Security Café

Quint Ketting Menno van der Horst

“Pull up a chair at the Security Café – your monthly deep dive into the hottest cybersecurity news and trends. Each episode brings you an inspiring guest and a story that will spark your imagination. Produced by Quint & Menno (Atos), this is where insights meet conversation. Don’t just stay informed—join the discussion!”

  1. 1 day ago

    AI Where It Matters, Not AI Everywhere — with Zeina Zakhour, Global Cyber CTO Atos/Eviden

    AI Where It Matters, Not AI Everywhere — with Zeina Zakhour, Global CTO Cybersecurity at Eviden (Atos) Recorded live at CISO Day, this episode brings Menno van der Horst and co-host Quint Ketting together with Zeina Zakhour, Global CTO for Cybersecurity at Eviden (Atos), for a fast-moving conversation on where cyber is heading and what it really takes to keep up. We open with a sobering reality: many of today's threats are exposing weaknesses that have existed for decades. The panic isn't warranted — but action is. Zeina makes the case that the issue is rarely a lack of technology depth, but a lack of security depth: the basic hygiene and foundational controls that too many organisations still treat as something for "next year." Spoiler — next year is no longer an option. From there we get into the heart of it: — Adaptive, systemic resilience. Security can't be an afterthought bolted on once innovation ships. It has to sit at the core. We dig into why maturity built once and then left alone decays faster than most leaders expect. — Risk first, always. You don't secure a water utility the way you secure a hospital, a retailer or a bank. Every organisation has its own ecosystem and purpose — and that's where Eviden's Prepare, Respond, Adapt approach starts: understanding who you are, then keeping your risk picture live rather than buried in a spreadsheet updated once a year. — AI, agents and the new attack surface. Not "AI everywhere" — AI where the risk, the data and the friction justify it. We talk identity as the number one attack vector, the danger of human-led processes throttling machine-speed tooling, prompt and meta-prompt injection, agent goal drift, kill switches, and what "identity" even means for an autonomous agent that has intent, makes decisions and calls tools. — Chained vulnerabilities. Why "we'll only fix the high-severity CVEs" is the wrong instinct — low-severity issues can be chained into something genuinely exploitable, fast. — Sovereignty vs autonomy. A crucial distinction too many conflate. We get into data residency, technological sovereignty, the model/middleware/GPU reality of "sovereign AI" today, post-quantum, and why Europe can only answer these questions together rather than country by country. We close where good security conversations always seem to land: sharing more, building a bubble of trust, backing European innovation and startups, and staying agile enough to adapt as the ground keeps shifting. Zeina's recommendations: 📑 Atos Cyber Shield blog and Threat Research Center — regular, genuinely interesting analysis on new campaigns and malware variants. 📖 The Five People You Meet in Heaven by Mitch Albom — nothing to do with cyber, everything to do with being worth your time. 🎧 Listen now, and let us know your take in the comments. #SecurityCafe #Cybersecurity #CISO #AISecurity #Resilience #DigitalSovereignty

    29 min

  2. 28 May

    Data is the New Uranium: Critical Infrastructure, CISOCommunity & AI with Dimitri van Zantvliet (NS)

