Threat Talks - Your Gateway to Cybersecurity Insights

Threat Talks
  • ٥٫٠ (١)
  • أخبار التكنولوجيا
  • يتم التحديث أسبوعيًا

Threat Talks is your cybersecurity knowledge hub. Unpack the latest threats and explore industry trends with top experts as they break down the complexities of cyber threats. We make complex cybersecurity topics accessible and engaging for everyone, from IT professionals to every day internet users by providing in-depth and first-hand experiences from leading cybersecurity professionals. Join us for monthly deep dives into the dynamic world of cybersecurity, so you can stay informed, and stay secure!

  1. AI, Play It Safe: Why CISOs Are Wrong to Ban AI

    قبل يومين

    AI, Play It Safe: Why CISOs Are Wrong to Ban AI

    Playing it safe with AI sounds smart, but is banning it really how you prevent data leaks? In this episode of Threat Talks, ON2IT’s Lieuwe Jan Koning (ON2IT Co-Founder) sits down with Rob Maas, Field CTO at ON2IT, to tackle the hard question: How can CISOs and security leaders embrace AI safely—without exposing their organization to destructive data leaks? From Samsung’s ChatGPT ban to real-world AI hallucinations, we unpack why “AI, play it safe” doesn’t mean blocking innovation—it means controlling it. (00:00) - 00:00 – AI, play it safe introduction (00:00) - 00:41 – Customer fears: Ban AI or embrace it? (00:00) - 01:13 – Real case: $1 Chevrolet Tahoe & AI chatbots gone wrong (00:00) - 02:46 – Samsung’s ChatGPT ban: lessons for CISOs (00:00) - 06:50 – How AI transforms work & productivity (coding, translation, ops) (00:00) - 17:00 – Data exposure & AI governance: the #1 risk (00:00) - 30:21 – LLM on Prem (00:00) - 33:10 – AI hallucinations & unsafe outputs (dangerous examples) (00:00) - 40:50 – The CISO dilemma: Fall behind or take control Key Topics Covered• Why “banning AI” is a bigger risk than using it with the right safeguards.• Real-world AI risks: hallucinations, unsafe outputs, and data exposure.• Zero Trust approach to AI adoption: categorize sanctioned, tolerated, unsanctioned tools.• How CISOs can transform AI fear into competitive advantage with the right strategy.Additional Resources• ON2IT Threat Talks Podcast: https://www.on2it.net/threat-talks• Zero Trust Resources: https://www.on2it.net/zero-trust/ Guest & Host Links:Rob Maas (Field CTO, ON2IT): https://www.linkedin.com/in/robmaas83/ Lieuwe Jan Koning (Founding Partner, ON2IT): https://www.linkedin.com/in/lieuwejan/ If you’re a CISO, CIO, or security leader navigating the AI storm, this episode is a must-watch. Click here to view the episode transcript. 🔔 Follow and support our channel! 🔔=== ► YOUTUBE: https://youtube.com/@ThreatTalks► SPOTIFY: https://open.spotify.com/show/1SXUyUEndOeKYREvlAeD7E► APPLE: https://podcasts.apple.com/us/podcast/threat-talks-your-gateway-to-cybersecurity-insights/id1725776520 👕 Receive your Threat Talks T-shirthttps://threat-talks.com/ 🗺️ Explore the Hack's Route in Detail 🗺️https://threat-talks.com 🕵️ Threat Talks is a collaboration between @ON2IT and @AMS-IX

    ٤٥ من الدقائق
  2. Zero Trust step 5A: Stop Breaches—Inspect Every Event Now | The Cybersecurity Podcast

    ٢٦ أغسطس

    Zero Trust step 5A: Stop Breaches—Inspect Every Event Now | The Cybersecurity Podcast

