We use a strictly necessary technical cookie (__Host-PHPSESSID) to ensure secure browsing. No consent is required under GDPR. See our Cookie Policy and Privacy Policy for details.
About Santosh Pandit
Santosh Pandit, Technology Innovator and Cybersecurity Thought Leader, drives quantum security and AI solutions as founder of BeatQuantum.
Timeline of Technology Experiments
| Date | Topic | Link |
|---|---|---|
| 2025 August | PoC: 'Zero Trust, Zero Tolerance' | ZTZT.dev |
| 2024 September | PoC: 'Cyber Threat Intelligence (CTI) - Multi-continental Trends' | LinuxCore.cloud |
| PoC start: 'Advanced Cyber Research' | BugBounty.company | |
| 2024 July | PoC (start): 'Multi-Database Multi-Regional Resilience' | GiantDB.cloud |
| 2023 December | PoC (start): 'Post-Quantum ToR' (Project Dropped) | Zero-Leak.com |
| PoC (start): 'Post-Quantum Cryptography' | Kyber.club | |
| 2022 December | PoC (start): 'Technology Social / Education' (Project Dropped) | CISO.social |
| 2021 August | PoC: 'Zero Trust Architecture' | ZeroTrust.plus |
| 2020 December | PoC (start): 'Machine Learning based Security Operations Center (SOC)' | SOC247.cloud |
| 2020 March | PoC: 'Applied Cryptography and CryptoAgility' | BeatQuantum.com |
| 2019 December | PoC: 'Mailserver and CryptoAgility' | Hard.Email |
| 2019 May | PoC (start): 'Privacy Computing and Cybersecurity' | Pandit.tech |
Results of Technology Experiments
Timeline of Speaking Engagements
| Date | Topic | Link |
|---|---|---|
| 2025 September | Speaker: 'The Future of Software Risk Management' | QA Event |
| Speaker: 'Operational Risk and Resilience / Planning an Assurance Cycle' | IIAG | |
| Speaker: 'Cyber and Operational Resilience: Ask us anything!' | CCBS | |
| 2025 June | Speaker: 'Q&A on Operational Resilience' | ISORG |
| 2025 April | Roundtable: 'Cyber and Digital Operational Resilience Act (DORA)' | Somerford |
| Speaker: 'What is next in cyber risk?' | CLS / DTX | |
| Speaker: 'Firesite Chat / Operational Resilience / Post-transition Phase' | Crowe | |
| 2025 March | Roundtable: 'Delivering the modern enterprise application strategy' | Private |
| 2025 February | Roundtable: 'Security Benchmarking' | Private |
| PhD Research Panel: 'Cyber Threat Intelligence' | UoM | |
| 2025 January | Speaker: 'How Risk talks to Resilience' | ABI |
| Speaker: 'Operational Resilience and Cyber' | AFM / Altus |
Publications
I believe thought leaders must continue to learn all their lives and share their knowledge and experience with others.
Disclaimer: All views expressed in my papers and articles are entirely my own and may not necessarily be shared by the Bank of England (or my previous employers). All errors are solely mine.
Quantum and Post-Quantum Security
In my view, crypto agility is essential to protect against weaknesses in traditional cryptography as well as the "harvest now, decrypt later" threat from sophisticated actors with access to quantum computers. I humbly disagree with the 2030-35 roadmaps suggested by fellow professionals, as the man-in-the-middle attack threat already exists. From March 2025, I started providing free post-quantum cryptographic key pairs for researchers and technology enthusiasts.
