[00:00:00] Speaker A: I would say it's not a sprint. It's going to be a marathon. The sooner you start preparing or at least understanding what you have ahead of you, the better, because then everybody's going to be competing for the same talent.
[00:00:17] Speaker B: This is kvcz.
[00:00:18] Speaker A: I'll be completely silent.
[00:00:20] Speaker B: As a primary target for ransomware campaigns.
[00:00:22] Speaker A: Security and testing, and performance and scalability.
[00:00:25] Speaker C: Risk and compliance, we can actually automate that, take that data and use it.
Joining me now is Marco Pereira, executive vice president and global head of cybersecurity at Capgemini. And today we're discussing the day encryption breaks. Are we ready for quantum threats? So, Marco, thanks for joining me and welcome.
[00:00:46] Speaker A: It's a pleasure to be here. Thank you for having me.
[00:00:49] Speaker C: Now, for those of you who don't know, Marco was recently out here in Australia, so he was speaking with clients in Sydney and Melbourne. I had the pleasure of meeting Marco recently in person and. And you had given a little bit of presentation at the dinners, and one of which I had hosted. And one of the things you should have said to me was like, quantum is like something that perhaps people in Australia just, like, weren't ready for. So maybe just to give a little bit of context and give a bit of a lay of the land, I'm curious maybe to start with, what sort of happens the day that encryption breaks.
[00:01:23] Speaker A: Before we can really explain that, I think we need to understand a little bit how the Internet works. So in the 80s, when the Internet was kind of created and started being used, everything was basically in plain text. There was just no encryption whatsoever. Then in the 90s, we started creating encryption, you know, SSL and then TLS, which are used to encrypt communication. So when you look at your browser and if you see the padlock, it means that encryption is working in the background. Now, basically, this encryption is leveraging an algorithm called RSA, which was created in the 70s by Rivas, Shamir and Adeline. And it is an algorithm that relies on the factorization of very, very large prime numbers.
And a classical computer would take thousands or millions of years to break this algorithm. So it is so safe that we just started using it everywhere. Encryption is now completely ubiquitous. It's used to protect your browsing, your email, your financial transactions, your social media.
This recording is being used, a web platform that is going through this level of encryption. So all our digital lives and all our digital economy is relying on this encryption. Now what happens is that in the meantime, quantum computers are starting to get better and better and better. And if there is something, it's always happening in computer science is the speed and the pace that computing just keeps getting better and computers keep getting faster and faster and faster. Now with the rise of AI, we just see that immense compute power and the need for even more electrical power just to fuel all this computing. So the key thing is that once we have quantum computers with sufficient power, this algorithms, all that we have been using up until now, which are super robust and super safe, will eventually are going to be breakable. Not just in a matter of thousands or millions of years, but potentially hours.
And this is the key thing, and that's what we call the Q Day day, that the compute, the quantum computers have enough computing power to very easily break in matter of hours.
All this encryption that we have been using for the last 30 years.
So some people even consider this event way bigger than what happened in the year 2000 where we had Y2K. And that's the analogy with QDay. And some even go a little bit further. If we do nothing, this could be cyber Armageddon and the collapse of the digital economy and our digital lives.
[00:04:39] Speaker C: Okay, there's a lot in there, so I'm curious then to understand.
So as I mentioned before, when you're out here in Australia, more specifically, just to give a bit of an example, why do you think people are just not maybe ready to hear about quantum. Is it because everyone's talking about AI and now it's like, oh, we have to change our mindset to think about AI and now it's like, oh, now we're getting people to push us even more to think about quantum. And you think people, what is it? Are they overwhelmed or what would be the reasoning would you attribute people not perhaps wanting to hear about it?
[00:05:10] Speaker A: It's because there is not a specific date. We don't have a specific date on when it's going to happen.
Right now the only example we have of a quantum computer breaking RSA encryption is from last year, but the key size was very, very small, only 22 bits.
