward its own product, or an academic describing the threat from the outside. I do the work with real clients, on their actual cryptographic estate, with no product to sell and no vendor relationships to protect, and you can verify that independence before you ever sign.
My perspective is unusual because I’ve worked both ends of this. I’ve been the person inside the machine room, transitioning real key-management infrastructure, and I’ve been the policy writer and the advisor briefing CISOs on what to do about it. So I weigh the human and organizational reality of the transition alongside the cryptography, because that’s where it actually stalls: ownership, internal resistance, and the people whose expertise suddenly feels obsolete. I plan for that from the first week instead of discovering it halfway through.
The “decided like a portfolio” half runs on game theory. Rather than rank algorithms in a spreadsheet, I model your choices as a budgeted portfolio played against an adversary who adapts to whatever you deploy, and solve for the mix that keeps any single broken algorithm from taking your whole estate down with it. When your budget can’t reach the resilience it needs, the model shows which constraint is binding, how much more it takes to close the gap, and which moves to make first.
The “proven like an audit” half is my methodology: a repeatable framework that inventories where your cryptography actually lives, grades the evidence behind every finding, and produces the artifacts your regulator and board already expect, down to the risk memo and the plan of action. I assess, quantify, and govern the transition; execution stays with your team. What you walk away with is a set of decisions you can defend to an auditor, a board, and yourself.
LaMarr Labs runs three fixed-scope engagements, each built so the output survives contact with your board, your regulator, your engineers, and your vendors. Most organizations start with the baseline.
Quantum Risk & Cryptographic Exposure Baseline
Walk into the board meeting able to say exactly where you stand, prove it to a regulator, and decide what comes next.
- A cryptographic inventory (CBOM) of where your cryptography actually lives, graded by evidence
- Harvest-now-decrypt-later risk classification for your systems
- What you can migrate yourself versus what's locked behind a vendor
- A board-ready risk and investment memo
Quantum-Ready Cryptography Transition Blueprint
The whole transition becomes a plan your board can approve, your engineers can execute, and procurement can use.
- A full cryptographic inventory and a prioritized, business-scored risk model
- The recommended algorithm portfolio, weighted so no single break sinks the estate
- A vendor-autonomy gap analysis and a plan for what can't be upgraded in time
- A phased, board-ready roadmap and the governance model to run it
Quantum Risk Governance Retainer
The program stays current and defensible as NIST revises standards, vendors shift roadmaps, and the threat moves.
- Regulatory and standards monitoring for NIST, CNSA 2.0, and your sector
- Your governance operating model kept current
- Monthly board-level decision support
See how each engagement works at lamarrlabs.com/engagements, or request a briefing → to start a conversation.
Elsewhere
- LaMarr Labs → lamarrlabs.com
- Quantum Risk newsletter → lamarrlabs.substack.com
- YouTube — LaMarr Labs → youtube.com/@lamarrlabs
- LinkedIn → linkedin.com/in/addie-clark