Posts

Showing posts from October, 2025

Post-Quantum Cryptography Conference 2025 — Kuala Lumpur

The PKI Consortium will host its fourth Post-Quantum Cryptography (PQC) Conference from October 28 to 30, 2025 in Kuala Lumpur (and online) at the Connexion Conference & Event Centre. The event includes hands-on workshops, expert talks, panels, and breakout sessions, all focused on preparing for the transition to quantum-resistant cryptographic systems. Registration is free, though attendees are responsible for their own travel and lodging. Speakers will include leading figures in cryptography, PKI, and quantum security, and content is structured to balance strategy, technical depth, and education across the three days. https://pkic.org/events/2025/pqc-conference-kuala-lumpur-my/

Qinsight — Enterprise Cryptographic Posture Management

Qinsight is a SaaS platform focused on giving organizations visibility into their cryptographic assets across TLS, SSH, certificates, and encryption protocols. It helps assess and score cryptographic risk, flag vulnerabilities (including quantum-vulnerable algorithms), and provides guidance for remediation. The platform is designed to aid compliance, prepare for post-quantum cryptographic transitions, and reduce blind spots in how encryption is used across enterprise systems. https://www.qinsight.com/

The 2025 State of Security Champions Report

The report from Katilyst combines original survey data from 33 organizations with external benchmarks (like BSIMM15) to provide a real-world view of how security champion programs currently operate. It shows that most programs are under four years old, reveals how older programs expand their scope (from secure coding toward governance and threat modeling), and demonstrates a correlation between champion adoption and program maturity: top-tier firms tend to more fully integrate champion initiatives across departments. The report is intended as a benchmarking tool and a guide for scaling security culture effectively.  https://www.katilyst.com/state-of-security-champions-report-2025

Two-Thirds of Organizations Report Cybersecurity Roles Going Unfilled

The article highlights a pervasive talent shortage in cybersecurity, noting that 65 percent of organizations currently have open cybersecurity positions they cannot staff. It explores contributing factors such as skill mismatches, recruitment challenges, and structural barriers, and argues that addressing the gap will require changes in hiring practices, training pipelines, and industry expectations.  https://www.infosecurity-magazine.com/news/two-thirds-unfilled-cybersecurity/

Responding to the Shai-Hulud Attack Aftermath

The article from Defendermate describes how their team is launching a freely accessible, continuously updated list of npm packages affected by the Shai-Hulud incident. They explain that even though the initial spread of malicious code may have been contained, many security teams are still grappling with residual risks and hidden dependencies. Defendermate positions this curated resource as a way to aid organizations in assessing exposure, prioritizing remediation, and staying ahead of potential downstream impacts from the attack.  https://defendermate.com/whatsnew/shai-hulud