So some organizations think that we might be more than 25 years away. And that's for there is no sense of urgency while other organizations think that it could happen in the next three years to five years.
So just to give an example, this month Capgemini published in our Capgemini Research Institute a research around post quantum cryptography. And we interviewed more than a thousand organizations, all them pretty large organizations, over a billion dollars of revenue and roughly 17% of all the companies we talked, they're saying they expect Q day to be in the next five years.
So the key reason, you know, in change management, first thing you need to do is create a sense of urgency because there is not a real specific date. The ones that are more worried are acting sooner and faster because they assume that Q day is going to happen in the next three years or five years, while others think it's just 20 years away. So I think the more relaxed you are about this, it kind of reflects on how soon you start to prepare. That's the key element. We don't really know the specific date.
[00:06:49] Speaker C: So given the report and probably what you're doing day to day in your role, would you say we're probably closer more to the five years or the three years if you had to make an assumption?
[00:06:57] Speaker A: I think if we look to what European Union just released and usually they are the first ones to drive regulation. We saw this with GDPR on privacy. They published last month roadmap for transitioning to post quantum Cryptography. And one of the requirements is, is for what they consider high risk cases, the transition must be completed by the end of 2030.
So that means that they believe, and that's why they created a roadmap with this date, that at least for very high risk organizations, that they must be ready in the next five years.
So I think this is the best way to reflect on potentially the capability we're going to have from a quantum computer in the next five years. Right. Otherwise they wouldn't be issuing such a tight deadline for high risk cases.
[00:07:55] Speaker C: Okay, so I want to open up a couple of things that you said which is interesting. So what happens if no one has any sense of urgency by 2030?
[00:08:05] Speaker A: Well, so first, what happens today? You don't need to wait for the quantum computer, right? You can be collecting all, collecting all the information that can be later be decrypted once the quantum capability is there. If there is something we have learned, especially when we look to the Snowden revelations in 2013, the mindset of intelligence agencies or very, very sophisticated threat actors is this mindset. And this was published at a time, you know, call analyze all. So I'm, if I had to guess, I'm pretty sure that is happening right now that either intelligence agencies or very sophisticated state sponsored threat actors, they are already collecting vast amounts of encrypted information so that when, this is not a matter of if, it's a matter of when, when the quantum capability is there, they're able to go back and decrypt all this information.
So this is the first first element, if we do nothing, as I mentioned, this is the collapse of our online safety because everything is relying on these algorithms. They are so, so ubiquitous and we use them everywhere. That the change, the amount of change we have to do in hardware, in software, eventually compiling thousands of applications by leveraging these new types of encryption, reissuing old digital certificates, the amount of work we have ahead of us is just immense.
So what is going to happen for those that are delaying is that when we, when the threat becomes more imminent and everybody realizes, oh, my God, this is going to happen in the next two or three years, everybody's going to raise for the same people and the same resources that have the expertise on how to do this.
So preparation is the source for successful, any successful outcome. And the same thing happens here, right? The sooner organizations start preparing, the better.
The more they delay, the more risk they have that once we reach Q Day, they are just not going to be ready. And all their communications can be intercepted, all their communications can be made accessible.
[00:10:36] Speaker C: So going back to the sense of urgency, so if we look at history, you know how people say history repeats itself, do you think there was a sense of urgency with AI? Because people would claim, like, oh, well, then all of a sudden we Woke up and ChatGPT became ubiquitous at the end of 20.
And yes, people talk about AI and AI has been around for a while. So do you think that something's just going to hit people in the face with Quantum, Then it's like, oh, well, now it's here. Or how do we sort of create that sense of urgency?
[00:11:04] Speaker A: Yeah, so this happens all the time if we think about cloud, right? When cloud computing started becoming more mainstream originally a lot of security practitioners were kind of fighting moving things into the cloud and public Cloud became so secure and so safe. And when we realized, oh my God, all our most critical information is already in the cloud, email and all our shares. So cloud computing just hit us in the face really, really quickly. Took a little bit longer than AI. AI was all of a sudden, like from one year to the other. The adoption was just absolutely massive.
