In this episode, Itan Barmes cuts through the hype surrounding quantum computing and breaks down what actually matters for security leaders. He explains why qubit counts alone are a poor indicator of progress, and how his layered framework helps separate genuine scientific breakthroughs from noise. The discussion dives into the real quantum risks facing Bitcoin and Ethereum, highlighting why some assets are far more exposed than others and why dynamic attacks remain a universal challenge.

Itan shares the story of how his work in cryptographic inventory led to founding Qiz Security, and why most organizations misunderstand what a C-BOM should be. He outlines the practical steps CISOs need to take now, stressing inventory, governance, and realistic prioritization over fear-driven messages. The episode wraps with a grounded look at timelines, the coming inflection point in scalable quantum demonstrations, and why starting early is far better than arriving a day late.

Framework discussed on how to qualify news you read around quantum breakthroughs: https://www.deloitte.com/content/dam/assets-shared/docs/services/risk-advisory/2025/why-quantum-computers-are-not-cracking-rsa-yet.pdf

Takeaways

• Quantum computing hype often oversimplifies complex realities.
• Understanding quantum risks is crucial for organizations today.
• Bitcoin has vulnerabilities to quantum attacks, but not all are at risk.
• Dynamic attacks on cryptocurrencies pose significant threats.
• Cryptographic inventory is essential for risk mitigation.
• Organizations must prioritize actionable steps over exhaustive inventories.
• Procrastination in addressing quantum risks is common among executives.
• The future of quantum computing is uncertain but potentially transformative.
• Community collaboration is vital for addressing quantum challenges.
• Pragmatic approaches are necessary for effective quantum readiness.

Sound Bites

• "The devil is in the details."
• "Everything is going to break."
• "You need to start taking action."