On 22 and 23 April 2026, the Hotel Zenith Conde Orgaz in Madrid hosted the second edition of the Introduction to Quantum Computing and Post-Quantum Cryptography Course organized by EADTrust

During two intensive working days, a group of professionals — lawyers, economists, financial directors, compliance officers, and engineers — built a Bloch sphere with their own hands, executed real quantum circuits in IBM Composer, and understood why RSA and ECC are living on borrowed time. This is the chronicle of what happened.

Why does EADTrust organize a course on quantum computing?

The answer is straightforward: because quantum computing is not an abstract future threat. It is a threat with timelines, approved standards, and regulations that are already in force.

What we call the “cryptocalypse” — the moment when a quantum computer becomes capable of breaking the asymmetric cryptography algorithms that currently protect payments, contracts, certificates, and communications — is, according to every technical and regulatory indicator, a question of when, not if.

NIST has already published the first post-quantum cryptography standards. ENISA is actively promoting adoption initiatives. Spain’s CCN has issued guidance so that essential and critical entities can achieve a state of Quantum Readiness. And organizations such as ETSI are actively working on standardization.

As a Qualified Trust Service Provider (QTSP), EADTrust has the responsibility to bring this technical and regulatory reality to the teams that need to make decisions now. That is the origin of this course.

The International Year of Quantum Science and Technology

This second edition arrives at a particularly relevant moment. The year 2025 was declared the International Year of Quantum Science and Technology by the United Nations through Resolution 78/287, adopted on 7 June 2024, to commemorate the centenary of quantum mechanics. The initiative was supported by nearly 300 organizations.

At the same time, 2025 brought concrete advances: Microsoft announced the first commercial quantum computer with 24 logical qubits operating in the cloud, IBM and AMD formalized a partnership to integrate quantum computing with classical supercomputing, and Gartner projected a 9% increase in global technology investment focused on disruptive technologies such as quantum computing.

EADTrust had already organized the first edition of this course on 12 and 13 November 2025, marking the beginning of a series of activities that will include quantum programming workshops and methodologies for assessing the use of cryptography within organizations. The April 2026 edition consolidates that journey.

The speakers: who was in the room

The course featured four speakers with complementary profiles, covering the full spectrum of the quantum challenge: from physical fundamentals to regulatory implications and market applications.

Jorge Christen is a quantum computing expert with extensive international experience designing solutions for the financial industry. He is the creator of the ENSAR methodology — the pedagogical framework structuring the entire first day — and a professor at the University of Monterrey, where he has delivered quantum computing training in Mexico, the United States, and Spain.

Antonio Peris is co-founder of QCentroid, a company specializing in quantum computing applications for sectors such as healthcare, energy, finance, and industry. His background combines computer science, marketing, and management, with a focus on building collaborative environments that accelerate quantum innovation.

Ainhoa Inza is Director of Professional Services and Compliance at EADTrust. She has led the TCAB (Trust Conformity Assessment Body), is an expert in eIDAS auditing, cybersecurity, digital identity management, cryptography, blockchain, and GRC, and holds the CISA (Certified Information Systems Auditor) certification.

Julián Inza is President of EADTrust and a specialist in cryptography and cybersecurity. He has collaborated with several Trust Service Providers and served as an evaluator for providers within TCAB. During the course, he led the module on international initiatives for the standardization of post-quantum algorithms and adoption strategies.

Day 1 — From Planck to IBM Composer: building a qubit with your own hands

The first day, led by Jorge Christen, started from an unusual point for a technical course: the history of physics.

From the predictable universe to the quantum universe

At the end of the nineteenth century, physics seemed almost complete. Newton’s laws and Maxwell’s electromagnetism described a predictable and orderly universe. But a group of visionary minds — Max Planck, Albert Einstein, Niels Bohr, Werner Heisenberg, and Erwin Schrödinger — dared to challenge the established view. Quantum physics was born: a science where light can behave as both particle and wave at the same time, where particles may exist in several places simultaneously, and where randomness governs the core of matter.

