Encryption, AI Risks and Policy Chaos: What’s Next for Cybersecurity? 

The future of cybersecurity is evolving at an unprecedented pace, with disruptive technologies, regulatory shifts, and geopolitical factors shaping the way organizations must defend themselves. I recently had the opportunity to join industry experts for an insightful panel discussion on the EM360 Tech’s Meeting of the Minds podcast, where we explored some of the most pressing issues in cybersecurity for 2025 and beyond. 

Here’s a recap of the key themes and insights we discussed—if you want the full conversation, I highly encourage you to listen to the entire episode. 

Government Disruptions and The Future of Cyber Policy 

The impact of the U.S. government’s recent moves in restructuring federal agencies and its implications for cybersecurity is a hotly debated topic. The formation of the Department of Government Efficiency (DOGE) has introduced a level of disruption that is being felt across federal cybersecurity programs. The key concern? The rapid overhaul of personnel and processes could lead to major gaps in security oversight. 

As I pointed out in the discussion, while government inefficiencies need to be addressed, we cannot sacrifice stability and security in the name of cost-cutting. Cyber policies require long-term planning, but recent shake-ups have left many agencies scrambling to maintain continuity. Without a structured approach, we could see weakened defenses at a time when cyber threats are more sophisticated than ever. 

The UK’s Demand for Encrypted Data Access 

The UK government’s recent push to gain backdoor access to encrypted data under the Investigatory Powers Act (IPA) is another critical topic. This move has raised serious concerns about privacy and security. My stance is clear: granting governments a backdoor to encrypted data not only erodes user privacy but also creates a massive attack surface for bad actors. 

As I highlighted, history has shown us that when one government forces these measures, others will follow, leading to a widespread weakening of encryption standards. The industry must push back against policies that compromise security in the name of oversight. Organizations should also rethink their reliance on mainstream communication platforms that could be subject to these government mandates and consider alternative, truly secure solutions. 

Quantum Computing: Are We Ready for Q-Day? 

One of the biggest existential threats on the horizon is quantum computing’s impact on encryption. While some argue that we are still years away from quantum breaking modern encryption, I emphasized that organizations need to start preparing now. The transition to quantum-resistant security models won’t happen overnight, and companies that fail to plan for it may find themselves vulnerable once quantum breakthroughs occur. 

During the discussion, we debated the timeline for what we called “Q-Day”—the moment when quantum computing becomes capable of rendering current encryption obsolete. While opinions varied on when this will happen, the consensus was that companies should be focusing on their cyber hygiene today. Before worrying about quantum, organizations need to ensure they have proper encryption and access control policies in place now. 

The Role of AI in Cybersecurity 

We couldn’t discuss the future of cybersecurity without diving into artificial intelligence (AI) and its rapid adoption across industries. While AI presents incredible opportunities, it also introduces new risks. One major concern I raised was how organizations are rushing to adopt AI-driven technologies without fully understanding the security implications. 

AI can be weaponized by attackers, enabling more sophisticated phishing attacks, automated hacking, and deepfake-powered social engineering. The challenge for security leaders is balancing AI-driven efficiency with risk management. Organizations must put guardrails in place to ensure AI is used responsibly while defending against adversarial AI threats. 

Final Thoughts: Preparing for an Uncertain Future 

The future of cybersecurity demands proactive, strategic thinking. Governments, businesses, and security professionals need to anticipate challenges before they become crises. From resisting dangerous regulatory overreach to future-proofing security stacks against quantum threats, now is the time to act.  

Organizations that focus on cyber hygiene, strategic security planning and adopting a preemptive cybersecurity approach will be the ones that thrive in this constantly evolving cyber threat landscape. I encourage you to listen to the full discussion for valuable insights into these topics and more. Access the full recording on demand. 

About the author

Brad LaPorte

Chief Marketing Officer

Brad LaPorte is a seasoned cybersecurity expert and former military officer specializing in cybersecurity and military intelligence for the United States military and allied forces. With a distinguished career at Gartner as a top-rated research analyst, Brad was instrumental in establishing key industry categories such as Attack Surface Management (ASM), Extended Detection & Response (XDR), Digital Risk Protection (DRP), and the foundational elements of Continuous Threat Exposure Management (CTEM). His forward-thinking approach led to the inception of Secureworks’ MDR service and the EDR product Red Cloak—industry firsts. At IBM, he spearheaded the creation of the Endpoint Security Portfolio, as well as MDR, Vulnerability Management, Threat Intelligence, and Managed SIEM offerings, further solidifying his reputation as a visionary in cybersecurity solutions years ahead of its time.