Abstract
As industries continue to treat cryptography as invisible plumbing, the risk of systemic disruption is growing. In this episode of Shielded: The Last Line of Cyber Defense, host Johannes Lintzen speaks with Mike Silverman, Chief Strategy & Innovation Officer at FS-ISAC, about why complacency is more dangerous than quantum itself. Mike explains how decades of one-off migrations have left organisations brittle, why inventories and risk models are the essential starting point, and how cryptographic agility must become both a design principle and an organisational mindset. They discuss why timelines like 2030 and 2035 demand phased action, how vendor and supply chain readiness can make or break success, and why PKI standards and certificate interoperability are the hidden dependencies no one can ignore. From embedding PQC into normal app modernisation cycles to reframing the conversation for the boardroom, Mike delivers a pragmatic warning: you don’t need to boil the ocean, but you must start now.
What You’ll Learn
- Mindset Shift: Why the biggest risk isn’t “quantum” per se, it’s assuming cryptography can be ignored until the next crisis.
- True Crypto-Agility: Minimal downtime, minimal (ideally zero) code changes, policy-driven selection, and ecosystem readiness.
- Inventory First: How key discovery, asset metadata, and process mapping create a measurable, fundable scope of work.
- Risk-Based Priorities: Protect crown-jewel data and long-lived assets first; accept there will be legacy tails.
- Ecosystem Dependencies: Why vendors, PKI standards, certificate profiles, FIPS-validated libraries and supply chains dictate your timeline.
- Board Framing: Position PQC as business continuity and trust preservation, embedded in regular tech refresh, not a one-off cost centre.
- 2030/2035 in Practice: Read timelines as phase gates (inventory + highest-risk migrations first; wider coverage later), not a big-bang cutover.
Mike Silverman is Chief Strategy & Innovation Officer at FS-ISAC, the global, member-driven consortium dedicated to collective defense in financial services. In this role, he leads forward-looking initiatives on post-quantum cryptography, AI risks, cloud security, and sector resilience, helping financial institutions anticipate and prepare for the threats shaping tomorrow’s trust landscape.
With a career shaped by crisis response and industry collaboration, Mike has been at the center of efforts to align governments, regulators, and enterprises on how to secure financial systems under pressure, from pandemic coordination to the emerging quantum challenge. His work focuses on reframing cryptography as a first-class citizen, embedding it into inventories, risk models, and long-term technology refresh cycles that extend beyond any single algorithm.
Known for his pragmatic perspective, Mike stresses that the real danger is complacency, not just quantum breakthroughs. He argues that cryptographic agility is the only sustainable defense, that timelines like 2030 and 2035 demand phased and realistic planning, and that collective readiness across vendors and supply chains is non-negotiable. His message is clear: organisations don’t need to panic, but they do need to start now.
……………………………………….
Want exclusive insights on post-quantum security? Stay ahead of the curve—subscribe to Shielded: The Last Line of Cyber Defense on…