The Entropy Podcast
Hosted by Francis Gorman, The Entropy Podcast brings together intelligence community veterans, post-quantum cryptography pioneers, CISOs, business leaders, and frontline practitioners for unfiltered conversations on the threats, complexity, and geopolitics shaping our world.
Past guests include former senior CIA officers, leading cryptographers, digital forensics experts, and security and technology leaders from across financial services, critical infrastructure, and government, voices rarely heard together in one place.
Each episode goes beyond headlines to explore how cyber risk, emerging technology, and geopolitical instability are reshaping the way organisations operate, compete, and defend themselves. Expect candid insight on quantum risk, nation-state threats, AI, espionage, financial crime, business resilience, and the human dimensions of leadership.
Designed for CISOs, board members, founders, technologists, policy thinkers, and the professionally curious, Entropy sits at the intersection of business, technology, and cybersecurity a space for genuine conversations with unique minds, the kind that don’t fit neatly into a press release.
The name Entropy reflects the growing complexity and unpredictability of the systems we depend on, and the discipline required to lead through them.
Disclaimer: The views and opinions expressed on The Entropy Podcast are those of the host and guests in their personal capacity and do not represent the views, positions, or policies of their respective employers, affiliated organisations, or any government body. Guest appearances do not constitute endorsement by the host, and the host’s commentary does not constitute endorsement of guests’ views. Content is provided for informational and educational purposes only and does not constitute professional, legal, financial, or security advice.
One of the topics I cover a lot on this show is post quantum readiness, I believe awareness of this emerging technology is key for a safer world into the future. To support this awareness I have built a free resource to help you explore the world of quantum and learn as you go. You can find it here: www.postquantumready.com
Buy Our Swag:
We now have some slick new swag you can purchase through our Esty store.
https://theentropypodcast.etsy.com
Watch and Subscribe
You can also watch full episodes and exclusive content on our YouTube channel:
www.youtube.com/@TheEntropyPodcast
Achievements
The Entropy Podcast delivered strong chart performance throughout 2025, demonstrating consistent international reach and listener engagement.
- Regularly ranked within the Top 20 Technology podcasts in Ireland.
- Achieved a Top 25 placement in the United States Technology charts, holding the position for one week.
- Charted internationally across multiple markets, including Israel, Belgium, and the United Kingdom.
This performance reflects sustained global interest and growing recognition across key podcast markets.
Audio Quality Notice
Some episodes may feature minor variations in audio quality due to remote recording environments and external factors. We continuously strive to deliver the highest possible audio standards and appreciate your understanding.
The Entropy Podcast
When AI, Crypto, and Quantum Collide with Dinesh Nagarajan
Use Left/Right to seek, Home/End to jump to start or end. Hold shift to jump forward or backward.
In this episode, Francis Gorman speaks with Dinesh Nagarajan, Global Partner with IBM Consulting Cybersecurity Services and IBM’s global lead for data and AI security and quantum-safe security, about the collision of three major enterprise shifts: AI adoption, cryptographic modernisation, and post-quantum readiness. Dinesh argues that AI will likely be the most consequential transformation because securing AI at enterprise scale depends on trust, and that trust ultimately depends on cryptography.
The conversation explores why many organisations still treat AI security, cryptography, and quantum readiness as separate programmes, even though they are becoming deeply interconnected. Dinesh explains that AI has captured attention from the boardroom to engineering teams in a way few previous technology waves have, which gives it momentum, budget, and organisational visibility. But that same momentum creates risk if security, cryptographic resilience, and post-quantum planning are not built into transformation programmes early.
The discussion then moves into sovereign AI, geopolitical dependency, and the enterprise risk of building core workflows on platforms that may become unavailable due to political, regulatory, or commercial decisions. Dinesh frames this as a strategic consideration for businesses, especially when AI tools become central to software development, automation, and competitive advantage.
The second half of the episode focuses on post-quantum cryptography. Dinesh outlines how organisations should approach quantum readiness: start with awareness, assess exposure from the board level down, establish a centralised programme or centre of excellence, and embed post-quantum requirements into procurement, legal, supply chain, architecture, and existing digital transformation initiatives. His core message is that PQC is not a one-off technical remediation exercise; it is a multi-year business transformation that must be governed as a strategic risk.
Key takeaways
- AI security is becoming a cryptography problem
AI at enterprise scale requires mechanisms to validate, verify, and trust agents, applications, and workflows. That trust layer depends on cryptography. - AI, crypto modernisation, and quantum readiness cannot stay separate
Many organisations currently treat them as three different programmes, but Dinesh expects them to converge quickly as AI infrastructure becomes dependent on cryptographic trust. - AI has unusual organisational momentum
Unlike previous technology waves, AI has captured attention from the C-suite down to engineers. That visibility can help fund and accelerate security work, including parts of the post-quantum journey. - Sovereign AI is becoming a serious boardroom issue
Enterprises need to consider what happens when a critical AI platform is restricted, withdrawn, or affected by geopolitical decisions. - Quantum readiness is not just an IT issue
PQC affects contracts, procurement, suppliers, cloud strategy, infrastructure, applications, data, and long-term transformation plans. - Boards need business-risk language, not cryptography language
Dinesh’s recommendation is to frame quantum exposure as strategic risk: revenue disruption, transformation risk, cost escalation, technical debt, and operational fragility. - The first move is not scanning; it is understanding exposure
Crypto inventory matters, but Dinesh argues the starting point should be a top-down view of how exposed the business model is to quantum-related disruption. - A centralised PQC capability is essential
Organisations need a programme team or centre of excellence that can create awareness, set direction, advise functions, and coordinate action across the enterprise. - Existing transformation programmes should pay the “quantum tax”
Rather than spinning up everything from scratch, organisations should embed PQC requirements into cloud migrations, digital modernisation, procurement cycles, and supplier renewals. - PQC is a five-to-six-year journey for many enterprises
Dinesh describes quantum readiness as a long-running transformation, not a vulnerability patching exercise.
Soundbites
These are polished for promotion and clips rather than strict verbatim transcript pulls.
“AI security is ultimately a trust problem and trust still comes back to cryptography.”
“The organisations that treat AI, crypto, and quantum as separate programmes are going to feel the collision later.”
“AI has done something unusual: it has captured the imagination of the boardroom and the engineer at the same time.”
“If every employee is going to use AI, then cryptography has to scale to that same level of adoption.”
“Post-quantum readiness is not a technology change. It is a business transformation.”
“The board does not need a lecture on algorithms. It needs to understand exposure, disruption, and strategic risk.”