The Entropy Podcast

Francis Gorman
  • 0.0 (0)
  • Technology
  • Updated Weekly

Hosted by Francis Gorman, The Entropy Podcast brings together intelligence community veterans, post-quantum cryptography pioneers, CISOs, business leaders, and frontline practitioners for unfiltered conversations on the threats, complexity, and geopolitics shaping our world. Past guests include former senior CIA officers, leading cryptographers, digital forensics experts, and security and technology leaders from across financial services, critical infrastructure, and government, voices rarely heard together in one place. Each episode goes beyond headlines to explore how cyber risk, emerging technology, and geopolitical instability are reshaping the way organisations operate, compete, and defend themselves. Expect candid insight on quantum risk, nation-state threats, AI, espionage, financial crime, business resilience, and the human dimensions of leadership. Designed for CISOs, board members, founders, technologists, policy thinkers, and the professionally curious, Entropy sits at the intersection of business, technology, and cybersecurity a space for genuine conversations with unique minds, the kind that don’t fit neatly into a press release. The name Entropy reflects the growing complexity and unpredictability of the systems we depend on, and the discipline required to lead through them. Disclaimer: The views and opinions expressed on The Entropy Podcast are those of the host and guests in their personal capacity and do not represent the views, positions, or policies of their respective employers, affiliated organisations, or any government body. Guest appearances do not constitute endorsement by the host, and the host’s commentary does not constitute endorsement of guests’ views. Content is provided for informational and educational purposes only and does not constitute professional, legal, financial, or security advice. One of the topics I cover a lot on this show is post quantum readiness, I believe awareness of this emerging technology is key for a safer world into the future. To support this awareness I have built a free resource to help you explore the world of quantum and learn as you go. You can find it here: www.postquantumreadiness.com Buy Our Swag: We now have some slick new swag you can purchase through our Esty store. https://theentropypodcast.etsy.com   Watch and Subscribe You can also watch full episodes and exclusive content on our YouTube channel:www.youtube.com/@TheEntropyPodcast Achievements The Entropy Podcast delivered strong chart performance throughout 2025, demonstrating consistent international reach and listener engagement. Regularly ranked within the Top 20 Technology podcasts in Ireland.Achieved a Top 25 placement in the United States Technology charts, holding the position for one week.Charted internationally across multiple markets, including Israel, Belgium, and the United Kingdom. This performance reflects sustained global interest and growing recognition across key podcast markets. Audio Quality Notice Some episodes may feature minor variations in audio quality due to remote recording environments and external factors. We continuously strive to deliver the highest possible audio standards and appreciate your understanding.

  1. Strategic Compression with David Murrin

    6d ago

    Strategic Compression with David Murrin

    Geopolitical forecaster and strategist David Murrin joins Francis Gorman to argue that the world isn't experiencing ordinary volatility it's in the middle of a deep, structural transition between great powers. Drawing on his "Five Stages of Empire" framework, David lays out why he believes America's decline began after 9/11, why China is rising into the vacuum, and why he sees the next decade as a period of unavoidable escalation. The conversation ranges across the war in Ukraine, the Iran nuclear question, the battle for the Pacific, the hollowing-out of Western military capability, and the subtler war being fought through economics, infiltration, and influence. It closes on Ireland's exposure as a neutral state and David's blunt verdict that there is "nowhere to hide." Key Takeaways David's "Five Stages of Empire" model frames how nations regionalise, fight a civil war, expand, peak, and decline and where he places the West today.His view that American power entered structural decline after 9/11, with China rising to fill the vacuum.The concept of "strategic compression" why rising powers are forced to act not when they choose, but when the window around them starts to close.Why he sees Ukraine and Iran as conflicts enabled and shaped by China, used as testing grounds for systems and tactics.His argument that Western societies are being degraded from within through long-running influence operations targeting domestic politics.A stark assessment of UK military readiness, and why he believes adaptability not hardware alone decides who survives modern conflict.What all of this means for a small, neutral, strategically significant state like Ireland.Soundbites "Nature absolutely abhors a vacuum. It hates it.""It's as if we're playing draughts and the Chinese are playing three-dimensional chess.""The timing of hegemonic conflicts is never at the choosing of the hegemon.""There are no neutral countries in its story, so there are no places to hide.""Stand up and be counted." Note: This episode contains forecasting and personal analysis that is, by nature, speculative and at times contested. These are David Murrin's own views, shared to open debate rather than to state fact.