Jorge Christen used this historical journey not as decoration, but as a pedagogical framework. Before speaking about qubits, attendees needed to understand why quantum reality is counterintuitive — and why that matters for cryptography.

The ENSAR methodology: when physics becomes tangible

The distinctive element of the first day was the application of the ENSAR methodology (Experience, Name, Speak, Apply and Repeat), created by Jorge Christen himself to enable people with no prior knowledge of quantum physics to understand and operate quantum computing systems.

The method is not theoretical. Participants worked with the IQC Kit (Introduction to Quantum Computing), a set of physical materials through which they progressively built mechanical representations of highly complex concepts. Superposition, entanglement, and the Bloch sphere — concepts that appear abstract on paper — became physically manipulable in the hands of every attendee.

The technical path of the first day covered the foundations of quantum computing (qubits, superposition, entanglement, the Bloch sphere, quantum gates, and circuits), the use of a real quantum computer through IBM® Composer, and a review of the current state of the art in quantum technologies and platforms. Attendees used Dirac notation and incorporated quantum gates such as the Hadamard gate into their own circuits.

The level of feedback was exceptional. Lawyers, economists, engineers, and professionals from public administrations, banking, and insurance sectors — without a single previous hour of quantum physics training — finished the first day having executed their own circuits on a real quantum computing platform.

Day 2 — From the quantum market to the cryptocalypse: what can no longer wait

The second day was denser, more regulatory, and for many attendees, the most urgent. The order was: first Antonio Peris, then Ainhoa Inza, and finally Julián Inza. The day ended with certificate delivery and a long conversation that was never part of the official program.

Antonio Peris (QCentroid): what is already happening in the quantum market

The opening session of the second day was delivered by Antonio Peris, co-founder of QCentroid, who placed quantum computing within its real market dimension. Far removed from science-fiction narratives, Peris offered a practical perspective: which sectoral applications quantum computing already has, in which industries it is first taking root — healthcare, energy, finance, and industry — and why this is no longer merely a laboratory conversation but a matter of investment and strategic decision-making.

QCentroid operates precisely in that space: applying quantum computing to sectors where computational performance has direct consequences for business outcomes.

Ainhoa Inza: the complete technical and regulatory map

Ainhoa Inza led the module connecting the quantum threat with the technical and regulatory response. Attendees received the complete picture: from the quantum algorithms with the greatest impact on cryptography — especially Shor’s algorithm, capable of factoring integers in polynomial time, and Grover’s algorithm — to the first approved standards and regulations already in force.

On the technical side, Ainhoa presented the post-quantum standards already published by National Institute of Standards and Technology (NIST):

• ML-KEM (FIPS 203): a key encapsulation mechanism based on Module-Lattice cryptography.
• ML-DSA (FIPS 204): a digital signature scheme based on Module-Lattice cryptography (previously known as Dilithium).
• SLH-DSA (FIPS 205): a stateless hash-based digital signature scheme (previously known as SPHINCS+).

Google and Microsoft have already implemented these algorithms in Chrome, Azure, and BoringSSL. ETSI has published European technical specifications aligned with them. Spain’s Centro Criptológico Nacional (CCN) has issued guidance for the ENS. The transition is not a theoretical roadmap: it is a process already underway.

On the regulatory side, Ainhoa Inza developed the framework of obligations directly affecting the organizations present:

• DORA (Digital Operational Resilience Act): in force since January 2025, it requires the senior management of financial entities to manage ICT risks, conduct resilience testing, and report incidents within 24–72 hours. Fines can reach up to 2% of global annual turnover.
• NIS2: expanded to essential and important entities (energy, healthcare, transport, digital services), and transposed into national law since October 2024. Penalties can reach up to €10 million or 2% of turnover for essential entities.
• eIDAS 2: establishes the framework for European Digital Identity Wallets (EUDI Wallet) and qualified trust services. It requires certification, breach notification within 24 hours, and annual audits.
• Cyber Resilience Act (CRA): requires manufacturers, importers, and distributors of products with digital elements to report vulnerabilities within 24 hours and guarantee updates for five years. It enters into force in 2027, with penalties of up to €15 million or 2.5% of turnover.

