.png)
The Entropy Podcast
The Entropy Podcast is a cybersecurity, technology, and business podcast hosted by Francis Gorman.
Each episode features in-depth conversations with cybersecurity professionals, technology leaders, and business executives who share real world insights on cyber risk, digital transformation, emerging technologies, leadership, and the evolving threat landscape.
Designed for CISOs, IT leaders, founders, and professionals navigating today’s digital economy, The Entropy Podcast explores how organizations can adapt, innovate, and build resilience in an era defined by constant change, disruption, and geopolitical uncertainty.
The name Entropy reflects the growing complexity and unpredictability of cybersecurity and technology ecosystems and the strategic thinking required to thrive within them.
Topics include:
- Cybersecurity strategy, risk, and resilience
- Post Quantum readiness
- Emerging technologies and innovation (AI etc).
- Business leadership and digital transformation
- Cyber threats, regulation, and geopolitics
- Lessons learned from real-world experience
New episodes deliver practical insight, expert perspectives, and actionable knowledge so you stay informed, strategic, and ahead of the curve.
Buy Our Swag:
We now have some slick new swag you can purchase through our Esty store.
https://theentropypodcast.etsy.com
Watch and Subscribe
You can also watch full episodes and exclusive content on our YouTube channel:
www.youtube.com/@TheEntropyPodcast
Achievements
The Entropy Podcast delivered strong chart performance throughout 2025, demonstrating consistent international reach and listener engagement.
- Regularly ranked within the Top 20 Technology podcasts in Ireland.
- Achieved a Top 25 placement in the United States Technology charts, holding the position for one week.
- Charted internationally across multiple markets, including Israel, Belgium, and the United Kingdom.
This performance reflects sustained global interest and growing recognition across key podcast markets.
Audio Quality Notice
Some episodes may feature minor variations in audio quality due to remote recording environments and external factors. We continuously strive to deliver the highest possible audio standards and appreciate your understanding.
Disclaimer
The views and opinions expressed in The Entropy Podcast are solely those of the host and guests and are based on personal experience and professional perspectives. They do not constitute factual claims, legal advice, or endorsements, and are not intended to harm or defame any individual or organization. Listeners are encouraged to form their own informed opinions.
The Entropy Podcast
Quantum Risk: The Boardroom’s Blind Spot with Brian Couzens
Use Left/Right to seek, Home/End to jump to start or end. Hold shift to jump forward or backward.
This episode re-frames post-quantum cryptography (PQC) from a technical future risk into a present-day governance failure. Brian Couzens argues that quantum computing did not create the cryptographic problem organizations face it exposed it.
For decades, cryptography has operated as an invisible layer of digital infrastructure: unmanaged, unowned, and largely unmapped. Boards assumed it “just worked.” Now, with the reality of Harvest Now, Decrypt Later and long-lived data exposure, that complacency has turned into structural risk.
The core message is clear: this is not an algorithm upgrade problem. It is a fiduciary accountability problem.
Cybersecurity is operational. Cryptography is structural. If the structural foundations are weak, no amount of detection, patching, or response will compensate. And when encrypted data is intercepted today and decrypted in the future, the accountability does not sit with IT it sits with the board.
Waiting for a definitive quantum timeline is not strategy. It is delay. And delay in this context may already constitute negligence.
Takeaways:
- Quantum Didn’t Create the Risk, It Exposed It. The real issue is the unmanaged cryptographic estate: no visibility, no ownership, no lifecycle governance.
- This Is a Governance Failure, Not a Technology Upgrade. PQC is often framed as an IT transformation. Brian argues it is a risk transformation that belongs at board and CRO level.
- Harvest Now, Decrypt Later Is a Present Exposure. If long-lived data is stolen today, future decryption eliminates any chance of remediation. You cannot “patch” broken cryptography after the fact.
- Compliance Is Not Protection. Regulation governs algorithm choice, not lifecycle management, exposure windows, or migration timing. Organizations can be compliant on paper and exposed in reality.
SoundBytes:
- “Quantum didn’t create the problem. It exposed it.”
- “Crypto isn’t operational noise — it’s structural risk.”
- “You can’t patch broken cryptography.”
- “This isn’t a risk. It’s an issue. It’s going to happen.”
- “Compliance is static. Cryptographic risk moves.”
If you want to reach out to Brian you can find his detail over at https://sitg-consulting.com/