| Date | Topic | Link |
|---|---|---|
| 2025 July | Post quantum journey: Don't ignore but don't panic | |
| 2025 June | Post Quantum Operating System Award (Debian Trixie) | LinkedIn Post |
| Bash scripts for cryptographic inventory for Linux | LinkedIn Post | |
| 2025 May | Post Quantum Cryptography (PQC) and Browsers | LinkedIn Post |
| 2025 April | Launching FrodoKEM quantum-safe cryptography tools | LinkedIn Post |
| Post-Quantum hacking challenge security recommendations | LinkedIn Post | |
| 2025 March | Quantum Resistance Assessment | LinkedIn Post |
| 2024 November | Cryptoagility today | |
| 2024 January | Pseudocode for Shor's Algorithm to Crack RSA 4096 | |
| 2021 January | Quantum Readiness of Linux Technology Stack | |
| 2020 March | Quantum computers and cryptography explained |
AI and Technology Trends
In my view, artificial intelligence (AI) can help humans improve their efficiency by handling tasks that are repetitive or require sharp memory. Agentic AI projects can succeed through five pillars: clear vision, grounded ambition, leadership, customer focus, and transparency. However, AI hallucinates in expert code reviews and lacks true human reasoning, making it a tool prone to overconfidence. Over-reliance on AI invites risks; I insist on human oversight, targeted prompting, and standards compliance.
| Date | Topic | Link |
|---|---|---|
| 2025 July | Five pillars ensure agentic AI success (Co-author) | Blog Post |
| Santosh Pandit experiments | ||
| 2025 June | Testing AI's expert code review abilities | LinkedIn Post |
| AI standards and guidance list | LinkedIn Post | |
| Debunking AI hype with Apple insights | LinkedIn Post | |
| 2025 April | Warnings on AI over-reliance risks | LinkedIn Post |
Cybersecurity Threats and Analysis
Each asset connected to the internet is an invaluable source of cyber threat intelligence (CTI) that has helped me identify a number of threats ahead of actual attacks. Although zero-day attacks are particularly difficult, I prefer not to use them as an excuse. I practice a strong patching discipline (within 24 hours) and worry that prioritization based on CVSS, EPSS, KEV, and LEV may generate unnecessary risks. My latest experiments involve AI-supported white-box purple testing of edge cases in APIs and web applications.
| Date | Topic | Link |
|---|---|---|
| 2025 July | Increased vulnerability scans emphasize firewall necessity | LinkedIn Post |
| Most noteworthy cyber attacks of 2025 (so far) | ||
| 2025 May | Explaining CVSS EPSS KEV LEV vulnerabilities | LinkedIn Post |
| 2025 February | Bybit hack exposes crypto security flaws | |
| 2024 November | CTI analysis of continental hacking patterns | |
| 2022 November | November 2022 cyber-attack trends |
Cryptography and Encryption Strategies
This section covers my miscellaneous work on non-PQC topics and the ICT/cyber components of the EU Digital Operational Resilience Act.
| Date | Topic | Link |
|---|---|---|
| 2025 May | Quiz assesses cryptographic security baseline | LinkedIn Post |
| 2025 March | SPF DKIM DMARC email security guide | LinkedIn Post |
| 2024 November | DORA ICT encryption cryptography strategies | LinkedIn Post |
| DORA ICT encryption: How my own servers could do better | ||
| 2024 January | What to do When AI Learns the Wrong Dance? | Article |
| Transcript of DNSSEC discussion with ChatGPT |
Security Implementation and Best Practices
This section includes privacy and security.
| Date | Topic | Link |
|---|---|---|
| 2025 July | 36 concepts in software risk management | |
| 2025 June | Software Ecosystem and future software event talk | LinkedIn Post |
| 2025 May | Multi-layered secure IPv6 implementation strategies | LinkedIn Post |
| Using IPv6 - drink responsibly | ||
| 2024 November | Implementing CISA's secure software recommendations | LinkedIn Post |
| Avoiding unsafe software: Suggestions to implement CISA recommendations | ||
| 2021 January | Amnesic Computing Standards for privacy | |
| Brave browser privacy setup tutorial | To add |
Technology Risk Management and CEO/CRO Role
| Date | Topic | Link |
|---|---|---|
| 2025 July | Future CRO skills for risk management success | LinkedIn Post |
| Which CRO will succeed in the next decade? |
Books and Videos
| Date | Topic | Link |
|---|---|---|
| Cyber Landscape in 2035 (Manuscript stage) | ||
| 2025 July | Inside the Mind of Cl0p: The FTA Specialist (YouTube Video) | Video |