    A SecurityCafe special, recorded live at CISOday 2026 with Dimitri van Zantvliet — CISO & Cybersecurity Director at Nederlandse Spoorwegen (NS), Chairman of the CISO Community NL and co-founder of CISOday. Host Menno van der Horst is joined by co-host Quint Ketting for a wide-ranging conversation on what it actually takes to defend critical infrastructure in a world where the geopolitical, technological and threat landscape is shifting faster than ever. In this episode: - Why CISOday and the CISO Community NL exist, and how community accelerates maturity across the sector - Becoming a NIS1 critical entity in 2021 and how the war in Ukraine reshaped NS's threat model overnight - Belarusian railway wiperware, Iranian-aligned activity, and the recent railway incident in Florida - Working with NCSC, NCTV, AIVD, the Rail-ISAC and Dutch ISAC to exchange threat intel - Building an in-house CTI team of five — strategic, tactical, operational and technical - The NS Cyber Academy: training people from train drivers to office staff into cyber roles, plus SANS, CISSP and CISA tracks - Why stamina and curiosity beat a classic IT background when hiring — including the case for ex-Olympians, HYROX athletes and journalists - The cultural shift from "my threat intel is my IP" to active two-way sharing across the ecosystem - Supplier risk as a knock-out criterion: no ISO 27001 / SOC 2 Type 2, no business - AI and Gen.AI as the new frontier — from "data is the new gold" to "data is the new uranium" - Quantum on the horizon, and why the impact reaches far beyond encryption - The basics still decide everything: MFA, passwords, segmentation — and the move toward real-time patching - Autonomous agents as the next attack vector we don't yet fully understand - Historical parallels, from the AIDS Trojan on floppy disk to ILOVEYOU and SQL Slammer - Nassim Taleb's Antifragile — and why "prepare, respond, adapt" is the cycle every organisation needs - Cybersecurity is no longer an IT conversation; it's geopolitics, brand, and business continuity Book of the episode: - Antifragile — Nassim Nicholas Taleb About the guest: Dimitri van Zantvliet is CISO & Cybersecurity Director at NS, Chairman of the CISO Community NL and co-founder of CISOday. He joined NS five years ago and has led the organisation's response to the post-2021 shift in geopolitical and cyber risk affecting European critical infrastructure. Working at NS: Dimitri's team is hiring. If cybersecurity at one of the Netherlands' most critical infrastructure providers sounds like your kind of challenge, check the openings at werkenbijns.nl. About SecurityCafe: SecurityCafe is hosted by Menno van der Horst with co-host Quint Ketting — an open conversation about the strategic, technical and human sides of cybersecurity. Produced by Quint Ketting. Subscribe wherever you get your podcasts. This CISOday special was made possible in partnership with Atos.

    28 min

  3. 12 May ·  Bonus

    SecurityCafe Special | Mythos – Facts, Fiction and What You Need to Do Now

    About this episode In this special edition of SecurityCafe, Quint Ketting and Koen Maris join host Menno van der Horst for an open, no-nonsense conversation about Mythos — Anthropic's frontier AI model expected to become more widely available around mid-August. No panic, no hype — just an honest look at what will actually change, and what your organization should already have been doing. What we cover Mythos: revolution or evolution? Koen opens with a sharp reality check: if it takes five days to build an exploit today and Mythos brings that down to twenty hours — how much really changes? The hype around Mythos risks drawing attention away from what's already happening. Claude Opus 4.7 is already live, carrying many of the same capabilities, with barely anyone noticing. The real shift: accessibility The barrier to sophisticated attacks is dropping fast. It's not that experts are becoming more dangerous — it's the new wave of attackers without deep technical skills that warrants concern. Quint illustrates the point with his own experience using Claude: from building custom tools to recovering audio from a faulty recording. What this means for your organization Cyber hygiene first. If your foundations aren't in order, you already have a problem — Mythos just makes it more visible and more urgent.Third-party contracts. Patch response clauses of 90 days or more are no longer viable. Time to renegotiate.Asset management. If you don't know what you have, you don't know what to protect. A scan often reveals 40% more assets than organizations think they manage.Exposure management. Unmanaged assets are exactly where attackers will strike first.Patch cycles. Microsoft recently released 250 patches in a single Patch Tuesday — normally 10 to 20. That pattern is not a coincidence.Prepare, Respond, Adapt Koen introduces the PRA framework: we are currently in a fragile peace. Use this window well. Organizations that prepare thoroughly will weather the storm quickly. Those that don't may find themselves in a prolonged and costly recovery. Frontier AI: the next buzzword — and what it actually means Mythos is part of a broader phenomenon. Vendors like Palo Alto are already embedding the same AI engines into their defensive toolsets. The question isn't whether this will affect you — it's whether you'll be ready. Project Glasswing & responsible disclosure Anthropic has given early access to a select group of major technology companies, resulting in both an explosion of patches and new AI-powered defenses. Responsible management of this capability is exactly the right approach — and a model the industry should follow. Key takeaways Start an internal working group now. Structure it with proper governance, board-level reporting, and weekly progress reviews.Review your third-party agreements: do your SLAs still hold in a world of 24/7 patching?Don't wait for Mythos to get your basics right. A low security maturity level cannot be fixed in two months.Frontier AI is the bigger frame. Follow developments across Anthropic, Google, and others — not just the Mythos headlines.Guests linkedin.com/in/menno-van-der-horst-74710794linkedin.com/in/koen-marislinkedin.com/in/quintketting

