Security Café

Quint Ketting Menno van der Horst
  • 5.0 (1)
  • TECHNOLOGY

“Pull up a chair at the Security Café – your monthly deep dive into the hottest cybersecurity news and trends. Each episode brings you an inspiring guest and a story that will spark your imagination. Produced by Quint & Menno (Atos), this is where insights meet conversation. Don’t just stay informed—join the discussion!”

  1. The Rise of the Agents & Modern Geopolitics

    2 DAYS AGO

    The Rise of the Agents & Modern Geopolitics

    Host: Menno van der Horst Regular Guest & Chief Storyteller: Quint Ketting Special Guest: Jan Paul Oosterom (EMEA Regional Business Lead for Security, Microsoft) Episode SummaryIn this episode, the trio dives into the rapidly shifting threat landscape. While geopolitical tensions remain the "elephant in the room," the real tactical shift is happening within the realm of AI Agents. Jan Paul explains why identity management is no longer just about people—it’s about governing the thousands of non-human entities now operating within corporate environments. The team discusses the "Assume Breach" mindset, the death of "badly written" phishing emails, and why protecting your Intellectual Property (IP) requires a deep understanding of who exactly is targeting you. Key TakeawaysThe Identity of Agents: We are moving beyond managing human access. Organizations now face the challenge of managing non-human identities (AI Agents) that have their own permissions, access levels, and potential for "rogue" behavior.Assume Breach as a Culture: Security isn't just a set of tools; it’s a mindset. "Assume Breach" means every employee and executive must operate with the default action of verifying before acting, especially regarding financial transactions or data access.The Intellectual Property Target: Threat intelligence isn't one-size-fits-all. A camera manufacturer faces different risks (IP theft) than a national tax office (financial disruption). Knowing your "Why" helps you build the right "How."Timestamped Highlights[01:10] – Jan Paul Oosterom’s role at Microsoft and his remit across EMEA.[03:45] – The "Elephant in the Room": Geopolitical risks and the pace of AI evolution.[05:50] – The 10,000 Agent Problem: How one customer already has a massive fleet of autonomous agents running.[07:20] – Deep dive into Identity Management: Protecting non-human identities.[12:15] – The evolution of phishing: Why attackers are now "spot on" with their messaging.[15:30] – The "Assume Breach" mindset: Moving from "Can we stop it?" to "How do we respond when it fails?"[18:45] – Threat Intel: Identifying your specific enemies based on your business IP.[24:10] – Closing thoughts: Why the Board needs to be challenged on security.Memorable Quotes"The days that we were able to easily recognize something bad are over." — Jan Paul Oosterom "What you need to protect is probably not what you have budget for. You need to get those things in line." — Quint Ketting "If you cannot truly verify that what you see is real or good—stop it and start asking questions." — Jan Paul Oosterom The Recommendation CornerMovie: Minority Report (Recommended by Jan Paul Oosterom)Why: It explores the philosophical and ethical boundaries of "Predictive Systems"—how far can we go in flagging "criminal behavior" before a crime is even committed?Quint was referring to a movie which was actually a Serie called: Hannah