    Zero Trust step 5A is where monitoring turns raw logs into decisive action.Hosts Lieuwe Jan Koning and Rob Maas (Field CTO, ON2IT) expose why MDR alone isn’t protection—and how context closes the gap. Learn to inspect every event, use Indicators of Good/Compromise, and set Rules of Engagement that stop lateral movement and alert fatigue. (00:00) - — Welcome & Step 5A (Monitor) setup (00:37) - — Steps 1–4 recap: protect surfaces, flows, architecture, policy (04:12) - — MDR vs protection: why “collect all logs” fails (07:28) - — Events vs logs: inspect every event & retention reality (10:22) - — Context from protect surfaces: mapping IPs to business systems (13:41) - — IoG vs IoC vs Unknown: triage model & beating alert fatigue (17:59) - — Rules of Engagement: automation, kill switch & blast radius (prevention first) Key Topics Covered• MDR ≠ protection: why Step 5A only works after Steps 1–4 are in place.• Events vs logs: what to keep, what to act on, and how to avoid SIEM sprawl.• Context from protect surfaces: mapping IPs to business systems to triage fast.• Automation with Rules of Engagement: IoG/IoC/Unknown, kill switches, and reducing blast radius.If this helped sharpen your Zero Trust monitoring strategy, subscribe to Threat Talks and turn on notifications—don’t miss Step 5B (Maintain). Additional Resources• https://on2it.net/zero-trust/• https://on2it.net/managed-security/protect-surface-management/• https://on2it.net/wp-content/uploads/2023/02/Zero-Trust-Dictionary-EN.pdf• https://on2it.net/context-is-key-the-data-challenge-of-cybersecurity/• https://threat-talks.com/• https://www.ams-ix.net/ Guest & Host Links:Rob Maas (Field CTO, ON2IT): https://www.linkedin.com/in/robmaas83/Lieuwe Jan Koning (Founding Partner, ON2IT): https://www.linkedin.com/in/lieuwejan/ Click here to view the episode transcript. 🔔 Follow and Support our channel! 🔔=== ► YOUTUBE: https://youtube.com/@ThreatTalks► SPOTIFY: https://open.spotify.com/show/1SXUyUEndOeKYREvlAeD7E► APPLE: https://podcasts.apple.com/us/podcast/threat-talks-your-gateway-to-cybersecurity-insights/id1725776520 👕 Receive your Threat Talks T-shirthttps://threat-talks.com/ 🗺️ Explore the Hack's Route in Detail 🗺️https://threat-talks.com 🕵️ Threat Talks is a podcast created in collaboration with ON2IT and AMS-IX. Each episode features leading cybersecurity experts sharing real-world insights on emerging threats, trends, and defense strategies — helping organizations stay secure in today’s rapidly evolving digital world. ON2IT website: https://on2it.net/AMS-IX website: https://www.ams-ix.net/ams

    ٢٥ من الدقائق
  3. From Stealth to Wipers: Inside Russia’s APT 44 AKA Seashell Blizzard | The Cybersecurity Podcast

    ١٩ أغسطس

    From Stealth to Wipers: Inside Russia’s APT 44 AKA Seashell Blizzard | The Cybersecurity Podcast

    Russia’s most notorious cyber unit—Seashell Blizzard (also known as Sandworm, APT 44 and Iron Viking)—has taken down shipping giants, Olympic systems, and Ukraine’s power grid. In this Threat Talks deep dive, Lieuwe Jan Koning, Yuri Wit (Red Team), and Rob Maas (Blue Team) reveal exactly how these attacks unfold, why they’re so hard to stop, and how Zero Trust can tip the balance back to defenders. (00:00) - – Cyber warfare in the Ukraine conflict: setting the stage (01:10) - – Who is Seashell Blizzard? Names, aliases, and Russian GRU ties (04:00) - – NotPetya, Olympic Games, and high-profile disruption campaigns (07:31) - – Initial access: stealth exploits on edge devices (11:40) - – Privilege escalation via Living-off-the-Land (LOLBin) tactics (15:23) - – Weaponizing Group Policy Objects with “Tank Trap” for mass wipers (19:13) - – Objectives: disruption, damage, and public bragging rights (23:40) - – Zero Trust defenses, segmentation, and last-resort recovery Key Topics Covered• Seashell Blizzard’s attack chain: from stealth reconnaissance to mass destruction.• NotPetya & global fallout: when a Ukraine-targeted attack crippled global shipping.• Defense strategies: hardening edge devices, segmentation, and EDR behavior detection.• Zero Trust in action: protecting critical assets before the breach happens.Related ON2IT Content & Referenced Resources• ON2IT Threat Talks Playlist: https://www.youtube.com/@ThreatTalks/playlists ON2IT Zero Trust Resources: https://on2it.net/zero-trust• MITRE ATT&CK – Sandworm Team (APT 44): https://attack.mitre.org/groups/G0034/ Click here to view the episode transcript. 🔔 Follow and Support our channel! 🔔=== ► YOUTUBE: https://youtube.com/@ThreatTalks► SPOTIFY: https://open.spotify.com/show/1SXUyUEndOeKYREvlAeD7E► APPLE: https://podcasts.apple.com/us/podcast/threat-talks-your-gateway-to-cybersecurity-insights/id1725776520 👕 Receive your Threat Talks T-shirthttps://threat-talks.com/ 🗺️ Explore the Hack's Route in Detail 🗺️https://threat-talks.com 🕵️ Threat Talks is a collaboration between @ON2IT and @AMS-IX

