Bas Westerbaan of Cloudflare joins us to discuss recent information that heightens concerns about Elliptic Curve Cryptography (ECC) and its vulnerability to a cryptographically relevant quantum computer (CRQC). We pose the question do we need to deprecate ECC in advance of our migration to ML-DSA and other PQC algorithms.
Jason Soroko
Jason Soroko is a seasoned security technology innovator and Senior Fellow at Sectigo, where he leads customer-facing engagements, drives research, and spearheads strategic initiatives at both organizational and national levels. He also contributes to the development of intellectual property and consortium standards. As co-host of the award-winning “Root Causes” podcast, Jason educates professionals on the latest trends in PKI and cybersecurity twice a week. His core strength is bridging cutting-edge security methods with real-world operational needs, ensuring that businesses are equipped with practical, forward-thinking solutions.
Recent posts by Jason Soroko
Join this webinar to learn how modern private Certificate Authorities provide the foundation for managing machine identities at scale, while giving you the visibility, control, and automation required for today’s infrastructure.
U.S. shifts PQC deadline to 2031, prioritizing key establishment to address HNDL risks and accelerate enterprise crypto readiness.
We are freshly returned from the 2026 ETSI PQC Conference. We give a debrief on the conference, including the difference between post quantum cryptography (PQC) and quantum key distribution (QKD), the algorithmic zoo, PQC for blockchain, the Dunning Kruger Effect, and cryptographic Frogger.
The session covers NIST’s published PQC standards and ongoing work around Falcon, HQC, and the post-quantum “onramp,” along with migration timelines, the NCCoE Migration to PQC project, and key considerations for the U.S. government’s transition to quantum-resistant cryptography.
This session focuses on how engineering, DevOps, and cloud teams can prepare now by building crypto‑agile infrastructure, enabling automated renewal and bulk‑replace workflows, and updating CI/CD pipelines to support rapid cryptographic change.
Our speakers will reveal how visibility, automation, and strong governance form the foundation of PQC readiness and why the time to act is now.
We recently attended the Gartner Risk and Security conference for 2026, where we observed a great deal of attention on not only AI but also post quantum cryptography (PQC). Join us as we share the key takeaways.
2024 saw a flurry of high profile incidents for public CA, which we named the Bugzilla Bloodbath. We look back to see how the WebPKI has changed as a consequence.
