From ships and cities to hospitals and airports, Operational Technology (OT) keeps the world running. The problem? It was never designed with cybersecurity in mind.

In this episode of Threat Talks, host Karin Muller is joined by TC Hoot (VP of Contracts at TAC) and Luca Cipriano (Threat Intel Specialist at ON2IT) to explore how airports, hospitals, ports, and even water systems can be compromised.

Key topics they tackle:

🛳️ Why are modern ships, airports, hospitals and even cities targeted?

🛡️ What makes OT so hard to secure compared to IT?

✈ What do real-world OT threats look like and how can we defend against them?

If you’ve ever asked “how could a fish tank lead to a casino breach?” or “can someone actually hack an airport’s baggage system?” this one’s for you.

Zero Trust is about more than just IP addresses and firewalls: it’s about understanding what truly matters to your business.

In step one of Zero Trust: define your protect surface, we focus on how to prioritize what you want to protect, how to avoid common pitfalls, and how to kick off your Zero Trust journey from a solid, business-aligned foundation.

In this episode of Threat Talks, host Lieuwe Jan Koning and Field CTO Rob Maas get down to the basics of step one of Zero Trust: defining the protect surface.

They explore:

✅ Methods for defining protect surfaces

⛨ Establishing the relevance of each protect surface

📈 How to align your cybersecurity with business needs and goals

In this second episode of a multi-part deep dive on Zero Trust, Lieuwe Jan and Rob clarify where to start with Zero Trust implementation, discuss the importance of business and board involvement and explain why starting small is key.

Zero Trust is everywhere – but what does this actually mean? Is it a cybersecurity strategy, a set of tactics, a product you can buy, or just clever marketing?

In this kickoff episode of this Zero Trust series, Lieuwe Jan Koning and Rob Maas explore what Zero Trust actually is, how to think about it strategically, and why it’s not just about identity or buying new tools.

They discuss:

✅ Why Zero Trust isn’t a product, and what it actually is

🗺️ The five steps and four core principles of Zero Trust

🚧 Why business alignment – and not anything technical – is the hardest part of Zero Trust implementation

They debunk the most common myths, from “Zero Trust is identity” to “just buy a firewall,” and explain what it takes to embed Zero Trust into business operations. A must-watch, whether you’re just curious, are just starting your Zero Trust journey or are already well underway.

What happens when a cyber threat actor doesn’t want to make headlines? Volt Typhoon, a state-sponsored group tied to the People’s Republic of China, has been quietly infiltrating Western critical infrastructure, staying under the radar by avoiding malware, using native tools, and taking things slow.

In this episode of Threat Talks, Lieuwe Jan Koning is joined by Rob Maas and Luca Cipriano to break down how these attackers operate and what their endgame might be.

💨 What makes “low and slow” attacks so hard to detect?

🔧 How do living-off-the-land tactics help attackers blend in?

📉 What motivations do threat actors like Volt Typhoon have?

Volt Typhoon isn’t just another cyber threat: it’s a sign that the game has changed. If you’re focused on national security, infrastructure, or advanced threat defense, you won’t want to miss this episode.

Dark Markets are making cybercrime more accessible than ever. Malware, remote access tools, phishing kits, credit cards information: all of it is readily available, and oftentimes available as a service, if you just know where to look. Subscribing to these illicit services is now as easy as signing up for Disney+.

In this Deep Dive, host Rob Maas and special guest, cybersecurity researcher Michele Campobasso, discuss dark markets, and the rise of cybercrime-as-a-service.

Key questions answered in this Deep Dive:

🕶️ What are dark markets, and how do they work?

🔑 How do cybercriminals (or intrepid researchers) access these dark markets?

🎬 How is cybercrime becoming as accessible as a streaming service?

⚠️ What risks do businesses face from dark markets?

🔎 What role does threat intelligence plays in monitoring these markets?

With cybercrime as easy to access as a Netflix subscription, Rob and Michele explore how these underground marketplaces operate, how they’re changing the threat landscape, and what organizations can do to protect themselves.

The Dark Web Economy: Hacks for $10?

Would you pay $10 for access to a corporate system? Because someone on the dark web already has. In this episode of Threat Talks, host Lieuwe Jan Koning talks to cybersecurity researcher Michele Campobasso about the business of cybercrime. From ransomware services to stolen credentials, the dark web is thriving.

💰 How much is YOUR data worth on the dark web?
🚨What’s for sale—and who’s buying?
🛒 How is hacking becoming a subscription-based service?

Cybercriminals operate like well-run businesses, offering hacking tools, stolen credentials, and even customer support. But if cybercrime is getting more sophisticated, what can individuals and businesses do to fight back?

⏳ What happens when time goeswrong?

Time synchronizationis an overlooked but essential part of cybersecurity. A few microseconds ofdrift can lead to failed transactions, inaccurate forensic logs, or evensecurity breaches.

In this episode of ThreatTalks, host Rob Maas (Field CTO, ON2IT) and guest Jan van Boesschoten(Innovation Manager, AMS-IX) discuss:

· How does time impact cybersecurity, and whathappens when it drifts?

· Why is NTP no longer sufficient for high-speeddigital transactions?

· How does Precision Time Protocol (PTP) providemicrosecond accuracy (and why does that matter)?

· Could time manipulation be an attack vector,and how do organizations mitigate this risk?

From financialtransactions to forensic log analysis, knowing exactly when an eventoccurs can make or break an organization’s security posture.

Many organizations hesitate to implement SSL decryption due to concerns over complexity, privacy, and performance. However, the reality is that failing to decrypt means failing to see threats.In this Deep Dive, host Lieuwe Jan Koning and Rob Maas (Field CTO at ON2IT) explore why decrypting SSL traffic is critical for cybersecurity.

• Why is SSL decryption necessary, and what are the risks of ignoring encrypted traffic?
• How do modern malware and attacks leverage encryption to bypass traditional security measures?
• What are the top three things organizations must do to implement SSL decryption effectively?
• Why do only 3.5% of organizations have an active SSL decryption policy, and how can this change?

Rob Maas explains how decrypting SSL traffic allows security teams to detect and stop threats at an early stage, preventing malware downloads, phishing attempts, and web-based attacks before they reach endpoints.