Description

In this episode of TheEntropy Podcast, Francis Gorman speaks with Adam McElroy, CTO at Eclypses, about cybersecurity, storytelling, AI, post-quantum readiness, and the evolving role of security leadership. Adam argues that modern cyber leaders must move beyond technical reporting and learn to communicate risk in ways boards and executives can act on.

The conversation explores why security decisions in large enterprises take time, how AI is accelerating existing technical debt and governance gaps, and why quantum risk is no longer something organizations can comfortably defer. Adam frames post-quantum readiness as a generational risk comparable to Y2K: manageable if organizations plan early, potentially damaging if they procrastinate.

A central theme is that cybersecurity is no longer just a technology problem. It is a business resilience issue involving boards, executives, architects, regulators, CISOs, CIOs, CTOs, and risk leaders. Adam also challenges the industry’s reliance on perimeter defence, arguing that organizations need to think more seriously about making data unusable if it is exfiltrated. 

Key Takeaways

• Storytelling is now a core cybersecurity leadership skill.
• Cybersecurity is business, not a separate technology function.
• AI has exposed existing technical debt faster than expected.
• Zero Trust is still valid, but there is no silver bullet.
•  Organizations should assume breach and protect the data itself.
• “Harvest now, decrypt later” is a present-day risk.
• Quantum procrastination is becoming indefensible.
• The CISO cannot carry cyber risk alone.
•  AI adoption needs policy, education, and discipline.

Soundbytes

"There is no such thing as business and technology. It’s all business at the end of the day."

“AI wasn’t built to be secure, it was built to be amazing.” 

“The CISO cannot protect the organization by themselves.” 

 “The dashboard will never be green in my world.”