With Quantum, what is going to happen is very similar.
We're going to be. Suddenly we're going to realize, oh, we're just going to be one or two years away from having this capability. And that time everybody's going to start racing to try to solve the problem. And as I mentioned, the problem is not trivial to solve. This is not a product you buy. This is not just one thing you're going to change because encryption is Just used everywhere. These are roadmaps that take in large organizations in a large financial institution many years to address.
So yeah, I think it's a great example. AI just hit us in the face really, really fast adoption. Same thing is going to happen here and there's going to be a race for talent and the race to fix things last minute. Yeah.
[00:12:38] Speaker C: Okay, this is interesting. So I interviewed another gentleman recently about Quantum and you would know more about this than me, but he was sort of saying that if this becomes more ubiquitous now, you know, it's not going to necessarily be like a personal computer, like how Windows was rolled out, et cetera. But overall he was sort of saying the stuff that we're doing now in security will just become redundant because Quantum's going to take over and therefore some of the things that we're doing doesn't make sense anyway because it's redundant. So does that make sense what I'm saying or what me through that? Because there's so many people talking about all these things today. But if you're saying the next three to five years, well, all this stuff that we're doing doesn't make sense anyway because it's going to be overpowered by Quantum. Do you think people are aware of that or they just trying to do the best they can and what they've got and worry about Quantum down the track?
[00:13:25] Speaker A: So certain problems are easy to solve by classical computers and other problems are just easier to solve by quantum computers. When the foundation of all key symmetric cryptography was created, this RSA algorithm, right, they, they looked at something that was exceptionally hard to break by a classical computer and that's finding very big prime numbers. The issue as I mentioned, is that in a quantum computer that is going to be something there is many, many, many orders of magnitude easier to do. So I think we, this is a little bit like AI, right? AI is just not magic and does not solve all our problems. I think we need to look to specific use cases on where to use AI and expert systems and where to use gen AI. Same thing is going to happen with Quantum. So certain problems are still going to be better to be solved by classical computers and other problems are going to, to be sold by quantum computers. And yes, this, this, this is not everybody's going to get their quantum computer at home. This is not, it's not, we're not going to have that level of adoption. But what we have to think is will at least intelligence agencies, which they are famous for the massive investments they do and again, just connecting us Back to the Snowden revelations, we were all deeply impressed by the amount of resources and investment that was put into signal intelligence and collecting signal and intercepting communications.
So what we really need to be thinking is what are those agencies and very sophisticated organizations building the quantum computer of tomorrow to be able to have this unique, unique capability of intercepting anyone's communication, being able to read it in a matter of hours.
So that's, that's the, the big worry is not for everybody having a quantum computer, you know, a quantum iPad, that we are many, many years away, Many, many, many years away. But is the organizations with enough resources having the capability of intercepting any communication and being able to read it at any time?
[00:15:53] Speaker C: Engineering teams are increasingly being pulled into the compliance conversation and it's not where you want your sprint hours going. Vanta automates the painful bits of ISO 27001 SOC 2 and GDPR so your team can spend less time on audits and more time building things that matter. Visit vanta.com kbcast that's V-A-N-T-A.com kbcast to learn more.
So at the moment you've probably seen a lot of the controversy around winning the quantum race. And yes, there's a whole debate around who's going to win the AI race. So just say whatever country, nation wins the race. That would you say that that would give them the ultimate power in the world? Yeah, geopolitically is one thing, but also security and all of the things. If they win that race in terms of what that can be leveraged for, in terms of gathering intelligence, espionage, all of the things, how did, what does that look like when I asked you that question in your eyes?
[00:16:55] Speaker A: Well, I think if we look to World War II and the Allies intercepted an Enigma in crypto machine, they did not reveal to the Germans that they had that capability. Actually they even led a very big set of ships in the Atlantic be intercepted by U boats with massive losses just to demonstrate that they were kind of playing a game showing to the Germans. Well, we actually have not intercepted Enigma and we are not able to read your messages.
