Quantum Cyber Breakfast at RSAC 2023 is a fundraiser for the International Cybersecurity Championship. Don’t miss this Quantum community event with industry leaders and professionals—including our own OODA CTO Bob Gourley and Katzcy CEO Jessica Gulick.
Following is a Panel Description, Panelist Bios, and a compilation of resources from the companies represented on the panel and/or the panelists themselves.
All of the links included here are related to the following questions (which will also be addressed by the panel):
- Why does preparing for a post-quantum future figure so prominently in the national cybersecurity strategy?
- What do board members need to know about “quantum effects”?
- How should technology executives better communicate quantum risks with nontechnical executives including members of the board?
- What should board members should know about Shor’s algorithms and ongoing Harvest Now, Decrypt Later (HNDL) attacks? and
- What should CISOs be asking the board for now to improve quantum resilience?
Wednesday, April 26th: The Quantum Cyber Breakfast at RSAC 2023
What the Board Needs to Know About Quantum Science
Panel Description: With the release of the new National Cybersecurity Strategy, the White House has declared war on systemic cyber risk. The government plans on working with commercial firms to reduce systemic risk while enabling businesses to smartly increase the value they deliver to stakeholders. The need to improve resiliency in the age of advanced technologies (including quantum computing) is a central pillar of this new strategy, as delineated in Section 4 of the document:
4. Invest in a Resilient Future – Through strategic investments and coordinated, collaborative action, the United States will continue to lead the world in the innovation of secure and resilient next-generation technologies and infrastructure, including by:
- Reducing systemic technical vulnerabilities in the foundation of the Internet and across the digital ecosystem while making it more resilient against transnational digital repression;
- Prioritizing cybersecurity R&D for next-generation technologies such as postquantum encryption, digital identity solutions, and clean energy infrastructure; and,
- Developing a diverse and robust national cyber workforce
This includes preparing for our post-quantum future.
Shifts in regulations including new SEC guidance mandating corporate board action in cybersecurity mean all boards will need a better understanding of why quantum preparedness needs to start now. This panel will examine board governance in the quantum age.
Panelists’ Bios and Research Resources
Matthew Scholl
NIST, Division Chief – Computer Science Division
BIO
Matthew Scholl | LinkedIn
National Institute of Standards and Technology (nist.gov)
by Matthew Scholl and/or NIST:
Migration to Post-Quantum Cryptography | NCCoE
Migration to Post-Quantum Cryptography: NIST SP 1800-39A Prelim Draft | CSRC
CHIPS for America Outlines Vision for the National Semiconductor Technology Center | NIST
Vikram Sharma
QuintessenceLabs
Founder and CEO
BIO
QuintessenceLabs Overview | LinkedIn
Vikram Sharma | LinkedIn
Source: QuintessenceLabs
How Is Quantum Risk a Thing Now?
One of the biggest risks at present is what’s known as an HNDL attack. This is an acronym for “Harvest Now, Decrypt Later” where encrypted data is captured, stored, and held onto until a quantum computer is able to unlock it. While this intercepted data is encrypted, this is a false sense of security — it will easily be decrypted by a threat actor with access to a quantum computer. So, the risk is very real today. Further, recent significant investments in quantum tech globally, as well as geopolitical motivations, have proven the debate over the quantum risk threat has shifted from no longer if, to when.
Bob Gourley
OODA
Co-founder & CTO
BIO
Bob Gourley | LinkedIn
OODA LLC | LinkedIn
By Bob and/or OODA:
What Corporate Directors Need To Know About Coming SEC Cybersecurity Rules
How to Manage Cyber Risk as a Board Director
Bob Zukis and the Digital Directors Network: Helping corporate boards mitigate systemic risk
Every Director of Every Corporate Board Should Read What Larry Fink Writes
The OODA Network on the 2023 National Cybersecurity Strategy
The Missing Piece of the National Cybersecurity Strategy
What Executives Need To Know About The Annual Threat Assessment from the U.S. Intelligence Community
Clement Jeanjean
Senior Director
SandboxAQ
Clement Jeanjean | LinkedIn
SandboxAQ: Overview | LinkedIn
Clément Jeanjean leads commercial efforts for the Quantum Security Group at SandboxAQ. Prior to that, he was the COO of Cryptosense, which was acquired by SandboxAQ in 2022.