    29 min
  4. Navigating the Future of Cybersecurity, Frontier-AI, and Society: Insights from the Security Café

    7 May

    Navigating the Future of Cybersecurity, Frontier-AI, and Society: Insights from the Security Café

    SecurityCafe – Liesbeth Holterman, Cyberveilig NederlandHosts: Quint Ketting & Menno Recorded: Eindhoven Studio (our first ever in-person guest!) We always say: Prepare. Respond. Adapt. — Quint's microphone broke mid-recording. We practiced what we preached. 🎙️💀 About Our GuestLiesbeth Holterman is Managing Director of Cyberveilig Nederland — the Dutch trade association for the cybersecurity industry, focused on improving quality, transparency, and the digital resilience of the Netherlands. What We DiscussedData leaks — daily news, preventable problems Breaches are no longer weekly — they're daily. Social engineering, not sophisticated hacking, is the attacker's weapon of choice. The Odido case is a perfect example. Basic cyber hygiene remains the answer. Check your credentials: 👉 HaveIBeenPwned.com AI & Mythos — marketing or menace? Agentic AI can scan environments and find zero-days at scale. Bad actors have been using LLMs for a while already — what's new is that low-skill attackers now have access too. Bruce Schneier calls some of the fear "marketing hype" — but the underlying shift is real. The good news: in 4–5 years, defence will benefit just as much. 👉 Schneier on Security NIS2 & EU legislation Don't know where to start with cyber hygiene? Read NIS2 Article 21 — it's a solid baseline checklist. Legislation is finally getting boards to ask the right questions. 👉 NIS2 Directive | Article 21 Dutch critical infrastructure The Netherlands' legendary efficiency — remote dikes, interconnected logistics, everything online — is also its biggest attack surface. The cybersecurity workforce of tomorrow AI will reshape roles like pen testing and SOC analysis. But the need for cyber professionals is still enormous. The sector isn't thinking strategically enough about what this means. Liesbeth's call: reach out, collaborate, have the conversation. 👉 cyberveilignederland.nl 🎬 RecommendationsQuint → Hanna (Amazon Prime) A girl targeted by a CIA program for what an algorithm predicts she'll do — not what she's done. A thought-provoking lens on AI, surveillance, and pre-emptive power. 👉 IMDb Liesbeth → The Boys (Amazon Prime) Superheroes in the hands of a private corporation guided by profit, not public interest. Sound familiar? 👉 IMDb SecurityCafe — because good security conversations deserve good coffee.