    41 min
  2. The Reinvention Mindset with Aidan McCullen

    Jun 8

    The Reinvention Mindset with Aidan McCullen

    In this episode, Francis Gorman speaks with Aidan McCullen, host of "The Innovation Show" and author of "Undisruptible", about reinvention, innovation, and what real change demands. Aidan reflects on his journey from professional rugby to becoming one of Ireland’s leading voices on transformation, sharing lessons from injury, identity, curiosity, and hundreds of conversations with world-class thinkers. Together, they explore why people and companies often wait until crisis hits before adapting, why superficial change rarely works, and why mental models must shift before business models can. From Nokia’s failure to respond to the iPhone to the personal grief of letting go of an old identity, this conversation is about preparing for change before it is forced upon you and finding the resilience to build what comes next. Key Topics: The importance of mental models in changeThe analogy of the caterpillar and butterfly in transformationThe role of curiosity in innovationLessons from Nokia's decline and failure to adaptThe concept of creative destruction and proactive changeSound Bytes: "You can't waterboard a horse." "Snow always melts from the edges." "You can't force a horse to water." You can find Aidan's book here: https://www.kennys.ie/shop/-9781119770480

    46 min
  3. The World's First Hackocracy With Geoff White

    Jun 1

    The World's First Hackocracy With Geoff White

    In this episode of The Entropy Podcast, Francis Gorman sits down with British investigative journalist, author and BBC podcaster Geoff White to go inside the world of organised cybercrime and the regimes that increasingly depend on it. Geoff has spent years embedded in the underbelly of the cyber economy, from ransomware syndicates to state-sponsored hacking operations, and he brings a working journalist's eye to questions most security professionals only ever see from the defender's side. The conversation opens by dismantling the hoodie-in-a-basement myth: ransomware groups like Conti are run as businesses, with HR functions, payroll, performance management, customer support teams, and an obsession with professional polish. Geoff walks through what the leaked Conti messages reveal about how these organisations think of themselves including the striking self-description of their work as "postpaid penetration testing." The conversation then turns to North Korea, where Geoff lays out the case for what he calls a "hackocracy" — a regime increasingly funded by computer hacking. Drawing on US government estimates and his own analysis, he explains how cryptocurrency theft is keeping the North Korean state afloat, why sanctions are losing their bite, and why this should worry anyone who relies on the global supply chains that pass through the Korean peninsula. Francis and Geoff also dig into the moral and practical reality of the "don't pay the ransom" position, the weaknesses that still let attackers in, and the systemic role of money laundering as the unspoken second half of every major cybercrime story. The episode closes on the most timely thread: AI as an inherently deceptive technology. Geoff makes the case that systems like ChatGPT are designed from the ground up to fool users into thinking they're human and that this design philosophy has serious implications for the next generation of social engineering attacks. The conversation ends with a frank exchange on Anthropic's recent walk-back of its core safety commitments and what it signals about the industry's direction. Key Takeaways Ransomware gangs run themselves as businesses, not basements. The economics of ransomware are extraordinary. Money laundering is half the story. North Korea is becoming a hackocracy. A national ban on ransom payments would work eventually. .Humans are still the attack surface and AI makes that worse.Soundbites  "In order to earn the kind of money that Conti was earning, the average Russian would have had to work for 400 years. So in a single ransom, you can make not just your life's money, but the money for the life of all of your family around you as well." — Geoff White   "Within the next five to ten years, North Korea could become the world's first hackocracy — a regime entirely funded by computer hacking." — Geoff White   "Our world is not being run by lovely rational AI. It's human beings who are deciding what happens." — Geoff White