Clément holds a degree from Sciences-Po Paris with a major in Law and Economics, and a degree from Ecole Nationale des Ponts et Chaussées with a major in Mathematics and Computer Sciences. He has founded or co-founded 4 tech companies, 2 of them having been acquired. Serving as CEO or COO, he built teams of dozens and go-to-market strategies delivering multi-million dollar deals with large partners in a wide range of industries spanning from consumer goods to banking, automotive, and health sciences. Clément also advises start-ups and large companies on innovation and entrepreneurial projects.
By Clement Jeanjean and/or SandboxAQ:
SandboxAQ Response to the National Cybersecurity Strategy | SandboxAQ
Transitioning Organizations to Post-Quantum Cryptography
The Future of Quantum Technologies: Opportunities and Challenges
Inside WEF: Industry Leaders Outline the Keys to Building National Quantum Ecosystems
Pete Clay
QryptoCyber, CEO
Peter Clay | LinkedIn
QryptoCyber: Overview | LinkedIn
Peter “Pete” Clay is a serial entrepreneur based out of Charlottesville, VA. He has served as a CISO for global companies, and he has more than 20 years of experience in managing the growth of technology and security risk assessment and management services to public and private sector entities globally. Extensive domain experience includes security operations center innovation, enterprise risk management, identity & access management, information security consulting, organization and process improvement, application design and implementation, application security, business continuity, privacy, and information systems auditing. He has also organized and led multidisciplinary business and technical teams for assessing, designing, implementing, and testing the security and control environment for a broad range of enterprise security, enterprise resource planning, information systems, and eBusiness transformation projects. Mr. Clay attended Oxford University as an undergraduate and has a degree from Hendrix College. He has been a Certified Information Systems Security Professional for the last 22 years.
Daniel Apon
Solving Problems for a Safer World | MITREDaniel Apon is Cryptography Lead at the MITRE Corporation, based in McLean, Virginia, and is currently involved in MITRE’s effort to stand up a long-term and full-scope industry coalition to accelerate the real-world adoption of Post Quantum Cryptography. Recently, he played a central role in standing up the 1st annual Real World Post Quantum Cryptography workshop in Tokyo (March 2023), which aims to bring together industry, academia, and standardization bodies to help address the core challenges involved in migrating modern computing systems and architectures to total quantum-resistance.Prior to that, he was a member of the National Institute of Standards and Technology’s Cryptographic Technologies Group working on the Post Quantum Cryptography standardization project, where he specialized in novel cryptanalyses of Lattice-based Cryptography, Hash-based Cryptography, Code-based Cryptography, and Multivariate-based Cryptography plus a focus on hardware side-channel analysis.Daniel holds a Ph.D. in Computer Science with a focus on Cryptography from the University of Maryland, College Park. After that, he held a Postdoctoral Scholar position at the University of California, Berkeley.By Daniel Apon and/or MITRE:
Jessica Gulick
U.S.Cyber Team Commissioner
Jessica Gulick | LinkedIn
KATZCY: Overview | LinkedIn
Jessica Gulick is a recognized cybersecurity practitioner and thought leader with over 25 years of experience in engineering and cybersecurity. She has led cybersecurity teams and contributed as an author on national cyber standards. She is also a VT MBA alumna and entrepreneur, having launched and grown IT and cyber firms. Her current focus is on tackling the cybersecurity talent problem with cyber games. She founded PlayCyber in 2019, a social impact initiative to address workforce challenges with games and epic events to raise funding for important initiatives. In 2021, she founded the U. S. Cyber Games in collaboration with the National Initiative for Cybersecurity Education (NICE) program and leads efforts to build an inclusive, cyber community that accelerates cyber talent and inspires the workforce of tomorrow. She is the president of the board of Women’s Society of Cyberjutsu, and a member of the BayPath University cybersecurity education board.
USA to Host Global Cybersecurity Competition and Conference (IC3)
Breakfast for a Cause
Profits made will be donated to the International Cybersecurity Championship and Conference (IC3). IC3 is a global event designed to foster awareness, skills development, and career opportunities in cybersecurity. It proactively addresses the critical workforce issues in the industry, speaking to both the ongoing skills shortage and the need for continued cybersecurity skills development.
What Corporate Directors Need To Know About Coming SEC Cybersecurity Rules
The OODA Network on the 2023 National Cybersecurity Strategy