Julián Inza: “There is urgency!”

Julián Inza closed the day with the session that, according to attendee feedback, stayed with them the most after leaving the room. His central message was precise: without a cryptographic inventory of what each organization currently has deployed, any migration plan toward post-quantum cryptography starts from the wrong premise. There is no crypto-agility without that starting point.

Julián developed the concept of “Harvest Now, Decrypt Later” (HNDL): adversaries capable of intercepting and storing encrypted traffic today in order to decrypt it once quantum computers become powerful enough. This turns the quantum threat into a present problem, not a future one: the data circulating today is already being harvested.

The European Commission published the document “EU coordinated approach to post-quantum cryptography: Implementation roadmap”, which establishes a phased and structured approach for adopting post-quantum cryptography across Member States, aligned with NIS2:

• Phase 1 (2023–2024): awareness and risk assessment.
• Phase 2 (2024–2025): planning and capability development.
• Phase 3 (2025–2027): implementation and testing.
• Phase 4 (2027 onwards): full adoption and monitoring.

Julián insisted on one point that remained etched in the room: “In 2026, 2030, and 2035, regulatory deadlines will arrive that technological reality could accelerate. There is urgency.”

The closing: discussion with attendees, debate, group photo

The second day ended in a way that was never part of the official agenda. After the certificate ceremony — accreditations documenting the 12 hours of training, the covered content, and the applied methodology — and the group photo, the conversation continued. The attendees did not want to stop.

The questions that emerged were no longer about qubits or Shor’s algorithm. They were about budgets, realistic timelines, and how to bring what had been learned into the board meeting the following Monday.

What the attendees said

Feedback from previous editions illustrates the impact of the format:

«Una formación fantástica, muy útil y aterrizada de la mejor manera para generar conocimiento sin una base sólida en el tema. Totalmente recomendable.» Juan Miguel

«Oportuna y desafiante formación. EADTrust ha hecho un gran esfuerzo para facilitar una comprensión a grandes rasgos del mundo cuántico y su impacto sobre la criptografía, de forma que se comprendan los desafíos técnicos, las exigencias regulatorias, y las opciones y roadmaps para que las organizaciones se preparen a tiempo. En 2026, 2030 y 2035 se cumplirán plazos regulatorios que la realidad tecnológica podría acelerar. Como insiste Julián Inza: “¡Hay prisa!”» Santiago Portela

«Tenía mis dudas por no tener conocimientos previos de computación cuántica, pero esta formación ha superado con creces mis expectativas. La primera parte con Jorge nos ha dado el contexto de la parte más técnica de manera súper amena y divertida. La segunda parte de Julián ha puesto de manifiesto la necesidad de empezar a planificar acciones para prevenir la criptocalipsis, ofreciendo una versión más práctica de cómo aplicarla.» María Reina

«Me ha parecido estupenda la formación; me fascinó cómo temas tan complejos los han sabido explicar en un lenguaje llano para que nos llevemos los conceptos importantes y, sobre todo, el camino a recorrer para estar preparados para “sobrevivir” a la computación cuántica. Recomiendo participar en esta formación.» Esley Sánchez

Frequently Asked Questions about the course

Next edition: April 2027

This was the second edition of the course. The next in-person edition is scheduled for April 2027 in Madrid.

If you cannot wait until 2027 — or if you need to assess the impact of quantum computing on your organization before then — the EADTrust team is available for a preliminary diagnostic session or to prepare an in-company training proposal.

The regulatory roadmap will not wait for the next course.