    38 min
  4. The Comfortable Lies of Cybersecurity with Adam McElroy

    May 25

    The Comfortable Lies of Cybersecurity with Adam McElroy

    In this episode of The Entropy Podcast, Francis Gorman speaks with Adam McElroy, CTO at Eclypses, about cybersecurity, storytelling, AI, post-quantum readiness, and the evolving role of security leadership. Adam argues that modern cyber leaders must move beyond technical reporting and learn to communicate risk in ways boards and executives can act on. The conversation explores why security decisions in large enterprises take time, how AI is accelerating existing technical debt and governance gaps, and why quantum risk is no longer something organizations can comfortably defer. Adam frames post-quantum readiness as a generational risk comparable to Y2K: manageable if organizations plan early, potentially damaging if they procrastinate. A central theme is that cybersecurity is no longer just a technology problem. It is a business resilience issue involving boards, executives, architects, regulators, CISOs, CIOs, CTOs, and risk leaders. Adam also challenges the industry’s reliance on perimeter defence, arguing that organizations need to think more seriously about making data unusable if it is exfiltrated.  Key Takeaways Storytelling is now a core cybersecurity leadership skill.Cybersecurity is business, not a separate technology function.AI has exposed existing technical debt faster than expected.Zero Trust is still valid, but there is no silver bullet. Organizations should assume breach and protect the data itself.“Harvest now, decrypt later” is a present-day risk.Quantum procrastination is becoming indefensible.The CISO cannot carry cyber risk alone. AI adoption needs policy, education, and discipline.  Soundbytes "There is no such thing as business and technology. It’s all business at the end of the day." “AI wasn’t built to be secure, it was built to be amazing.”  “The CISO cannot protect the organization by themselves.”   “The dashboard will never be green in my world.”

    32 min
  5. Quantum Readiness: The Risk No One Owns with Louise Davey

    May 19

    Quantum Readiness: The Risk No One Owns with Louise Davey

    In this episode of Entropy, Francis Gorman speaks with Louise Davey, executive leader, transformation architect, and author of Quantum How, about why quantum readiness has to move beyond the technology function and into the boardroom. Louise argues that post-quantum cryptography is no longer just a cryptography, standards, or cybersecurity discussion. It is an enterprise governance and transformation challenge that affects digital trust, operational resilience, fiduciary duty, regulatory exposure, insurance, systemic financial risk, and long-term business viability. The conversation explores why boards and executive leaders often struggle to act on quantum risk, not because the threat is unclear, but because it is poorly communicated. Louise explains how quantum risk breaks traditional risk models: it is time-shifted, has unclear ownership, spans the entire digital infrastructure layer, and reaches far beyond any single technology team. The episode also covers the real-world consequences of unreadiness, from harvest-now-decrypt-later exposure to operational technology, financial services, elevators, pacemakers, insurance risk, liquidity impact, and corporate survival. But the conversation is not only about risk. Louise also makes the case that quantum readiness can be used as a once-in-a-generation transformation opportunity to reduce technical debt, strengthen governance, improve enterprise intelligence, and create lasting organisational value. Takeaways: 1. Quantum readiness is now a boardroom issue. Louise makes the case that post-quantum security has moved beyond the technical layer. It now belongs in enterprise governance, risk management, transformation strategy, and board oversight. 2. The communication gap is one of the biggest blockers. The people who understand the quantum threat are often technologists, while the people who control funding, risk appetite, and enterprise priorities are boards and executives. The challenge is translating the issue into language decision-makers can act on. 3. Traditional risk models do not handle quantum risk well. Quantum risk does not fit neatly into standard operational risk taxonomies. It is time-shifted, systemic, infrastructure-level, and difficult to assign to a single owner. 4. Digital trust may be the real asset at risk. The episode repeatedly comes back to trust. Cryptography underpins authentication, authorisation, privacy, financial transactions, customer confidence, and the resilience of modern digital business. 5. Harvest-now-decrypt-later is already a live issue. Louise stresses that quantum risk is not purely future-facing. Sensitive data may already be exposed if adversaries are collecting encrypted information today to decrypt later. 6. Boards need to understand their fiduciary exposure. If boards are made aware of the scale of the risk and still fail to act, the issue becomes one of governance failure and fiduciary responsibility. 7. This is bigger than IT and cybersecurity. Quantum risk affects financial services, insurance, operational technology, manufacturing, logistics, public safety, and the physical systems connected to digital infrastructure. and many more.... SoundBytes: “The people who understand the problem often are not the people who own the decision.” “Quantum risk challenges the way organisations think about ownership, accountability, and authority.” “Digital trust does not belong to one function. It belongs to the organisation as a whole.” “The board is the only place high enough to own a risk of this scale.” “This is not just about avoiding risk. Done properly, quantum readiness can create long-term enterprise value.”