So in warfare, all these types of games and in intelligence, all these types of games are happening. So if someone has the capability, the best thing they do is not to say they have it, is to keep it to themselves for as long as possible so they can be just like we did during World War II, intercepting the German messages and they were just absolutely not aware of that. So I think if it's an intelligence agency to have the breakthrough, which I would expect it will be because of the massive investments they are doing, they are going to keep it to themselves for as long as they can.
The other thing is just like it happened in any other race, the other countries will eventually catch up. It might be a matter of one or two years, but they will catch up.
[00:18:23] Speaker C: Forget the term of it, but someone else I was talking to as well, they were saying what we may start to see come into play is in the next three to five years when people can leverage Quantum to decrypt in a matter of hours, like you're saying, rather than a long period of time, could mean that they could go back and have a look at maybe something from a government agency that's classified or any other information, because it's super easy to break. Right. So is that something that people are starting to see as a risk in the future?
[00:18:50] Speaker A: Yeah, because certain secrets, right, they are supposed to be kept a secret for a hundred years. Right. If we think about some of the files, the GfK assassination files and you know, so just giving an example, that is kind of mainstream, Certain things are supposed. State secrets are supposed to stay secret, secret for a very long period of time. Now this just giving the contrast, what we're recording right now, it will become public in a matter of days or weeks.
So intercepting this message, it does not have a lot of value because it will eventually become public. But certain information, especially top secret information, which is going to remain confidential for a hundred years or more, that has a lot of value to be intercepted. So what is definitely happening today is this collect right now to be able to decrypt later. Now, as I mentioned, for information that is about to become public, it's not such a big deal.
But even if you only have the capability five years from now, if you're intercepting a communication today that is supposed to be confidential for the next 100 years, that means five years from now you're going to be able to access it and be able to read it.
[00:20:13] Speaker C: Yeah. This is so interesting. Okay, so isn't that enough urgency then? So you said before, around the urgency, around people, government, agency, et cetera, starting to focus on Quantum. That alone, that example, isn't that enough to worry people? Because then if all your secrets are out there because people can read them and have access to them, what are we doing?
[00:20:33] Speaker A: Yeah. So one of the issues is people think this is going to be a sprint and this is a marathon, climbing the Himalayas. Right? This is a very big task. And this is what is there Are two key factors not creating enough sense of urgency? One, there is not a specific deadline number. Two, most organizations that still have not looked into this, they think it's easier to solve by just replacing some products and, and the product vendors are going to solve this for them. But if you think about everything that you have developed that is custom, you have your own custom applications and this is very common in large banks, large institutions. You have a lot of custom build applications that of course they have to secure the data, right? And they are relying on these algorithms.
All this has to be changed. If we think about our digital identities, a lot of them rely on digital certificates. The digital certificate is signed using precisely the exact same algorithm. So even certain countries have it in their national ID card. They have a smart chip there that has digital certificates. All this has to be changed.
So once you start actually looking into the problem and you start identifying every single thing you're going to have to change, that's the wake up moment, right? It's like, oh, this what I thought is going to be a sprint is just a massive marathon. So it's these two factors that are actually not really helping. People don't know how much they have to change and there is not a specific date.
So if you have to choose between investing in AI right now and investing in post quantum cryptography, the AI threat or the AI need is way bigger than this quantum thing that you not really able to see when it's really going to happen. That's the issue we have.
[00:22:41] Speaker C: Do you think that people look at quantum as if this thing that's just never going to happen? I'm not saying all people, I'm just saying generally speaking like oh, it'll never happen. Because do you also think people are just so far wrapping their head around AI and everything that's happening with that. Like if I, even if I just speak to someone who's not in IT or security, they're still trying to get past the basic parts of AI now we're starting to introduce something more advanced.
