What CISOs Must Do Now About Quantum? | Interview with Andrew Gault
In this Secure and Simple Podcast episode, host Dejan Kosutic (CEO of Advisera) interviews Andrew Gault (CEO of ZeroTier) about how quantum computing could impact cybersecurity, especially encryption and identity. They explain key terms like post-quantum cryptography (PQC), Q-Day, cryptographically relevant quantum computers, and main threats, “harvest now, decrypt later” and “trust now, forge later.” Andrew outlines shifting timelines, citing U.S. CNSA 2.0 requiring quantum-resistant cryptography for new acquisitions after Jan 1, 2027, and broader conversion targets around 2029–2030, plus EU guidance aiming for critical sectors to be quantum resistant by ~2030 and others by 2035. They note PQC algorithms are standardized (e.g., NIST FIPS 203, ML-KEM), but the challenge is operational: inventory systems (“quantum bill of materials”), prioritize crown jewels, engage vendors, budget, and manage upgrades or mitigations for legacy systems, potentially using overlay networks.
Links from the episode:
- Conformio software to streamline and scale ISO 27001 implementation and maintenance for your clients: https://advisera.co/Conformio-software
- White label documentation toolkits for NIS2, DORA, ISO 27001, and other ISO standards to create all the required documents for your clients: https://advisera.co/page-all-toolkits
- Accredited Lead Auditor and Lead Implementer courses for various standards and frameworks to show your expertise to potential clients: https://advisera.co/Consultant-Courses
- Company Training Academy with numerous videos for NIS2, DORA, ISO 27001, and other frameworks to organize training and awareness programs for your client’s workforce: https://advisera.co/page-Company-Training-Account
- Beginner's Course for ISO, Cybersecurity, and AI Consultants: https://www.youtube.com/playlist?list=PLHwD3nQun7caKFq80LxNNYKIabATlyA7t
- How to Grow Your Cybersecurity, ISO, or AI Consultancy: Advanced Course:https://advisera.co/GrowYourConsultancyTraining
Links from the episode:
- Conformio software to streamline and scale ISO 27001 implementation and maintenance for your clients: https://advisera.co/Conformio-software
- White label documentation toolkits for NIS2, DORA, ISO 27001, and other ISO standards to create all the required documents for your clients: https://advisera.co/page-all-toolkits
- Accredited Lead Auditor and Lead Implementer courses for various standards and frameworks to show your expertise to potential clients: https://advisera.co/Consultant-Courses
- Company Training Academy with numerous videos for NIS2, DORA, ISO 27001, and other frameworks to organize training and awareness programs for your client’s workforce: https://advisera.co/page-Company-Training-Account
- Beginner's Course for ISO, Cybersecurity, and AI Consultants: https://www.youtube.com/playlist?list=PLHwD3nQun7caKFq80LxNNYKIabATlyA7t
- How to Grow Your Cybersecurity, ISO, or AI Consultancy: Advanced Course:https://advisera.co/GrowYourConsultancyTraining
- (00:00) - Interview with Andrew Gault
- (01:14) - Why Quantum Matters
- (04:05) - Quantum Terms Explained
- (06:05) - When Q Day Hits
- (07:00) - Deadlines and Industry Shifts
- (11:34) - NIST Approved Algorithms
- (14:35) - New Threat Models
- (16:34) - Why Companies Delay
- (20:30) - Quantum Bill of Materials
- (23:08) - Executive Priorities
- (28:49) - Vendor Roadmaps
- (30:31) - Customer Messaging Strategy
- (34:02) - CISO Role and Influence
- (35:37) - Modernization Opportunity
- (38:59) - Consulting Market Opportunity
- (40:47) - Action Plan and Wrap Up
- (42:23) - Resources for Consultants and CISOs
Creators and Guests
