Safe Mode Podcast

Episode Title: A Plea to Improve Quantum Security in the Federal Government
Release Date: March 5, 2026
Host: Greg Otto, Editor in Chief at CyberScoop
Guests: Derek Johnson (AI Correspondent), Garen Lacy (Assistant Director, Bureau of Diplomatic Security, U.S. State Department)

Episode Overview

This episode dives into the urgency and complexity of preparing the U.S. federal government—and its partners—for a post-quantum world. Host Greg Otto explores a recent ETH Zurich study on the de-anonymization power of large language models (LLMs) with guest Derek Johnson, before turning to a featured interview with Garen Lacy from the State Department. Lacy outlines the profound mindset and organizational changes needed to meet quantum security deadlines, emphasizing holistic defense strategies and the necessity of disciplined public-private (and inter-agency) collaboration in anticipation of adversaries like China, Russia, and others.

Key Discussion Points and Insights

1. AI and the Erosion of Online Anonymity

Segment with Derek Johnson
[00:32–08:04]

Study Overview:
ETH Zurich’s research demonstrates LLMs’ effective use in de-anonymizing online accounts by correlating digital breadcrumbs (e.g., cross-platform posting, interests, LinkedIn connections).
LLM Performance:
Models showed 25%–67% success rates, with recall figures between 70–90%—sufficiently strong to raise alarm about extrapolating these capabilities to the broader internet.
Risk and Societal Impact:
- "LLMs can do the work of tens of people. What used to require a dedicated investigative team—say, tracking down FBI Director James Comey’s private account—can now be done quickly and at scale." (Greg Otto, [05:40])
- Potential for misuse by stalkers, data brokers, foreign intelligence, and cybercriminals; the researcher's main concern is a large-scale, automated privacy invasion.
- “He described it…basically as a large scale invasion of privacy. He was very confident that if he could do it…and the research team, that foreign intelligence service could do it or a cybercriminal group or a data broker, you know, whatever.” (Derek Johnson, [07:00])
Takeaway:
The bar for anonymity online is rapidly rising; what once offered reasonable plausible deniability now offers little, unless tremendous effort is applied.

2. The Quantum Threat Landscape: A Holistic Modernization Imperative

Featured Talk by Garen Lacy
[09:06–17:12]

Garen Lacy’s Four Pillars for Quantum-Ready Security

A. Holistic Modernization & Mindset Shift

Adversaries like China attack “entire ecosystems” rather than isolated agencies—defense must match this holistic approach.
Quote:
“The organization that goes it by themselves in modernization will not succeed. Even worse, that organization will create a vulnerability for the rest of us.” (Garen Lacy, [10:38])
Modernization involves not just tools and processes, but fundamentally changing “how we think, how we move and how we understand ourselves.”

B. Outlasting Leadership Cycles

Quantum computing’s impact: Data encrypted today could be decrypted decades from now—outlasting leadership or policy cycles.
Quote:
“Quantum means that your data now lives longer than your leadership cycle…We have to modernize past leadership cycles. We cannot shift priority just because our leaders change.” (Garen Lacy, [11:54])

C. Breaking Predictable Patterns

Use historical telemetry to predict attack chains—but also inject unpredictability to avoid helping adversaries forecast defense routines.
Quote:
“Modernization has to account for changing the threat surface and breaking some of the tendencies that are predictable from our historical data.” (Garen Lacy, [13:40])
Introducing “randomness” in defenses prevents adversaries from capitalizing on institutional inertia.

D. Disciplined, Ecosystem-Wide Collaboration

Adversaries coordinate across borders and sectors; defenders must do the same through real information sharing and public-private partnerships.
“It’s not just enough to know what your stack looks like. You need to know who’s in the foxhole next to you and how they’re defending so you can complement them and they can complement you.” (Garen Lacy, [14:22])
State Department leads Five Eyes collaboration and works with ministries of foreign affairs to share early warnings—before adversary infrastructure is weaponized.

Notable Quotes and Memorable Moments

Greg Otto on LLM de-anonymization power:
“AI is just doing what humans can do, just synthesizes it to a level of 1. LLM can do the work of tens of people.” ([05:40])
Derek Johnson on privacy risks:
“He described it…as a large scale invasion of privacy. He was very confident…that a foreign intelligence service could do it or a cybercriminal group…” ([07:00])
Garen Lacy on adversary mindset:
“Chinese leaders don’t change. The Chinese priorities don’t change. Russia’s priorities don’t change. Iran’s priorities don’t change. North Korea’s priorities do not change. And these are the adversaries that we’re against.” ([12:30])
Garen Lacy on the path forward:
“It will not be because of tools. It won’t be because we deployed advanced AI fastest. It won’t even be because we got to deploying quantum cryptology fastest. It’ll be because we have created that links of shields…across our entire ecosystem to match the veracity of this threat.” ([16:45])

Timestamps for Key Segments

[00:32–08:04]: Discussion on ETH Zurich’s LLM de-anonymization study (Greg Otto & Derek Johnson)
[09:06–17:12]: Garen Lacy’s address on quantum security modernization and the four pillars of readiness

Summary Takeaways

Quantum security is not simply an upgrade in cryptographic tools—it requires a whole-government (and public/private sector) transformation in how risk is assessed, how priorities are set, and how defenders cooperate.
Adversaries are relentless, coordinated, and patient—defenses must be built with equal discipline, adaptability, and commitment beyond short-term political or budgetary cycles.
Both the power of AI/LLMs to erode anonymity and the long-term threat of quantum decryption mean today’s decisions have decades-long ramifications for national and individual security.

This episode is a call to action for policymakers, technologists, and the broader security community: quantum security is everyone’s challenge—no one can, or should, go it alone.