    47 min
  5. The Rise of the Agents & Modern Geopolitics

    30 Mar

    The Rise of the Agents & Modern Geopolitics

    Host: Menno van der Horst Regular Guest & Chief Storyteller: Quint Ketting Special Guest: Jan Paul Oosterom (EMEA Regional Business Lead for Security, Microsoft) Episode SummaryIn this episode, the trio dives into the rapidly shifting threat landscape. While geopolitical tensions remain the "elephant in the room," the real tactical shift is happening within the realm of AI Agents. Jan Paul explains why identity management is no longer just about people—it’s about governing the thousands of non-human entities now operating within corporate environments. The team discusses the "Assume Breach" mindset, the death of "badly written" phishing emails, and why protecting your Intellectual Property (IP) requires a deep understanding of who exactly is targeting you. Key TakeawaysThe Identity of Agents: We are moving beyond managing human access. Organizations now face the challenge of managing non-human identities (AI Agents) that have their own permissions, access levels, and potential for "rogue" behavior.Assume Breach as a Culture: Security isn't just a set of tools; it’s a mindset. "Assume Breach" means every employee and executive must operate with the default action of verifying before acting, especially regarding financial transactions or data access.The Intellectual Property Target: Threat intelligence isn't one-size-fits-all. A camera manufacturer faces different risks (IP theft) than a national tax office (financial disruption). Knowing your "Why" helps you build the right "How."Timestamped Highlights[01:10] – Jan Paul Oosterom’s role at Microsoft and his remit across EMEA.[03:45] – The "Elephant in the Room": Geopolitical risks and the pace of AI evolution.[05:50] – The 10,000 Agent Problem: How one customer already has a massive fleet of autonomous agents running.[07:20] – Deep dive into Identity Management: Protecting non-human identities.[12:15] – The evolution of phishing: Why attackers are now "spot on" with their messaging.[15:30] – The "Assume Breach" mindset: Moving from "Can we stop it?" to "How do we respond when it fails?"[18:45] – Threat Intel: Identifying your specific enemies based on your business IP.[24:10] – Closing thoughts: Why the Board needs to be challenged on security.Memorable Quotes"The days that we were able to easily recognize something bad are over." — Jan Paul Oosterom "What you need to protect is probably not what you have budget for. You need to get those things in line." — Quint Ketting "If you cannot truly verify that what you see is real or good—stop it and start asking questions." — Jan Paul Oosterom The Recommendation CornerMovie: Minority Report (Recommended by Jan Paul Oosterom)Why: It explores the philosophical and ethical boundaries of "Predictive Systems"—how far can we go in flagging "criminal behavior" before a crime is even committed?Quint was referring to a movie which was actually a Serie called: Hannah

    37 min

  6. 3 Mar ·  Bonus

    Bonus Episode: The AI Shift: From Script Kiddies to Agentic Warfare

    SecurityCafe Podcast: Bonus EpisodeThe AI Shift: From Script Kiddies to Agentic WarfareIn this unplanned, deep-dive "after-talk," Menno Van Der Horst, Quint Ketting, and Max Heinemeyer peel back the curtain on the rapid evolution of AI in cybersecurity. Recorded just weeks after a massive shift in the landscape, the trio discusses why the "old ways" of hacking are being supercharged by AI agents and what this means for national resilience. Key TakeawaysThe Scaling of Social Engineering: Data leaks (passports, IBANs, addresses) are no longer just static dumps; AI can now process these at scale to create hyper-personalized phishing campaigns for thousands of victims simultaneously. The "Agentic" Shift: We are moving from static scripts to AI Agents. Unlike traditional malware, agents can make autonomous decisions, potentially making them more effective but also far more unpredictable and dangerous (the "Stuxnet with a brain" scenario). The Defender’s Dilemma: While attackers don't care about "breaking" systems as long as they get in, defenders and penetration testers must remain deterministic and safe—a gap that AI is currently making harder to bridge.Systemic Resilience: Cybersecurity is no longer just about protecting a single company; it’s about the "ecosystem." National security now depends on how well the entire supply chain—from big telcos to small vendors—is defended.Timestamped Highlights[00:41] The Four-Week Shift: Max explains how AI has hit the mainstream for both attackers and personal assistance (OpenCloud, NotebookLM).[01:15] Weaponizing Data Dumps: How AI turns old-school data leaks into targeted, automated social engineering machines.[02:45] From SQLi to Prompt Injection: Quint draws a parallel between the early days of SQL injection and the modern "hobby" of breaking LLM guardrails.[04:48] Nation-State Guardrails: A look at how China and other actors use Western AI infrastructure and the risks of "spillover" (WannaCry style) in AI-led operations.[08:27] The "Autonomous Stuxnet": What happens when an attack isn't run by a human, but by an agent with its own prompts?[09:38] The Car Wash Paradox: Menno shares a hilarious (yet scary) anecdote about an AI losing the plot, illustrating why "hallucinations" in autonomous pen-testing are a major liability.[12:39] The End of the Human Bottleneck: Max discusses how AI is removing the "human hands" requirement for vulnerability research and exploit development.[16:40] The "Football Team" Analogy: Quint argues that cybersecurity needs to move past silos—even the best "players" (companies) lose if they don't play as a coordinated unit.[21:17] Reason for Optimism: Why Max believes NIS2 and the rise of ML-driven SOC operations give defenders a fighting chance to regain the upper hand.Links & Resources MentionedBacktrack / Kali Linux: The "old school" penetration testing roots. DARPA Grand Challenge (2016): The early race for autonomous cyber defense (Shellphish & Mayhem).NIS2 Directive: The evolving European legislation for cybersecurity.Sven Herpig: Mentioned as a leading researcher on nation-state cyber policy.

