CISO Trainings , Encryption & Key Management , Finance & Banking
Bank of Ireland's Francis Gorman Shares Strategies for Successful Quantum Migration (gsuparna) • June 17, 2026
Most organizations hand off the migration to quantum-safe cryptography to the CISO. But that puts a cross-business change in the wrong hands. Accountability belongs with senior leaders who can influence the whole enterprise, said Francis Gorman, head of the Bank of Ireland's security center of excellence.
See Also: How AWS-Qualys Alliance Powers Risk-Aware Cloud Security
Routine decisions across the business pose potential gaps in encryption for Q-Day, when future quantum computers could break today's widely used encryption algorithms, putting sensitive data and digital trust at risk.
"Procurement are still signing contracts that don't have any of the quantum-safe considerations baked into them," Gorman said. "Legal are still reviewing contracts without any strict guidelines in terms of the accountabilities of third parties."
Engineering teams also keep deploying technology including artificial intelligence systems that are quantum-vulnerable, which adds technical debt to brand-new solutions. All of these decisions erode quantum readiness, and security is challenged with holding the business accountable without the power to drive organizational change, he said.
In this video interview with ISMG, Gorman also discussed:
- Who should lead quantum-safe readiness in the enterprise;
- How today's buying decisions are creating cryptographic risk;
- Ways for senior leaders to close the quantum-safety accountability gap.
Gorman leads the information security and resilience center of excellence at the Bank of Ireland, where he heads up the design and delivery of the security architectures that underpin one of Ireland's largest financial institutions. His work sits at the intersection of cybersecurity, operational resilience, emerging technology and regulatory change - the disciplines now converging around the quantum-safe transition.