The quantum computing era is fast approaching, threatening to shatter existing encryption and expose valuable data to the "harvest now decrypt later" strategy. This episode reveals how quantum certificates and hybrid cryptography are the essential defense. We break down the urgent need for crypto-agility, analyze the new NIST PQC standards, and provide the clear, practical steps your organization must take to begin migrating its PKI today. Tune in to secure your data's future.
We dive into the catastrophic organizational failures of the SHA-1 to SHA-2 migration, revealing why enterprises missed hidden certificates and suffered dependency shock. This historical scramble offers urgent lessons for the PQC transition. Learn how the "Harvest Now, Decrypt Later" (HNDL) threat necessitates immediate action, necessitating C-suite leadership, extensive PKI overhauls, and mandatory crypto-agility to counter quantum computers and meet the non-negotiable 2031 deadlines.
This is the story of how a single hacker brought down DigiNotar, a company trusted to secure national governments and millions of users online. In this episode of The Encryption Edge, we break down how weak security, a six-week cover-up, and one rogue certificate caused a global trust crisis, halted government services, and forced browsers like Google, Microsoft, and Mozilla to change the rules of the web forever. Learn how this breach led to Certificate Transparency, stricter browser rules, and faster-expiring certificates; the lessons that make the internet safer today.
This is the definitive guide. We break down the full NIST Post-Quantum Cryptography Migration Initiative and its strategic report, the CSWP 48 ipd. Learn how NIST has already mapped your PQC migration steps to both the Cybersecurity Framework and SP 800-53, giving you the immediate justification and plan you need to tackle the quantum threat and simplify your security job.
Building a resilient global payments platform just got a lot easier. In this episode, we dive into the major September 2025 announcement from AWS: the new Multi-Region keys for AWS Payment Cryptography. We break down how this game-changing feature automates key replication, eliminating the need for complex, custom frameworks. Discover how this no-code solution provides unbreakable availability, simplifies global operations, and gives you the peace of mind that your cryptographic foundation is built to withstand any challenge.
A security incident involving a mis-issued certificate for Cloudflare's 1.1.1.1 DNS service has exposed a serious vulnerability. We break down how an obscure Certificate Authority, trusted by Microsoft but not others, left Windows users exposed to a potential man-in-the-middle attack. Join us as we explore the deeper systemic issues at play, from the failure of automated monitoring to the broader pattern of governance failures in the Web PKI. We also discuss why this incident is a critical reminder of the dangers of passive trust and how new regulations like eIDAS 2.0 could make the problem even worse.
The quantum clock is ticking, and Canada has a plan. In this episode of The Encryption Edge, we break down the Government of Canada's new roadmap for transitioning its IT systems to post-quantum cryptography. We explore the three-phase strategy, from preparation and discovery to full-scale transition, and reveal the key milestones and deadlines set for federal departments. We'll also dive into a head-to-head comparison, examining the commonalities and key differences between Canada's approach and the European Union's PQC roadmap. Find out how two major global players are tackling the same quantum threat, and what their strategies mean for the future of digital security.
Microsoft's plan for quantum-safe security is here. In this episode of The Encryption Edge, we break down the company's comprehensive, multi-year strategy to transition its entire ecosystem, from Windows and Azure to its customers and partners into the quantum era. Discover the three key phases of their Quantum Safe Program and learn why this blueprint is a crucial guide for any business looking to protect its data before it's too late.
The clock is ticking on quantum computing, but how prepared is the web for the new era of encryption? In this episode of The Encryption Edge, host Wyatt Hackathorne explores the current state of PQC adoption. We reveal surprising disconnects between what's needed and what's being done, from lagging industries to unprepared browsers. Learn why the "harvest now, decrypt later" threat is a real danger, why some of the most popular websites are the least secure, and what organizations must do now to future-proof their data before it's too late.
In this episode, host Wyatt Hackathorne breaks down the new bipartisan National Quantum Cybersecurity Migration Strategy Act introduced in late July 2025. The bill, a critical follow-up to the June Executive Orders, mandates a coordinated national strategy for transitioning federal systems to quantum-safe encryption. Learn how this combined effort provides the U.S. with a clear roadmap to proactively secure its data against the looming threat of quantum computers.
The European Union has released a detailed roadmap to guide its transition to post-quantum cryptography, and it's set to impact organizations worldwide. In this episode of The Encryption Edge, Wyatt Hackathorne unpacks what the roadmap means, the urgent timelines it sets, and the concrete actions organizations should take today. From understanding the "store now, decrypt later" threat to preparing your supply chain and internal systems for cryptographic agility, this episode is your essential guide to navigating one of the most important shifts in cybersecurity.
A seismic shift is hitting the digital certificate landscape. Google has announced strict enforcement of Extended Key Usage (EKU) policies for all certificates in the Chrome Root Store, effective June 15, 2026. This means the days of using a single TLS certificate for multiple purposes, like client authentication, internal microservices, or code signing, are numbered. In this episode of Encryption Edge, we explore how this update, paired with the new 47-day maximum certificate lifespan, is forcing enterprises to rethink everything from certificate architecture to lifecycle management.
Key Takeaways:
Part 2 of our PQC Readiness Series picks up right where we left off. We kick things off with a round of rapid-fire questions to get Parna’s unfiltered takes on key PQC topics—from algorithm preferences to what most organizations are still getting wrong. Then, we shift gears and dig into questions submitted by our listeners. From practical implementation timelines to the impact of NIST’s standardization, we cover the real concerns and curiosities facing today’s security leaders. Whether you’re just starting your quantum-readiness journey or deep into strategy, this episode brings clarity to the complexities ahead.
In this first of a two-part series, we explore what post-quantum cryptography (PQC) readiness really looks like across different industries. I’m joined by our Security Architect and PQC advisor, Parna, as we break down how sectors like finance, healthcare, manufacturing, and tech are approaching the quantum threat. From cautious optimism to full-speed planning, we’ll talk about the varying levels of urgency, the barriers to adoption, and why a one-size-fits-all approach just doesn’t work.
AI is everywhere—from your inbox to your code editor—and it's making life easier. But at what cost? In this episode, we unpack how AI is silently reshaping our personal habits and professional workflows. From developers unknowingly leaking code into ChatGPT, to employees letting AI do the thinking for them, we ask: are we using AI too much—or just not wisely enough? Tune in for a human take on the invisible ways AI is changing the way we live, work, and think.
The era of long-lived certificates is coming to an end. With lifespans set to drop to 200 days this year—and just 45 days by 2027—it’s time to rethink how we manage digital trust. In this episode, we break down what these changes mean, why it matters now, and how to prepare without falling behind. Shorter certs aren't just a technical shift—they're a new way of thinking about cybersecurity.
FIPS 140-3 marks a significant shift in cryptographic security standards, but how does it differ from 140-2 and 140-1, and why is compliance so important? In this episode, we explore the history of FIPS, the key updates in 140-3, and what they mean for organizations. We also discuss the steps companies need to take to achieve compliance and the impact these changes have on security and risk management. Whether you're just getting started or looking to stay ahead, this episode has you covered.
In this episode, we explore the key trends in encryption for 2025, focusing on Post-Quantum Cryptography (PQC), the role of AI in enhancing encryption, and the evolving challenges of securing data in the cloud. Tune in for insights on how these innovations are shaping the future of data protection.