Help me make sense of that because again like what you're saying makes sense, but then people aren't really acting on it and there's sort of a little bit, a bit of inertia going on.
[00:23:17] Speaker A: Yes, there is inertia and it doesn't really help that all this big push for AI is happening at the same time, right? So people, budgets are finite and people have to make decisions and it's just normal that we tend to act upon the things that are more urgent and definitely Having a robust AI strategy for every organization is very, very important.
And for some organizations, if they don't do that, they might mean that their business model gets extinct. If you think about all the consulting organizations and everybody that was relying on research and analyzing documents, there's thousands and thousands of jobs, which AI represents a massive threat. So if they don't transform their business processes and they don't transform even their own business, they might not even live enough to face the quantum threat.
So definitely organizations have to be prioritizing on what they're doing around AI and their AI strategy and the gentic AI, et cetera. In the meantime, they must start at least assessing and creating at the very least, a roadmap and understanding that doing the discovery of their crypto assets to understand how big is the task ahead of them. And we at Capgemini, we have done more than 20 of this analysis. And every time we show the roadmap to our clients, they get really surprised on how big is the task ahead of them, because again, they think just buying some product is going to fix this, but it just, it will not. It's a combination of many, many things that need to happen at the same time.
[00:25:06] Speaker C: Okay, so, so what's interesting that you're saying now in the market, a lot of people, especially on the podcast, et cetera, and the role that I do in media is people saying to be AI ready, a lot of people talking about be quantum ready. But would you say people should just abandon AI and move to quantum?
[00:25:23] Speaker A: Or.
[00:25:24] Speaker C: Or do you think people can prepare for both simultaneously? Like, how does that. And I guess I know the answer is like, it depends, but given what you're saying and that like three to five years, like it's five years since COVID like that went really, really quickly. So another three to five years, like, that's not that far away. How would you approach that then?
[00:25:42] Speaker A: Well, you must be investing and thinking about AI. I think this, this is not a matter of one or the other. Right. So you must. This is a big disruption that is happening in the industry. There is just absolutely no doubt about that.
And you must think about, also about AI from cybersecurity perspective. So you have all your business on how you adopt AI and how do you use it to leverage your systems. You also need to think that, like any technology, there is always a dark side and AI is just not exception. And the rise of more sophisticated social engineering, phishing attacks, deep fakes. If you think that a lot of banks use biometrics to do authentication, all that can now be easily compromised with AI threat and deep fakes, et cetera. So you, you must, you must be putting a lot of effort into AI and protecting from deep fakes and more sophisticated spear phishing, et cetera. You absolutely must do that. In the meantime, start at least by understanding where do you have your crypto assets and doing discovery of your crypto assets and create a roadmap of adoption. Now, something we have not talked yet is also concept of crypto agility. Because just to make things a little bit more complicated, what happens in cryptography is that typically algorithms to be considered very, very robust by mathematicians, they have to be out there for quite some time. So the algorithms that get selected, this is actually a competition, it's run typically by NIST in the United States, and this is actually a competition between cryptographers to select what is the de facto encryption algorithm going forward.
So what happens when a new algorithm gets selected like it just happened for post quantum cryptography last year, then an entire community of mathematicians and cryptographers, they are now going to try to break these algorithms. And these new post quantum cryptography algorithms, they rely on something called lattice based algorithms, which is they haven't been out there for a very long time. So we might start doing the change and then two years from now, some brilliant mathematician discovers a new way to also make these algorithms easy to break.
So what I typically talk about and what we typically talk is this concept of crypto agility that means that whatever changes we're going to be doing right now, we need to be thinking on a flexible and agile way to in the future, if needed. We're able to swap encryption algorithms way, way, way, way faster than we're able to do today. So that's the concept of crypto agility.
In case there is a breakthrough in breaking these new post quantum cryptography algorithms and we need to change them all over again in the future.
[00:28:58] Speaker C: So you said before potentially changing them way faster, how much faster are we talking here?
