One unlocked phone can unravel the defenses of a billion-dollar enterprise—because in cybersecurity, small mistakes don’t stay small for long. Attackers can read notes, steal IDs, or impersonate you on WhatsApp. A reused password can launch a remote tool that looks completely legitimate.

Rob Maas (Field CTO, ON2IT) and Luca Cipriano (Cyber Threat Intelligence Program Lead, ON2IT) reveal how poor cyber hygiene erodes trust, endangers partners, and weakens enterprise defenses.
CISOs, CIO and IT managers remember: in a Zero Trust world, your weakest link might not even be inside your organization.

• (00:00) - Why your cyber hygiene affects others
• (00:28) - Meet the speakers (Rob Maas, Luca Cipriano)
• (00:47) - Cyber hygiene defined for CISOs
• (03:00) - Unlocked phone → passwords in notes, WhatsApp fraud, ID photos
• (05:53) - SOC case: contractor email compromise → remote tool drop (ConnectWise)
• (09:40) - OSINT: 19 breaches + iterative password reuse
• (17:01) - What to fix now: MFA, vaults, device lock, breach monitoring
• (20:24) - Final takeaways & resources

Click here to view the episode transcript.

Related ON2IT Content & Referenced Resources
• ON2IT: https://on2it.net/
• Threat Talks: https://threat-talks.com/
• AMS-IX: https://www.ams-ix.net/ams
• WatchYourHack: https://watchyourhack.com
• Have I Been Pwned: https://haveibeenpwned.com

Guest and Host Links:
Rob Maas, Field CTO, ON2IT: https://www.linkedin.com/in/robmaas83/
Luca Cipriano, Cyber Threat Intelligence Program Lead, ON2IT: https://www.linkedin.com/in/luca-c-914973124/

If this helped, subscribe to Threat Talks. Share this episode with your partners and contractors—stronger cyber hygiene across your ecosystem protects everyone.

🔔 Follow and Support our channel! 🔔
===
► YOUTUBE: https://youtube.com/@ThreatTalks
► SPOTIFY: https://open.spotify.com/show/1SXUyUEndOeKYREvlAeD7E
► APPLE: https://podcasts.apple.com/us/podcast/threat-talks-your-gateway-to-cybersecurity-insights/id1725776520

👕 Receive your Threat Talks T-shirt
https://threat-talks.com/

🗺️ Explore the Hack's Route in Detail 🗺️
https://threat-talks.com

🕵️ Threat Talks is a collaboration between @ON2IT and @AMS-IX

The internet promised freedom. Now it monetizes you. The trade-off? Convenience for control.
In this episode, Lieuwe Jan Koning and Prof. Jacobs reveal how scattered tools like meta and X create security gaps—and how one policy, fewer interfaces, and less data shared cut exposure and keep operations running.

Real examples you’ll hear:
• The neighborhood chat stuck on WhatsApp—and how switching to Signal breaks dependency.
• How your address book upload leaks other people’s data to platforms.
• Why secure doesn’t mean private on platforms that profit from your data.
• Age checks done right: passport chip + selective disclosure instead of oversharing.
• Patient groups and municipalities using PubHubs for private, verified rooms (no ads).
• Continuity risk in the real world: federated login outages, US-dependent authenticators, transatlantic cable cuts, and a court moving email to ProtonMail to stay operational.

• (00:00) - – Free vs. monetized internet
• (02:22) - – Facebook: secure ≠ private
• (05:31) - – WhatsApp vs. Signal trade-offs
• (07:05) - – Metadata & social graph risk
• (11:58) - – Attribute-based auth (Yi)
• (19:55) - – Decentralized login; split keys
• (28:11) - – PubHubs: private, verified rooms
• (49:54) - – Continuity: vendor/cable risk
• (56:01) - – Close & takeaways

Guest and Host Links:
Lieuwe Jan Koning (ON2IT Co-Founder): https://www.linkedin.com/in/lieuwejan/
Bart Jacobs: http://www.cs.ru.nl/~bart/

If this helped you strengthen your Zero Trust policy, subscribe, like, and share. New episodes weekly. Follow Threat Talks on YouTube, Spotify, and Apple Podcasts.

Click here to view the episode transcript.

🔔 Follow and Support our channel! 🔔
===
► YOUTUBE: https://youtube.com/@ThreatTalks
► SPOTIFY: https://open.spotify.com/show/1SXUyUEndOeKYREvlAeD7E
► APPLE: https://podcasts.apple.com/us/podcast/threat-talks-your-gateway-to-cybersecurity-insights/id1725776520

👕 Receive your Threat Talks T-shirt
https://threat-talks.com/

🗺️ Explore the Hack's Route in Detail 🗺️
https://threat-talks.com

🕵️ Threat Talks is a collaboration between @ON2IT and @AMS-IX

Boards don’t buy dashboards—they buy assurance. Breaches are late-stage symptoms of drift: rules pile up, logs lose signal, cloud/Kubernetes outpace governance. Lieuwe Jan Koning (ON2IT Co-Founder) and Rob Maas (Field CTO) show how Zero Trust Step 5B (Maintain) proves your controls still work—today.

• (00:00) - — Welcome & Zero Trust Step 5B
• (00:57) - — Five steps: fast recap
• (03:12) - — Maintain = policy validation
• (05:31) - — Vendor updates, hidden features
• (08:46) - — Traffic flows vs. reality
• (10:19) - — Behavior analytics, baselines
• (11:56) - — Cloud/K8s/service-mesh shifts
• (16:32) - — Wrap-up & next actions

Zero Trust Series
Step 1: https://youtu.be/mC66i-tEEFs
Step 2: https://youtu.be/wp0q9aZHuXc
Step 3: https://youtu.be/eGsw2JCnrac
Step 4A: https://youtu.be/qT_nqbBEkVw
Step 4B: https://youtu.be/fnKyMITZes8
Step 5A: https://youtu.be/N7pWXLxI6kY

Guest and Host Links:
Lieuwe Jan Koning (ON2IT Co-Founder): https://www.linkedin.com/in/lieuwejan/
Rob Maas (Field CTO, ON2IT): https://www.linkedin.com/in/robmaas83/

If this helped you strengthen your Zero Trust policy, subscribe, like, and share. New episodes weekly. Follow Threat Talks on YouTube, Spotify, and Apple Podcasts.

Click here to view the episode transcript.

🔔 Follow and Support our channel! 🔔
===
► YOUTUBE: https://youtube.com/@ThreatTalks
► SPOTIFY: https://open.spotify.com/show/1SXUyUEndOeKYREvlAeD7E
► APPLE: https://podcasts.apple.com/us/podcast/threat-talks-your-gateway-to-cybersecurity-insights/id1725776520

👕 Receive your Threat Talks T-shirt
https://threat-talks.com/

🗺️ Explore the Hack's Route in Detail 🗺️
https://threat-talks.com

🕵️ Threat Talks is a collaboration between @ON2IT and @AMS-IX