Exploring Information Security - Exploring Information Security cover art

Exploring Information Security - Exploring Information Security

Exploring Information Security - Exploring Information Security

Written by: Timothy De Block
Listen for free

The Exploring Information Security podcast interviews a different professional each week exploring topics, ideas, and disciplines within information security. Prepare to learn, explore, and grow your security mindset.
Episodes
  • [RERELEASE] What is the perception of information security - part 2

    [RERELEASE] What is the perception of information security - part 2
    May 5 2026
    In part two of this part two series Chris and I talk about security being a friendly face, the word hacker, and developers vs. security.
    Show More Show Less
    29 mins
  • [RERELEASE] What is the perception of information security - part 1

    [RERELEASE] What is the perception of information security - part 1
    Apr 28 2026
    In part one of a two part series we talk about the perception of infosec in business, how we change it, and where security first in an organization.
    Show More Show Less
    23 mins
  • Exploring the Quantum Horizon: Why We Need CBOMs Today

    Exploring the Quantum Horizon: Why We Need CBOMs Today
    Apr 21 2026
    Summary: In this episode, host Timothy De Block sits down with John Morello to dive into the world of Cryptography Bill of Materials (CBOM) and the looming transition to Post-Quantum Cryptography (PQC). They discuss why tracking cryptographic assets is becoming a critical security requirement, how CBOMs are being integrated into existing SBOM standards, and why organizations need to start future-proofing their encrypted data against quantum computing threats today. Key Topics Discussed What is a CBOM? A Cryptography Bill of Materials provides a trustworthy, structured, and machine-readable way to represent what cryptographic components exist in your software and how they are configured. Beyond the Basic SBOM: While a standard SBOM might tell you that a component like OpenSSL is present, a CBOM details the specific algorithms, key lengths, and operational modes in use. The Consolidation of Standards: CBOMs are actively being merged into broader SBOM frameworks like CycloneDX and SPDX. Over the coming months, CBOM data will simply become a subset of the tags and artifacts within standard SBOM files, reducing complexity for developers and security teams. The Post-Quantum Threat: The mathematical foundations of common encryption algorithms like RSA, DES, and SHA will eventually be defeatable by quantum computers. "Harvest Now, Decrypt Later": Adversaries may already be recording encrypted traffic today with the intention of decrypting it years down the line once quantum computing becomes viable. NIST and Regulatory Standards: NIST has been running a Post-Quantum Cryptography (PQC) project for several years and is expected to finalize approved algorithms soon. This guidance will likely be codified into future standards, such as a FIPS 140-4 update. Who Owns the CBOM? DevOps and developer teams should be responsible for creating and maintaining the CBOM data alongside their existing SBOM processes. Security teams will then consume this data to understand exposure, measure adoption of quantum-resistant algorithms, and prioritize risk mitigation.
    Show More Show Less
    26 mins
adbl_web_anon_alc_button_suppression_c
No reviews yet