    ٢٥ من الدقائق

  4. ١٢ أغسطس

    Signal Gate: One Wrong Number Triggered the Largest U.S. Gov Data Leak | The Cybersecurity Podcast

    One mis-typed contact detonates Signal Gate, turning “secure” messaging into a classified-data leak.Host Lieuwe Jan Koning (Co-founder, ON2IT) and Thomas Manolis (Security Officer, AMS-IX) lay out the breach blow-by-blow—then drop the Zero Trust, Shadow IT and information-governance tactics every CISO needs before the next incident hits.High stakes, hard lessons—compressed into actionable steps you can brief to the board.Timestamps00:00 Cold-open: “wrong recipients” analogy00:37 What really happened in Signal Gate01:38 Mistake #1 – Choosing a consumer app over classified03:34 Mistake #2 – Human error: the mis-added journalist07:55 Shadow IT, usability & Secure Messaging Apps 09:10 Information Governance, audits and technical controls12:02 Zero Trust takeaways & action planKey Topics Covered• Anatomy of the Signal Gate breach & timeline• Why Shadow IT sabotages secure operations• Building airtight Information Governance for secure messaging apps• Operationalizing Zero Trust: least privilege, continuous verification, human-centric trainingRelated ON2IT Content & Referenced Resources• “Understanding Zero Trust – Lessons from Experts” whitepaper: https://on2it.net/resources/?• Zero Trust Readiness Assessment (PDF): https://on2it.net/wp-content/uploads/2022/05/Zero-Trust-Readiness-Assessment-EN-US.pdf• Threat Talks podcast hub: https://threat-talks.com/🔔 Follow and Support our channel! 🔔=== ► YOUTUBE: https://youtube.com/@ThreatTalks► SPOTIFY: https://open.spotify.com/show/1SXUyUEndOeKYREvlAeD7E► APPLE: https://podcasts.apple.com/us/podcast/threat-talks-your-gateway-to-cybersecurity-insights/id1725776520👕 Receive your Threat Talks T-shirthttps://threat-talks.com/🗺️ Explore the Hack's Route in Detail 🗺️https://threat-talks.com🕵️ Threat Talks is a collaboration between @ON2IT and @AMS-IX

    ١٤ من الدقائق

  5. ٦ أغسطس

    Splinternet Reality Check: Zero Trust Strategies for a Fragmenting Web

    ON2IT’s Lieuwe Jan Koning goes one-on-one with AMS-IX CEO Peter van Burgel to expose why the once-open internet is splintering into rival, firewalled regions. Discover the geopolitical forces fueling this cybersecurity trend. Learn the Zero Trust resilience moves CISOs must deploy to stay sovereign in the future of the internet.Key Topics Covered• Drivers behind the Splinternet & what they mean for CISOs• Scenario-planning methodology for threat forecasting• Aligning Zero Trust with data-localization mandates• Resilience vs. redundancy: how to build real business continuity• Earth-IX concept: keeping critical flows alive amid fragmentationRelated Content & Resources• ON2IT Zero Trust Framework → https://on2it.net/zero-trust/• AMS-IX MORE-IP Conference insights → https://www.ams-ix.net/ams• EU Digital Services Act overview → https://digital-strategy.ec.europa.eu/en🔔 Follow and Support our channel! 🔔► YOUTUBE: https://youtube.com/@ThreatTalks► SPOTIFY: https://open.spotify.com/show/1SXUyUEndOeKYREvlAeD7E► APPLE: https://podcasts.apple.com/us/podcast/threat-talks-your-gateway-to-cybersecurity-insights/id1725776520👕 Receive your Threat Talks T-shirthttps://threat-talks.com/🗺️ Explore the Hack's Route in Detail 🗺️https://threat-talks.com🕵️ Threat Talks is a collaboration between @ON2IT and @AMS-IX

