Youssef El Maddarsi

Moody's just published something that should change how every financial institution is thinking about quantum risk. Their report reframes quantum computing as a systemic risk to digital finance. And Citi Institute estimates a quantum-enabled disruption to critical payment infrastructure could cost between $2 and $3 trillion. A few things stood out to me reading through it: JPMorgan is already inventorying its cryptographic dependencies and building crypto-agile infrastructure that can rapidly replace vulnerable encryption. HSBC is running real trials with quantum key distribution and quantum-secure communications, including simulated foreign exchange transactions. The Bank for International Settlements and the G7 are actively coordinating early migration efforts. This is the part most people miss: the institutions that model systemic risk for a living are no longer waiting for Q-Day. They are preparing for it now, because they understand that financial infrastructure has long time horizons, and harvest-now-decrypt-later is already happening. When Moody's writes about something, capital follows. When the BIS gets involved, regulation follows. The countdown started a while ago. It's just becoming visible. https://t.co/ZxFxPliI5J

A pattern is becoming clear in cybersecurity right now. Most organizations are still treating AI as another security tool. Another layer to deploy. Another vendor to add. That's not what this is. Anthropic's Claude Mythos just found a 27-year-old vulnerability in OpenBSD, a 16-year-old flaw in FFmpeg, and chained together Linux kernel exploits autonomously. Microsoft is embedding AI defense directly into its security stack. Project Glasswing has pulled together AWS, Apple, Google, Cisco and others to use these capabilities defensively before bad actors catch up. The asymmetry is the real issue. Attackers are gaining new capabilities faster than defenders can integrate them. The organizations that will lead won't be the ones moving fastest on AI. They will be the ones building the right foundations to make AI defense actually scale. This is no longer a tooling problem. It's an architecture problem. Read my full take here: https://t.co/Qaaa9xW2dv

The quantum cybersecurity stack is being built right now, and most people in tech are not paying attention. In the last six months alone: • The U.S. government committed $2 billion in equity stakes across nine quantum computing companies, including a new $1B IBM venture • The White House mandated post-quantum cryptography migration as part of national strategy • The U.S. Senate advanced the National Quantum Initiative reauthorization with a specific focus on applications and security • NIST finalized the first three post-quantum encryption standards (FIPS 203, 204, 205) • Google publicly warned that current encryption could break by 2029 • Anthropic's Mythos demonstrated AI can now find decades-old vulnerabilities at scale, collapsing the timeline further This is not a series of unrelated headlines. It's a stack being assembled in real time. For decades, cryptography was the invisible layer everyone relied on and no one thought about. That era is ending. The transition to post-quantum infrastructure is now being treated by governments the way semiconductors were treated in 2022, as strategic national priority, with capital, equity stakes, and policy frameworks aligned around it. The implication is structural: every system that runs on classical cryptography, banks, healthcare, defense, telecoms, blockchain networks, is on a countdown. Here's the link to the full deep dive: https://t.co/EniAdoiy8g

🇫🇷 €1.5 billion. France's latest bet on quantum and semiconductors. But let's read between the lines. While the US just committed $2 billion in equity stakes across nine quantum companies, and China continues its acceleration, Europe finally seems to grasp what's at stake: not innovation, but sovereignty. "We have the means to be the winners of this race," Macron declared. The real question isn't whether France has the talent or the means. It does. It's whether Europe can move at the speed this race demands. What strikes me most: Macron is positioning this as the defining theme of his final year. That tells you everything about the urgency he reads in the geopolitical situation. The technological race of the next decade won't be won by those who innovate the most. It will be won by those who industrialize the fastest while securing their critical infrastructure. Europe has the science. It has the talent. Now it needs the speed. Are we still in time? 🔗 https://t.co/lFYuO8BpMy

We're heading into what I call the post-quantum world. A quantum singularity event is coming within the next few years. In our industry, we joke that every day we get six months closer. When it arrives, everything will need to run on post-quantum cryptography. Infrastructure. Networks. Identity. Everything. This isn't a prediction anymore. The White House has built it into national strategy. The question is no longer if. It's how prepared you are when it happens.

The U.S. government just took equity stakes in nine quantum computing companies. $2 billion in grants. A 10% stake here. A 1% stake there. IBM gets $1 billion to build the country's first dedicated quantum chip manufacturing facility. This isn't venture capital. This is national strategy. When a government starts taking equity positions in an emerging technology, it's saying something specific. They believe the timeline is shorter than the public thinks. They believe the geopolitical stakes are higher than most realize. And they believe whoever wins this race shapes the next era of digital power. The cybersecurity implications alone are staggering. Quantum will eventually break the encryption protecting financial systems, defense networks, and critical infrastructure. The countries that get there first won't just have faster computers. They will have access to everyone else's secrets. The quiet part is now being said out loud. Sharp read on what's actually happening: https://t.co/A19kmSQxJq

The Pentagon just signed agreements with seven of the most powerful AI companies in the world. OpenAI, Google, Microsoft, Nvidia, Amazon, SpaceX, and Reflection. Their AI will now run on classified U.S. military networks. This is a turning point most people will overlook. AI is no longer just a tool that governments use. It is becoming the layer that runs national infrastructure, intelligence, defense systems, and the decision-making behind them. The cybersecurity implications are enormous. The same models that defend can be used to attack. The same systems that secure classified networks can be reverse-engineered. The line between AI capability and AI risk is now drawn inside the most sensitive systems on the planet. We are watching the architecture of national security shift in real time. Full details here: https://t.co/j3ur1wzNhz

Google just confirmed what everyone in cybersecurity was waiting for. For the first time, criminal hackers used AI to discover a previously unknown software vulnerability and tried to weaponize it. This isn't theory anymore. It's a fingerprint at the crime scene. Zero-day vulnerabilities used to be rare. They took elite teams weeks to find and could sell for millions on black markets. AI just collapsed that timeline. The asymmetry is the real issue. Attackers can now scale at machine speed. Defenders are still operating at human speed. Cyber defense has to move at the speed of AI. Or it stops being defense. Sharp read on what this means for leadership: https://t.co/RN22vvUWEU

Today is World Password Day. And the conversation has finally caught up with reality. Stolen credentials still sit behind most breaches globally. Across Asia, regulators are already moving banks away from SMS codes toward passkeys and biometrics. The way we authenticate is changing. But the cryptographic foundation underneath it has not. Most passkeys and digital certificates in use today still rely on cryptography that quantum computers will challenge within the decade. Trust granted once at login and assumed to hold is no longer enough. Identity needs to be continuously validated, across user behaviour, device posture, session risk, and cryptographic resilience. Grateful to be featured in two great pieces today on where authentication is headed: https://t.co/L8VTtCc75P https://t.co/ZNsoRdSzCD