    42 min
  6. Smarter Cyber Strategy with Leonard McAuliffe

    May 11

    Smarter Cyber Strategy with Leonard McAuliffe

    This episode focuses on what real cyber strategy looks like versus the outdated “framework + gap analysis” approach. Leonard McAuliffe PWC explains that most organizations confuse activity with strategy focusing on compliance, maturity scores, and annual plans instead of aligning cybersecurity to actual business risk. The conversation reframes cyber strategy as a business-aligned, risk-driven, continuously evolving discipline. It emphasizes understanding stakeholder priorities, mapping real threats to controls, and treating strategy as a living system that adapts to AI, geopolitics, and changing attack surfaces. Takeaways: 1. Most “Cyber Strategies” Aren’t Strategies  They’re annual roadmaps or compliance exercises  Built around frameworks (NIST, ISO) instead of business risk  Improve maturity—but don’t necessarily reduce real risk 2. Strategy Must Start With the Business  Engage CEO, CFO, CIO, CRO—not just security teams  Understand risk appetite and critical processes  Align to IT, digital, and AI strategies 3. Focus on Risk → Threats → Controls (Not Maturity Scores)  Define key cyber risks (e.g., business disruption)  Map threat scenarios (e.g., ransomware via phishing)  Link to controls and measure effectiveness 4. Strategy is a Living System  Must evolve with:  AI  Threat intelligence  Regulatory changes  Business shifts 5. Prioritization = Risk + Cost Trade-Off  You can’t do everything  Decisions must be explicit:  What risk are we accepting?  What exposure remains? 6. Regulation Shouldn’t Drive Strategy  Constantly reacting to new regs derails focus  Instead:  Build a strong master control framework  Map regulations onto it Soundbites:   “Most cyber strategies look good on paper but don’t manage real risk.”  “You’re improving maturity, not reducing risk.”  “Cyber can’t operate in a bubble it has to enable the business.”  “If you don’t fund it, you’re accepting the risk. It’s that simple.”  “Boards don’t care about maturity levels they care about real threats.”

    40 min
  7. How to Recruit a President with Glenn Carle

    May 4

    How to Recruit a President with Glenn Carle

    In this episode of The Entropy Podcast, Glenn Carle a former CIA clandestine officer with over two decades of experience breaks down how intelligence agencies think, operate, and influence outcomes over the long term. Drawing on real-world tradecraft, Glenn explains how vulnerabilities are identified, how influence is cultivated, and how narratives are seeded and amplified over time. The conversation explores the growing tension between intelligence institutions and political power, the risks facing democratic systems, and how modern geopolitics is increasingly shaped by information warfare and perception management. The discussion also ventures into controversial territory examining the possibility of long-term influence operations at the highest levels of power while highlighting the difference between evidence, interpretation, and hypothesis. This is a conversation about how power actually works beneath the surface and what happens when institutions designed to protect truth are put under pressure. Takeaways: Intelligence is about patterns, not eventsInfluence is often long-term and indirectVulnerability ≠ controlInstitutions are under pressureInformation warfare shapes realityThe line between analysis and speculation mattersSoundBytes: “In intelligence, there are no coincidences only patterns you haven’t understood yet.” “You don’t recruit someone in a moment you shape them over time.” “Every strength can become a vulnerability in the right context.” “If telling the truth costs you your job, the system stops working.” “You don’t need the truth you need enough repetition to make something feel true.” “The most effective operations are the ones no one notices—until it’s too late.” “Understanding how something could happen is not the same as proving that it did.” This conversation explores complex and often controversial geopolitical themes from the perspective of a former intelligence officer. Some views expressed particularly around long-term intelligence operations and political influence reflect interpretation and professional judgement rather than independently verified public conclusions. Listeners are encouraged to engage critically and consult additional sources where appropriate.