    ٤٠ من الدقائق

  6. ٢٩ يوليو

    Zero Trust Step 4B: How to Secure Admin Access

    Administrative accounts come with serious power – and serious power, comes with serious risk.In part B of our deep dive into step four of Zero Trust (create Zero Trust policy), host Lieuwe Jan Koning and ON2IT Field CTO Rob Maas unpack how to build Zero Trust policies specifically for administrative access. They explore:1) Why admins are a high-value target – and what that means for policy2) How to build secure jump hosts and enforce strict access controls3) What ‘separation of identity’ really looks like in practice 🎧 Part B builds on the policy work discussed in part A. Worth a listen if you deal with access management or design policy.Shownotes⁃       Zero Trust Step 1 episode: https://youtu.be/mC66i-tEEFs⁃       Zero Trust Step 2 episode: https://youtu.be/wp0q9aZHuXc⁃       Zero Trust Step 3 episode: https://youtu.be/eGsw2JCnrac⁃       Zero Trust Step 4a episode: https://youtu.be/qT_nqbBEkVw

    ١٤ من الدقائق

  7. ٢٢ يوليو

    Mastering Step Four of Zero Trust: Policy Creation

    Now that you’ve defined your protect surfaces, mapped your transaction flows and built your Zero Trust architecture, it’s time for step four of Zero Trust: creating policy. In other words, it’s time to turn strategy into actual rules.In this episode of Threat Talks, host Lieuwe Jan and Koning and Field CTO of ON2IT Rob Maas talk through how to create and validate Zero Trust policies.They explore:·      What makes a ‘good’ policy (and why broad strokes won’t cut it)·      How to apply the Kipling method to policy creation·      Why policies need ongoing validation to stay effective Make sure to stay tuned for the second part of this episode as well, where Lieuwe Jan and Rob dive into the specifics of policy for administrative access.Shownotes⁃       Zero Trust Step 1 episode: https://youtu.be/mC66i-tEEFs⁃       Zero Trust Step 2 episode: https://youtu.be/wp0q9aZHuXc⁃       Zero Trust Step 3 episode: https://youtu.be/eGsw2JCnrac

    ٢٦ من الدقائق

  8. ١٥ يوليو

    Blockchain in a Post-Quantum World

    What does quantum computing mean for blockchain? And how should platforms respond before Q-day becomes reality? In this episode of Threat Talks, ON2IT Field CTO Rob Maas is joined by Jeroen Scheerder, who leads ON2IT's post-quantum cryptography research group. They explore how quantum algorithms interact with current blockchain designs, what makes certain cryptocurrencies more flexible than others, and where we're already seeing movement toward future-ready solutions. ⛓ How does blockchain actually work again? 🔓 What makes classical encryption vulnerable to quantum algorithms? 🧠 Why can't you just “update” Bitcoin? From cryptographic design to real-world limitations, this episode is all about understanding the risks and opportunities in a post-quantum future. Shownotes Post-Quantum Threat to Encryption episode : https://youtu.be/rimW1XJNNLo

    ٣٠ من الدقائق
مشاهدة الكل (٨٦)

مقطع ترويجي

حول

Threat Talks is your cybersecurity knowledge hub. Unpack the latest threats and explore industry trends with top experts as they break down the complexities of cyber threats. We make complex cybersecurity topics accessible and engaging for everyone, from IT professionals to every day internet users by providing in-depth and first-hand experiences from leading cybersecurity professionals. Join us for monthly deep dives into the dynamic world of cybersecurity, so you can stay informed, and stay secure!

المعلومات

قد يعجبك أيضًا