Vladimir Soukharev
Dr. Vladimir Soukharev is VP of Cryptographic R&D at InfoSec Global, a Keyfactor Company. He is focused on cryptographic research and development and is inspired by continuous innovation. Vladimir obtained his Ph.D. from the University of Waterloo’s David R. Cheriton School of Computer Science, specializing in cryptography, security and privacy under the supervision of David Jao. He was part of the Centre for Applied Cryptographic Research, CryptoWorks21 and has contributed and published works at world-renowned conferences and in journals, such as PQCrypto, Financial Cryptography and the Journal of Mathematical Cryptology. Since completing his formal studies in 2016, he has dedicated his work life to advancing the knowledge and application of cutting-edge cryptography and cyber security technologies to protect vital information and communications in complex, highly regulated environments. Vladimir is leading and managing the cryptographic R&D at InfoSec Global, with main focus on Post-Quantum Cryptography, Cryptographic Agility, and Cryptographic Discovery & Analytics. He is also contributing to and is part of government initiatives and standards related to PQC and cryptographic migration, which include NCCoE, NIST, and Quantum-Safe Canada.
Session
Cryptography is the foundation of digital security. It is embedded across virtually every system and application. However, it can be of different forms: secure, insecure, vulnerable, compliant, non-compliant, current, outdated, and more. Today, there is a pervasive lack of visibility and control over cryptographic objects. Compliance requirements, quantum threat and the forthcoming post-quantum migration have further exposed these gaps.
To mitigate these risks, organizations must first establish comprehensive visibility, beginning with the capability to discover and inventory cryptographic objects across the entire ecosystem. Next, they must evaluate and assess the risk of these objects considering cryptographic vulnerabilities, compliance mandates, and the organization’s risk tolerance. Finally, they must define mitigation strategies and initiate remediation efforts. Migrating cryptographic objects is a highly complex process, as they are almost always hardcoded into systems, making replacement both difficult and resource intensive.
In this session, we will explore two main components of Cryptographic Lifecycle Management: Cryptographic Discovery and Cryptographic Agility. For Cryptographic Discovery, we will examine what is required to discover and inventory cryptographic objects. For Cryptographic Agility, we will outline the core solution principles and highlight the latest efforts from Standards Bodies driving PQC Algorithms adoption like NIST, ENISA, NCSC, and others.