    37 min

  2. 3 MAR ·  BONUS

    Bonus Episode: The AI Shift: From Script Kiddies to Agentic Warfare

    SecurityCafe Podcast: Bonus EpisodeThe AI Shift: From Script Kiddies to Agentic WarfareIn this unplanned, deep-dive "after-talk," Menno Van Der Horst, Quint Ketting, and Max Heinemeyer peel back the curtain on the rapid evolution of AI in cybersecurity. Recorded just weeks after a massive shift in the landscape, the trio discusses why the "old ways" of hacking are being supercharged by AI agents and what this means for national resilience. Key TakeawaysThe Scaling of Social Engineering: Data leaks (passports, IBANs, addresses) are no longer just static dumps; AI can now process these at scale to create hyper-personalized phishing campaigns for thousands of victims simultaneously. The "Agentic" Shift: We are moving from static scripts to AI Agents. Unlike traditional malware, agents can make autonomous decisions, potentially making them more effective but also far more unpredictable and dangerous (the "Stuxnet with a brain" scenario). The Defender’s Dilemma: While attackers don't care about "breaking" systems as long as they get in, defenders and penetration testers must remain deterministic and safe—a gap that AI is currently making harder to bridge.Systemic Resilience: Cybersecurity is no longer just about protecting a single company; it’s about the "ecosystem." National security now depends on how well the entire supply chain—from big telcos to small vendors—is defended.Timestamped Highlights[00:41] The Four-Week Shift: Max explains how AI has hit the mainstream for both attackers and personal assistance (OpenCloud, NotebookLM).[01:15] Weaponizing Data Dumps: How AI turns old-school data leaks into targeted, automated social engineering machines.[02:45] From SQLi to Prompt Injection: Quint draws a parallel between the early days of SQL injection and the modern "hobby" of breaking LLM guardrails.[04:48] Nation-State Guardrails: A look at how China and other actors use Western AI infrastructure and the risks of "spillover" (WannaCry style) in AI-led operations.[08:27] The "Autonomous Stuxnet": What happens when an attack isn't run by a human, but by an agent with its own prompts?[09:38] The Car Wash Paradox: Menno shares a hilarious (yet scary) anecdote about an AI losing the plot, illustrating why "hallucinations" in autonomous pen-testing are a major liability.[12:39] The End of the Human Bottleneck: Max discusses how AI is removing the "human hands" requirement for vulnerability research and exploit development.[16:40] The "Football Team" Analogy: Quint argues that cybersecurity needs to move past silos—even the best "players" (companies) lose if they don't play as a coordinated unit.[21:17] Reason for Optimism: Why Max believes NIS2 and the rise of ML-driven SOC operations give defenders a fighting chance to regain the upper hand.Links & Resources MentionedBacktrack / Kali Linux: The "old school" penetration testing roots. DARPA Grand Challenge (2016): The early race for autonomous cyber defense (Shellphish & Mayhem).NIS2 Directive: The evolving European legislation for cybersecurity.Sven Herpig: Mentioned as a leading researcher on nation-state cyber policy.

    23 min

  3. 25 FEB

    The Year of the Data Leak: Why SaaS is the New Frontier (with Max Heinemeyer & Quint Ketting)

    Show Notes | Episode: The Year of the Data LeakWelcome back to the Security Cafe, the podcast where we discuss cybersecurity with good coffee, questionable humor, and guests who—for their own good—know far too much about the cyber world. In this episode, your host Menno Van Der Horst sits down with regular guest Quint Ketting (our human equivalent of a SIEM) and special guest Max Heinemeyer, a heavyweight in cyber threat intelligence and AI-driven defense. As we kick off 2026, one thing is clear: the battlefield has shifted. We are no longer just fighting off ransomware; we are living in the "Year of the Data Leak." From massive telco breaches to compromised SaaS environments, the tactics are getting louder, faster, and more automated. In this episode, we break down: The Pivot in Tactics: Why attackers are moving away from complex network encryption and towards "low-hanging fruit" like CRM databases and SaaS solutions.The Identity Crisis: How AI-driven social engineering is becoming a machine, making phishing attempts nearly indistinguishable from reality.The "Least Privilege" Paradox: Why do we still struggle with basic principles 20 years later? We discuss how a single helpdesk account can lead to 6 million compromised records.Boardroom Liability & NIS2: Moving from "security as a risk" to personal accountability for the C-suite.The Watchlist: Why Mr. Robot is being outpaced by reality and which "hacker" shows you should avoid at all costs.Special Guest Highlight: Stick around for a meta-moment where Max’s own security team accidentally proves that real-world controls actually work during our recording. Grab your coffee, log your accounts, and join us in the chaos.

    38 min

  4. 26 JAN

    Navigating Cybersecurity in a Geopolitical Landscape

    Summary: In this episode of the Cybersecurity Cafe, Menno Van Der Horst, Koen, and Quint Ketting delve into the complexities of cybersecurity in the context of geopolitical tensions and digital autonomy. They discuss the importance of preparation, adaptation, and response in maintaining business resilience and sovereignty. The conversation also touches on the role of cybersecurity frameworks like ISO 27001 and NIST in enhancing organizational resilience.   Keywords:cybersecurity, digital autonomy, geopolitical tensions, business resilience, ISO 27001, NIST, sovereignty, cyber resilience, cybersecurity frameworks, digital sovereignty     Takeaways:  Sovereignty is becoming a crucial topic in cybersecurity.Preparation, adaptation, and response are key to resilience.Geopolitical tensions impact digital autonomy.ISO 27001 and NIST frameworks aid in resilience.Understanding your organization's purpose is vital.Cyber resilience protects brand and organization.Frameworks focus on preventing incidents.Resilience ensures business continuity.Digital sovereignty is linked to data control.Effective cybersecurity requires both planning and execution.