    23 min

  7. 25 Feb

    The Year of the Data Leak: Why SaaS is the New Frontier (with Max Heinemeyer & Quint Ketting)

    Show Notes | Episode: The Year of the Data LeakWelcome back to the Security Cafe, the podcast where we discuss cybersecurity with good coffee, questionable humor, and guests who—for their own good—know far too much about the cyber world. In this episode, your host Menno Van Der Horst sits down with regular guest Quint Ketting (our human equivalent of a SIEM) and special guest Max Heinemeyer, a heavyweight in cyber threat intelligence and AI-driven defense. As we kick off 2026, one thing is clear: the battlefield has shifted. We are no longer just fighting off ransomware; we are living in the "Year of the Data Leak." From massive telco breaches to compromised SaaS environments, the tactics are getting louder, faster, and more automated. In this episode, we break down: The Pivot in Tactics: Why attackers are moving away from complex network encryption and towards "low-hanging fruit" like CRM databases and SaaS solutions.The Identity Crisis: How AI-driven social engineering is becoming a machine, making phishing attempts nearly indistinguishable from reality.The "Least Privilege" Paradox: Why do we still struggle with basic principles 20 years later? We discuss how a single helpdesk account can lead to 6 million compromised records.Boardroom Liability & NIS2: Moving from "security as a risk" to personal accountability for the C-suite.The Watchlist: Why Mr. Robot is being outpaced by reality and which "hacker" shows you should avoid at all costs.Special Guest Highlight: Stick around for a meta-moment where Max’s own security team accidentally proves that real-world controls actually work during our recording. Grab your coffee, log your accounts, and join us in the chaos.

    38 min

  8. 26 Jan

    Navigating Cybersecurity in a Geopolitical Landscape

    Summary: In this episode of the Cybersecurity Cafe, Menno Van Der Horst, Koen, and Quint Ketting delve into the complexities of cybersecurity in the context of geopolitical tensions and digital autonomy. They discuss the importance of preparation, adaptation, and response in maintaining business resilience and sovereignty. The conversation also touches on the role of cybersecurity frameworks like ISO 27001 and NIST in enhancing organizational resilience.   Keywords:cybersecurity, digital autonomy, geopolitical tensions, business resilience, ISO 27001, NIST, sovereignty, cyber resilience, cybersecurity frameworks, digital sovereignty     Takeaways:  Sovereignty is becoming a crucial topic in cybersecurity.Preparation, adaptation, and response are key to resilience.Geopolitical tensions impact digital autonomy.ISO 27001 and NIST frameworks aid in resilience.Understanding your organization's purpose is vital.Cyber resilience protects brand and organization.Frameworks focus on preventing incidents.Resilience ensures business continuity.Digital sovereignty is linked to data control.Effective cybersecurity requires both planning and execution.

    32 min
See All (27)

About

“Pull up a chair at the Security Café – your monthly deep dive into the hottest cybersecurity news and trends. Each episode brings you an inspiring guest and a story that will spark your imagination. Produced by Quint & Menno (Atos), this is where insights meet conversation. Don’t just stay informed—join the discussion!”

Information

  • Creator
    Quint Ketting Menno van der Horst
  • Years Active
    2025 - 2026
  • Episodes
    27
  • Rating
    Explicit
  • Copyright
    © 2025 Quint Ketting Menno van der Horst
  • Show Website
    Security Café

You Might Also Like