Overview
Qrypt protects the world’s most valuable data with quantum-secure encryption that eliminates the need for key transmission. Founded by former CIA officer Kevin Chalker and physicist Denis Mandich, the company partners with U.S. national laboratories and leading research institutes to commercialize patented encryption methods and return digital autonomy to everyone.
Chief Security Officer John Poirier knew that earning both ISO 27001 and SOC 2 certifications simultaneously would instill immediate confidence in customers. Still, he had to accomplish this with a small team and that was not a small feat. When a rival GRC platform quoted sky-high fees with fewer capabilities, he moved to TrustCloud and began working closely with TrustCloud’s team, trading notes almost daily.
At a glance
- Headquarters: One World Trade Center, New York City
- Frameworks: ISO 27001 and SOC 2 pursued in parallel
- TrustCloud support: TrustOps platform plus dedicated guidance
- Current status: Both certifications achieved, penetration test underway
The challenge
Launching two first-time audits at once meant twice the evidence, tighter deadlines, and a workforce new to formal security controls. “We have people who never worked in a secure atmosphere before,” John notes. Adding to the pressure, the first vendor he approached was “remarkably expensive,” as John stated.
- Dual audits doubled documentation and auditor questions
- Staff required policies, training, and physical safeguards from scratch
- Budget constraints demanded a cost-effective solution
- Security culture had to be embedded without slowing product delivery
The solution
TrustCloud became Qrypt’s single source of truth and its day-to-day coach. “The real nuts and bolts—the actual engineering—happen with Eugene. He and I are trading notes at least once a day,” John says. After switching platforms, he found TrustCloud to be “the perfect fit.”
- The unified control library lets evidence be gathered once and reused
- Continuous collaboration with TrustCloud’s team provides real-time answers and momentum, and the needed support team
- The TrustCloud platform scales with Qrypt’s growth and future frameworks to future-proof needs
Results
With TrustCloud, a daunting compliance sprint turned into a compelling proof of trust. “The first iteration went remarkably well,” John recalls. “In the very best sense, we’ve had no difficulties whatsoever.”
- Dual certifications secured: ISO 27001 and SOC 2 completed
- Auditor follow-ups resolved in weeks, not months
- Smooth engagement with no material blockers
- Security culture is established through regular touchpoints and layered controls
Looking forward
Qrypt is already eyeing its next milestones. “AI governance is a priority. It’s inevitable with how fast is moving,” John says.
- Finish the current penetration test and second audit cycle
- Expand continuous control monitoring to cover new services
- Implement an AI governance framework to manage emerging machine-learning risks
- Roll out additional customer-facing assurance features once core audits are fully wrapped
“TrustCloud has been instrumental in helping us achieve our first security milestones, and I’m excited to keep growing together, expanding our controls, adding new frameworks, and scaling our security program as Qrypt scales.”
