Share
))
HBO and The Ringer's Bill Simmons hosts the most downloaded sports podcast of all time, with a rotating crew of celebrities, athletes, and media staples, as well as mainstays like Cousin Sal, Joe House, and a slew of other friends and family members who always happen to be suspiciously available.
…
continue reading
Manage episode 515126519 series 3499431
Content provided by Evan Kirstel. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by Evan Kirstel or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://staging.podcastplayer.com/legal.
Interested in being a guest? Email us at [email protected]
The lock icon is not a comfort blanket. It’s a contract. We sit down with Chris Hickman, Chief Security Officer at Keyfactor, to unpack what digital trust really means when every person, device, app, and service needs a verifiable identity. From the browser to the factory floor, PKI and certificate management quietly power secure connections, and when they fail, the business feels it fast. Chris pulls back the curtain on the policies, processes, and automation that keep identities reliable at scale—and why “crypto agility” is no longer a buzzword but a survival trait.
Quantum is no longer a sci‑fi subplot; it’s a timeline. With NIST guiding the retirement of RSA and ECC by 2030–2035 and global regulators aligning, organizations face an infrastructure‑level migration. Chris lays out a practical path: start with a full cryptographic inventory, assess risk to long‑lived data vulnerable to harvest‑now‑decrypt‑later attacks, standardize on TLS 1.3, and pressure vendors for post‑quantum roadmaps. We also tackle an accelerating reality: publicly trusted certificates shrinking toward 47‑day validity. Without automation, renewal cycles explode, toil multiplies, and outages become inevitable—making the ROI for certificate lifecycle management crystal clear.
Regulation and sovereignty add another layer. We cover DORA in the EU, evolving PCI requirements, and regional flavors of cryptographic standards that challenge compatibility. Then we look ahead to agentic AI, where identity at machine speed pushes PKI to new limits. The takeaway is simple: strong foundations—inventory, governance, and automated issuance and renewal—enable resilience, while brittle manual processes crack under pressure. If you lead security, architecture, or compliance, this conversation gives you a blueprint to build trust that lasts through quantum shifts, regulatory change, and AI scale.
Enjoyed the conversation? Follow the show, share it with a colleague who owns identity or crypto, and leave a quick review so others can discover it.
More at https://linktr.ee/EvanKirstel
Chapters
1. From PKI To Post-Quantum: Building Digital Trust That Scales (00:00:00)
2. Defining Digital Trust And PKI (00:00:01)
3. Why Certificates Matter To Business (00:02:48)
4. Preparing For The Quantum Tsunami (00:03:38)
5. Crypto Agility In Practice (00:06:04)
6. Fixing Certificate Sprawl And Risk (00:07:34)
7. Policy, Process, And Machine Identity (00:09:33)
8. Outages, Boardrooms, And ROI (00:11:08)
9. Regulation, Compliance, And Sovereignty (00:13:16)
10. Agentic AI And The Next Trust Shift (00:16:13)
11. Closing And Listener Resources (00:18:04)
540 episodes