[00:29:03] Speaker A: Well, we would ideally be able to change the algorithms in matters of weeks. And not talking about projects right now that they have roadmaps of 3, 4, 5 years to replace everything.
So if we are just able to create an agile, fast way to then swap them because they are not so hard coded into the applications and into the systems.
That's kind of the concept of crypto agility, is that they're easy and fast to swap.
[00:29:36] Speaker C: So talking to companies like Osaka that are now, they were chatting to me recently on the show here about, you know, we got to get people ready in terms of skill set for Quantum. So do you think even now obviously there's a lack of skills for Quantum, but in the next three to five years. So is it going to get to a point? It's going to be so hard and I know you mentioned before around people are going to be racing towards it, whether it's vendors or whoever to get there. But how do we actually even get from where we are now? Because people are still saying we don't even have skills for AI, we don't have even skills even before that. And now we're talking about Quantum, which is way more complex, especially when talking about, you know, the mathematician side of things like this is getting quite advanced. So how do you think we even prepare for this at all?
[00:30:18] Speaker A: Yeah, you're absolutely right. Right. We are seeing that with AI, the rise of the data scientists and if we look at the, even the university degrees, a lot of them are changing from computer science to computer science and artificial intelligence. There's just a rise of new artificial data science, data security, posture management type of degrees and of course professionals. So there is a very, very big need the market for that. Now to the good news is to actually be able to do this, you don't really need to understand how a quantum computer works or even how the encryption algorithm works. There are people that work on that and you know, mathematicians and these, they set the standards and they define which algorithms are safe to use. The task that we as security practitioners have to do is actually identify where crypto is being used and finding the, creating the roadmap on how we're going to swap and change and upgrade all this old way of doing encryption, the RSA algorithm to the new algorithms like Kyber, et cetera.
[00:31:31] Speaker C: So what do you think if you would people that you're speaking to in clients across the world, what do you think? Ultimately people just don't get about Quantum.
[00:31:41] Speaker A: They think it's too far away. I think this is, this is the, the key issue they think is too far away. They don't and they don't realize how ubiquitous crypto is being used in the organization. And this is the, and this is the issue I'm very fortunate to almost every week talk with a group siso of a really large organization. And we talk many times about Quantum. If we look to organizations that have a much bigger need to protect their information for decades, and that's the defense sector or the financial services institutions, almost all of them are work, are looking very, very seriously into this. But if then I talk with a retail organization, for instance, where their information does not need to stay confidential for 100 years like you're going to have in the defense sector or in the financial services organization.
They're just a little bit more relaxed around this quantum threat. So the industry plays a really critical factor. If, if what you do for a business is securing highly critical information, then then you're going to just be more worried about the Quantum and Q day.
[00:33:03] Speaker C: So the interesting thing that I'm thinking about as you're speaking is look how many data breaches that are happening now even in Australia. There's so many that are going on, there's so many that we can't even report on how many that there are. And quantum isn't even as ubiquitous as it's going to be.
So does that just then mean we shouldn't. Well, I'm saying that it almost feels like people are just going to start surrendering saying well I didn't quite get hit the quantum mark and therefore I have no chance now at all to save any of my information, any of my clients personal identifiable information. Because I just didn't get there on time. Because it's gonna be super easy. People are just gonna walk all over these businesses. So what, what does that actually mean then for these businesses moving forward and then for, for customers? Cause people are outraged now but their data I'm seeing, you know, in the reporting that we're doing from a media perspective. You go on Twitter X, just the stuff that are people saying towards these businesses and that's at this point in time. So next three to five years and things are at the level that you're talking to me about, there's going to be a breach every second. Like what, what happens now?
[00:34:07] Speaker A: At least for the last decade, the way we have been doing security awareness is don't share your password, be careful with what you download, be careful which websites you visit and if you're going to your bank, you must ensure that you're seeing the padlock in your browser because that ensures that only you and the bank are able to read your information and see what you have in your bank statement, et cetera. Now with the rise of QDay and quantum threat is that if you're seeing the padlock that no longer means nobody else is able to intercept the communication. Be able to see that.