    50 min
  8. One Click to Collapse: The SME Risk with Robert Maxwell

    Apr 27

    One Click to Collapse: The SME Risk with Robert Maxwell

    In this episode of the Entropy Podcast, Robert Maxwell (CEO of TGT Solutions) reframes cybersecurity from a technical concern into a core business risk especially for small and medium-sized enterprises (SMEs). He argues that cyber threats are fundamentally about cash, trust, and continuity, not just systems. A single compromised credential or phishing attack can dismantle years of work in minutes, particularly in SMEs where operations often depend on one person, one account, or one set of credentials.  Maxwell introduces a key mindset shift: cybersecurity is an investment, not an expense. Like building a portfolio, incremental and consistent investment in cyber resilience pays dividends protecting revenue, relationships, and long-term business viability.  The conversation also explores human vulnerability as the dominant attack vector, the risks introduced by AI adoption, and why attackers prioritize ease over sophistication. Ultimately, the episode highlights a stark reality: it’s no longer “if” a business is attacked, but “when” and how prepared it is when that moment comes. Key Takeaways: 1. Cyber is now a business problem, not an IT problem It directly impacts cashflow, supplier relationships, and customer trust—not just systems. 2. SMEs are disproportionately vulnerable Reliance on single accounts, single individuals, and weak password practices creates critical single points of failure. 3. Attackers prioritize ease, not scale or sophistication The simplest entry point—often human—is the most exploited. 4. “Too small to hack” is a dangerous myth Smaller firms are often easier targets and valuable entry points into supply chains. 5. Cybersecurity must be treated as an investment Incremental improvements (policies, training, redundancy) generate long-term “dividends” in resilience. 6. Human behavior is the biggest risk surface Phishing, credential reuse, and lack of policy enforcement remain dominant vulnerabilities. 7. AI is amplifying exposure Organizations are unintentionally leaking sensitive data through unmanaged AI usage. 8. External validation is critical Internal reviews often miss risks—independent assessments reveal blind spots. 9. Banks and institutions are shifting liability Poor cyber hygiene increasingly results in unrecoverable financial loss. 10. Timing matters Fixing issues after a breach is exponentially more expensive than proactive investment. Soundbites:  “Cyber isn’t a technical issue anymore—it’s about cash.”  “You can lose trust, cash, and credibility in under a minute.”  “It’s not ‘if’ you get attacked—it’s ‘when’ and ‘how much they take.’”  “One person, one password, one account—that’s all it takes.”  “Attackers don’t look for the biggest target—they look for the easiest one.”  “We were too busy… until we got hacked.”  “Cybersecurity isn’t an expense. It’s an investment that pays dividends.”  “The password they stole six months ago? It still works—that’s the problem.”  “AI is making companies more vulnerable—and they don’t even realize it.”  “You’re building a business for generations—cyber can erase it in minutes.”You can learn more about TGT solutions from their website: https://www.tgtsolutions.com/

    32 min
See All (61)

About

Hosted by Francis Gorman, The Entropy Podcast brings together intelligence community veterans, post-quantum cryptography pioneers, CISOs, business leaders, and frontline practitioners for unfiltered conversations on the threats, complexity, and geopolitics shaping our world. Past guests include former senior CIA officers, leading cryptographers, digital forensics experts, and security and technology leaders from across financial services, critical infrastructure, and government, voices rarely heard together in one place. Each episode goes beyond headlines to explore how cyber risk, emerging technology, and geopolitical instability are reshaping the way organisations operate, compete, and defend themselves. Expect candid insight on quantum risk, nation-state threats, AI, espionage, financial crime, business resilience, and the human dimensions of leadership. Designed for CISOs, board members, founders, technologists, policy thinkers, and the professionally curious, Entropy sits at the intersection of business, technology, and cybersecurity a space for genuine conversations with unique minds, the kind that don’t fit neatly into a press release. The name Entropy reflects the growing complexity and unpredictability of the systems we depend on, and the discipline required to lead through them. Disclaimer: The views and opinions expressed on The Entropy Podcast are those of the host and guests in their personal capacity and do not represent the views, positions, or policies of their respective employers, affiliated organisations, or any government body. Guest appearances do not constitute endorsement by the host, and the host’s commentary does not constitute endorsement of guests’ views. Content is provided for informational and educational purposes only and does not constitute professional, legal, financial, or security advice. One of the topics I cover a lot on this show is post quantum readiness, I believe awareness of this emerging technology is key for a safer world into the future. To support this awareness I have built a free resource to help you explore the world of quantum and learn as you go. You can find it here: www.postquantumreadiness.com Buy Our Swag: We now have some slick new swag you can purchase through our Esty store. https://theentropypodcast.etsy.com   Watch and Subscribe You can also watch full episodes and exclusive content on our YouTube channel:www.youtube.com/@TheEntropyPodcast Achievements The Entropy Podcast delivered strong chart performance throughout 2025, demonstrating consistent international reach and listener engagement. Regularly ranked within the Top 20 Technology podcasts in Ireland.Achieved a Top 25 placement in the United States Technology charts, holding the position for one week.Charted internationally across multiple markets, including Israel, Belgium, and the United Kingdom. This performance reflects sustained global interest and growing recognition across key podcast markets. Audio Quality Notice Some episodes may feature minor variations in audio quality due to remote recording environments and external factors. We continuously strive to deliver the highest possible audio standards and appreciate your understanding.

Information

  • Creator
    Francis Gorman
  • Years Active
    2025 - 2026
  • Episodes
    61
  • Rating
    Explicit
  • Copyright
    © 2026 Francis Gorman
  • Show Website
    The Entropy Podcast

You Might Also Like