    32 min
  5. What to Expect in 2026?

    23/12/2025

    What to Expect in 2026?

    🎄 Security Café Christmas Special! 🎄 What does the future of cybersecurity look like in 2026? In this episode of the Security Cafe Podcast, host Menno van der Horst and guests Quint Ketting and Fred Streefland discuss the future of cybersecurity, focusing on predictions for 2026. They explore current trends, the impact of AI, the importance of government involvement, and the need for digital education. The conversation highlights the increasing threat of cybercrime and the necessity for organizations to adapt to new challenges in the digital landscape.   ✔ AI-driven security & prompt injection challenges ✔ Why government involvement is critical ✔ The role of digital education for future generations ✔ How collaboration can fight cybercrime – now the third-largest economy in the world Grab a coffee (or a mulled wine 🍷) and tune in to this insightful conversation! 🎧 Listen now! #Cybersecurity #ChristmasSpecial #AI #DigitalEducation #Cybercrime #SecurityTrends #Technology

    28 min
  6. AI and Cybersecurity: A New Frontier

    05/12/2025

    AI and Cybersecurity: A New Frontier

    In this episode of the Security Cafe Podcast, host Menno Van Der Horst and guests Ahmed Achchak and Quint Ketting discuss the intersection of AI and cybersecurity. They explore how AI can be both a tool for attackers and a defense mechanism for businesses. The conversation delves into the importance of trust in AI systems, the role of data in enhancing security operations, and the challenges posed by generative AI. The episode emphasizes the need for basic cybersecurity hygiene and the potential of AI to transform security operations while maintaining human oversight. Video Link: SecurityCafe ep29

    34 min
  7. Cyber Shadows and Quantum Fears — Halloween Special with Lars Klinghammer

    31/10/2025

    Cyber Shadows and Quantum Fears — Halloween Special with Lars Klinghammer

    In this Halloween edition of the Security Café Podcast, host Menno van der Horst and co-host Quint Ketting welcome special guest Lars Klinghammer for a spine-chilling deep dive into the darker corners of cybersecurity. Together, they explore: Recent Cyber Incidents: From data leaks and ransomware to the F5 source code breach — how these events ripple across organizations and supply chains.Incident Response & Recovery: Why many organizations still struggle when the lights go out — dependencies, communication breakdowns, and planning gaps.Resilience & Crown Jewels: Aligning technical and business priorities to protect what truly matters — and understanding the real-world impact of cyberattacks.AI & Quantum Computing: How emerging technologies are reshaping both attack and defense strategies — and why now is the time to prepare for the quantum era.Practical Tips & Resources: Lars’s top reads, blogs, and newsletters to help cybersecurity professionals stay ahead of the curve.🎃 Tune in for stories that are both frighteningly real and eerily insightful — a perfect Halloween brew of knowledge and caution for anyone navigating today’s cyber landscape.

    32 min
  8. CyberSec NL Special #3 with Josephine van luik

    09/10/2025

    CyberSec NL Special #3 with Josephine van luik

    🚨 Final episode of the CyberSec Café Live Edition – now streaming! Host Menno van der Horst, storyteller Quint Ketting, and guest Josephine van Luik (HSD Community Manager) wrap up the 3-part CyberSec NL series with a dive into OT security: 🏭 Building OT resilience 🧼 Why basic hygiene is still step one 🗺️ Understand: know what you have and who can be after it 🤝 Inside the OT HSD community – connecting people, sharing insights A great close to the CyberSec NL live trilogy – A must-listen for anyone navigating the intersection of OT and cybersecurity. 🎧

    19 min
See All (23)

About

“Pull up a chair at the Security Café – your monthly deep dive into the hottest cybersecurity news and trends. Each episode brings you an inspiring guest and a story that will spark your imagination. Produced by Quint & Menno (Atos), this is where insights meet conversation. Don’t just stay informed—join the discussion!”

Information

  • Creator
    Quint Ketting Menno van der Horst
  • Years Active
    2025 - 2026
  • Episodes
    23
  • Rating
    Clean
  • Copyright
    © 2025 Quint Ketting Menno van der Horst
  • Show Website
    Security Café