And I'm just trying to think about kind of mainstream very big secrets that everybody thinks like the Coke recipe or the KFC recipe, they're very well known to be secrets for over a hundred years.
So companies are going to have similar type of information that they must keep confidential for the next 100 years.
And it's by looking at this risk based approach and looking to their information and understanding for how long they have to keep it a secret that they need to start understanding which systems they're going to have to upgrade first and they're going to have to do the change first. But for the mainstream public, yes, there's going to be, I would say an issue we trust because they are expecting, if I'm seeing the padlock, everything is fine, no issues. And then in the future is not necessarily true unless you're using post quantum cryptography algorithms.
[00:35:51] Speaker C: So going back to your KFC example, so that's their ip, right? You're right, they've had this recipe, that's why people buy it, that's why people love going to kfc, their ip. Then if it's, you know, quantum and everyone knows the KFC reps, hypothetically, then their valuation goes down. So we're going to start to see a decline in valuations of these businesses. Because if everyone knows the secret sauce and how they operate to the fundamental level, what happens then?
[00:36:14] Speaker A: Well, if, if that is really your secret sauce and the key thing that is driving your differentiation and if we think about state secrets where you know, organizations go, governments go the extra, extra mile to keep them confidential for a hundred years, then yeah, I don't, not even I can predict what is going to happen if suddenly we, there are no more secrets. I think this would be an interesting movie to a screenplay or interesting movie to create. I think there, there are movies about what if humans are no longer possible to, to lie.
And I think this would be an interesting movie. What if there is a. We live in a world, there is no more secrets.
[00:36:59] Speaker C: So just quickly on that note, so if you're, I mean I don't play poker, but people play poker and it's like, well, you don't see the other person's hand.
But now if there's all the secrets around and everyone knows everyone's position, is that going to work or is that going to have like what, what is the outcome of that? Because if, if I know your position, you know mine, then it sort of cancels each other out. Or do you just think that it's going to be whoever knows the, their opponent's position first of course is going to have that advantage. It's not necessarily going to be like oh, at the same time we're all going to know each other's secrets, someone's going to absolutely have the upper hand.
[00:37:32] Speaker A: Yeah. If we think from a warfare perspective. Right. If enemies know each other's battle plans, well that makes things all the war effort more if there are no secrets in war, I don't even know what war looks like. Right.
If you think about the war plans, if you think that a lot of business rely on trust, you rely on your bank to keep your details and your bank statement and how much you have absolutely confidential. And there are, you know, the Swiss banks are famous for their level of trust and how much they protect their their clients information.
So for certain business that they operate on trust and that trust is driven a lot by the way they're able to keep information confidential and protect and almost make clients anonymous and protect them and their personal data, those businesses will be the ones that will see a much bigger impact because their business model relies on keeping information confidential and protecting their clients.
[00:38:41] Speaker C: There's so many questions I do have for you around Quantum. However, we do have to wrap for today's interview. Is there anything specific, Marco, you'd like to leave our audience with any closing comments or final thoughts?
[00:38:53] Speaker A: I would say it's not a sprint, it's going to be a marathon. The sooner you start preparing or at least understanding what you have ahead of you the better. Because then everybody's going to be competing for the same talent. So just be pre prepared, create a roadmap, don't delay it when there is a big rush for the same talent and the same resource.
[00:39:20] Speaker B: This is KBCast, the voice of Cyber.
[00:39:24] Speaker C: Thanks for tuning in. For more industry leading news and thought provoking articles, visit KBI Media to get access today.
[00:39:33] Speaker B: This episode is brought to you by MercSec. Your smarter route to security talent MercSec's executive search has helped enterprise organizations find the right people from around the world to since 2012. Their on demand talent acquisition team helps startups and mid sized businesses scale faster and more efficiently.
Find out
[email protected] today.
