Security Weekly Podcast Network (Video)

With Q-day getting closer, regulatory guidance pushing firms to migrate to quantum security in the next five years, and an extensive remediation backlog waiting to be discovered, security leaders must start their quantum security migration today. Easier said than done. In this Say Easy, Do Hard segment, we discuss the quantum-safe journey using a framework for crypto-agility.
In part 1, we define cryptographic agility, or crypto-agility for short, and why it's important. Crypto-agility is not just about transitioning to quantum-safe cryptography in the nimblest way possible, and it's not something that can be achieved merely by updating encryption algorithms and protocols. Instead, you need to adapt your organization's cryptographic architecture, automation, and governance to allow for greater control and flexibility.
In part 2, we discuss a framework for discovery, prioritization, and remediation while keeping crypto-agility in mind. A quantum-safe journey requires:
Inventory of Systems With Non-Quantum-Safe Algorithms And Protocols
System Prioritization, Leading To A Migration Roadmap
Remediation, Including Vendors And Partners
Once a distant possibility, Q-Day is quickly approaching. Are you ready for 2030?
Segment Resources:
https://pqcc.org/wp-content/uploads/2025/05/PQC-Migration-Roadmap-PQCC-2.pdf
https://pqcc.org/wp-content/uploads/2025/06/PQCC-Inventory-Workbook.xlsx
https://qramm.org/learn/cryptoscan-guide.html
https://research.ibm.com/blog/quantum-safe-cbomkit
Show Notes: https://securityweekly.com/bsw-440

Rinoa Poison joins Security Weekly News to break down the world of scam baiting, how modern scams are evolving, and why AI is making fraud harder to spot. In this two-part conversation, she shares how scam baiters operate, the risks involved, and what everyday people should know.
Show Notes: https://securityweekly.com/swn-566

So much of appsec's efforts can be consumed by vuln management and a race to patch security flaws. But that's more a symptom of the ease of scanning and the volume of CVEs. Erik Nost walks through the principles behind proactive security, why the concept sounds familiar to secure by design, and why organizations still struggle with creating effective practices for visibility.
Resources
https://www.forrester.com/blogs/proactive-security-platforms-will-cumulate-visibility-prioritization-and-remediation/
Show Notes: https://securityweekly.com/asw-375

Interview with Kara Sprague - The AI Fix for Infrastructure's Oldest Security Risks.
Critical infrastructure, often built on decades-old systems and legacy code, remains vulnerable to cyberattacks. From pipelines and energy grids to transportation networks, we break down where critical infrastructure is vulnerable and how AI could potentially help strengthen defenses.
Interview with Mike Privette - The State of the Cybersecurity Market
Here at ESW, we use Mike Privette's Security, Funded newsletter to prepare for every news segment. His newsletter covers the latest fundings, acquisitions, public market performance, layoffs, and other pertinent market details every week. We particularly enjoy the weekly Vibe Check.
In this interview, he joins us for the third year in a row, to discuss the most interesting insights from his annual State of Market Report.
Post recording Adrian here: Whooooo, so this conversation was SO good, I decided to punt the news segment in favor of a part 2 with Mike, so enjoy!
Also, though I punted the news segment, I did collect these stories and annotated them, so I think there's still some value in leaving them in the show notes. Scroll down for the links and my comments on each of these!
Weekly Enterprise News
Finally, in the enterprise security news,
funding announcements seem to be ramping up before RSA
Should security architects be shifting right?
How McKinsley's AI platform got hacked… by AI
Amazon is having a bad time with AI lately
Europe announces a Google Workspace/Microsoft 365 replacement
Robot dogs are apparently guarding datacenters now
Some much needed security humor in our squirrel stories before we all fly to San Francisco and lose our minds for a week
All that and more, on this episode of Enterprise Security Weekly.
Show Notes: https://securityweekly.com/esw-451

Macbeth, Ahab, Peewee Herman, Microsoft, Zoom, Vibe Hacking, SharePoint, Meta, AgeID, Josh Marpet, and More on this episode of the Security Weekly News.
Show Notes: https://securityweekly.com/swn-565