Safe Mode Podcast

Episode Overview

Key Discussion Points and Insights

1. AI and the Erosion of Online Anonymity

Segment with Derek Johnson
[00:32–08:04]

Study Overview:
ETH Zurich’s research demonstrates LLMs’ effective use in de-anonymizing online accounts by correlating digital breadcrumbs (e.g., cross-platform posting, interests, LinkedIn connections).
LLM Performance:
Models showed 25%–67% success rates, with recall figures between 70–90%—sufficiently strong to raise alarm about extrapolating these capabilities to the broader internet.
Risk and Societal Impact:
- "LLMs can do the work of tens of people. What used to require a dedicated investigative team—say, tracking down FBI Director James Comey’s private account—can now be done quickly and at scale." (Greg Otto, [05:40])
- Potential for misuse by stalkers, data brokers, foreign intelligence, and cybercriminals; the researcher's main concern is a large-scale, automated privacy invasion.
- “He described it…basically as a large scale invasion of privacy. He was very confident that if he could do it…and the research team, that foreign intelligence service could do it or a cybercriminal group or a data broker, you know, whatever.” (Derek Johnson, [07:00])
Takeaway:
The bar for anonymity online is rapidly rising; what once offered reasonable plausible deniability now offers little, unless tremendous effort is applied.

2. The Quantum Threat Landscape: A Holistic Modernization Imperative

Featured Talk by Garen Lacy
[09:06–17:12]

Garen Lacy’s Four Pillars for Quantum-Ready Security

A. Holistic Modernization & Mindset Shift

Adversaries like China attack “entire ecosystems” rather than isolated agencies—defense must match this holistic approach.
Quote:
“The organization that goes it by themselves in modernization will not succeed. Even worse, that organization will create a vulnerability for the rest of us.” (Garen Lacy, [10:38])
Modernization involves not just tools and processes, but fundamentally changing “how we think, how we move and how we understand ourselves.”

B. Outlasting Leadership Cycles

Quantum computing’s impact: Data encrypted today could be decrypted decades from now—outlasting leadership or policy cycles.
Quote:
“Quantum means that your data now lives longer than your leadership cycle…We have to modernize past leadership cycles. We cannot shift priority just because our leaders change.” (Garen Lacy, [11:54])

C. Breaking Predictable Patterns

Use historical telemetry to predict attack chains—but also inject unpredictability to avoid helping adversaries forecast defense routines.
Quote:
“Modernization has to account for changing the threat surface and breaking some of the tendencies that are predictable from our historical data.” (Garen Lacy, [13:40])
Introducing “randomness” in defenses prevents adversaries from capitalizing on institutional inertia.

D. Disciplined, Ecosystem-Wide Collaboration

Adversaries coordinate across borders and sectors; defenders must do the same through real information sharing and public-private partnerships.
“It’s not just enough to know what your stack looks like. You need to know who’s in the foxhole next to you and how they’re defending so you can complement them and they can complement you.” (Garen Lacy, [14:22])
State Department leads Five Eyes collaboration and works with ministries of foreign affairs to share early warnings—before adversary infrastructure is weaponized.

Notable Quotes and Memorable Moments

Greg Otto on LLM de-anonymization power:
“AI is just doing what humans can do, just synthesizes it to a level of 1. LLM can do the work of tens of people.” ([05:40])
Derek Johnson on privacy risks:
“He described it…as a large scale invasion of privacy. He was very confident…that a foreign intelligence service could do it or a cybercriminal group…” ([07:00])
Garen Lacy on adversary mindset:
“Chinese leaders don’t change. The Chinese priorities don’t change. Russia’s priorities don’t change. Iran’s priorities don’t change. North Korea’s priorities do not change. And these are the adversaries that we’re against.” ([12:30])
Garen Lacy on the path forward:
“It will not be because of tools. It won’t be because we deployed advanced AI fastest. It won’t even be because we got to deploying quantum cryptology fastest. It’ll be because we have created that links of shields…across our entire ecosystem to match the veracity of this threat.” ([16:45])

Timestamps for Key Segments

[00:32–08:04]: Discussion on ETH Zurich’s LLM de-anonymization study (Greg Otto & Derek Johnson)
[09:06–17:12]: Garen Lacy’s address on quantum security modernization and the four pillars of readiness

Summary Takeaways

Quantum security is not simply an upgrade in cryptographic tools—it requires a whole-government (and public/private sector) transformation in how risk is assessed, how priorities are set, and how defenders cooperate.
Adversaries are relentless, coordinated, and patient—defenses must be built with equal discipline, adaptability, and commitment beyond short-term political or budgetary cycles.
Both the power of AI/LLMs to erode anonymity and the long-term threat of quantum decryption mean today’s decisions have decades-long ramifications for national and individual security.

This episode is a call to action for policymakers, technologists, and the broader security community: quantum security is everyone’s challenge—no one can, or should, go it alone.

wavePod

A plea to improve quantum security in the federal government

Get Free Podcast Summaries in Your Inbox

Pick Your Shows

Subscribe Free

Get Instant Summaries

Summary

Safe Mode Podcast

Episode Overview

Key Discussion Points and Insights

1. AI and the Erosion of Online Anonymity

2. The Quantum Threat Landscape: A Holistic Modernization Imperative

Garen Lacy’s Four Pillars for Quantum-Ready Security

Notable Quotes and Memorable Moments

Timestamps for Key Segments

Summary Takeaways

Summary

Safe Mode Podcast

Episode Overview

Key Discussion Points and Insights

1. AI and the Erosion of Online Anonymity

2. The Quantum Threat Landscape: A Holistic Modernization Imperative

Garen Lacy’s Four Pillars for Quantum-Ready Security

Notable Quotes and Memorable Moments

Timestamps for Key Segments

Summary Takeaways