Security Insights

How do you live through a cyber attack, and recover from it?

What lessons can you learn?

And why is resilience moving up the cybersecurity agenda?

In this special episode, we speak to Edwin Moraal, CISO at Dutch public safety body Veiligheidsregio Noord- en Oost-Gelderland (VNOG), about his experiences. And he's joined by Tim Pfaelzer, Veeam GM for EMEA, whose team helped with the recovery.

However prepared you think you are, there are always lessons to learn.

Soon, quantum computers will be able to decrypt "production grade" encryption, putting both privacy and security at risk.

But how close is "Q Day", and is a cryptographically relevant quantum computer a realistic prospect?

Is it something malicious actors will be able to obtain, and if so, how would they use it and what threat does that pose to confidentiality of our files, as well as our communications?

Our guest today is Moona Ederveen, an author, speaker and consultant who has been studying the impact of quantum computing on security.

Here, she discusses the scale of the threat, the steps organisations need to take to mitigate it, and why cybersecurity teams need to act with urgency.

Listeners can also access the Post-Quantum Preparedness Framework mentions in the episode here.

DDoS attacks have posed a threat since the late 1990s. And distributed denial of service attacks have proven to be hard to prevent, and to deter.

Security teams are better at detecting and blocking DDoS attacks than they were. But malicious actors have not stood still.

They are now using complex, multi-vector attacks rather than relying on volume alone; they are using AI to design attacks, and compromised IoT devices to launch them, according to research from NETSCOUT.

In this episode, we look at how DDoS is evolving, and what CISOs can do to reduce their impact.

Our guest is Darren Anstee, CTO for security at NETSCOUT.

In this CISO interview, we discuss the role of a CISO in a global technology services business, the changing threat landscape -- from geopolitics to the growth of AI -- and the importance of skills,  learning and cybersecurity education.

Our guest is Mike Baker, vice president and global chief information officer at DXC Technology.

Above all, he says, the CISO's role is to build a resilient team.

Interview by Stephen Pritchard.

Over the last few years, we’ve seen the resurgence of geopolitics as a driver for cybersecurity, especially in Europe. But the return of war to the continent is just one factor changing CISOs’ views of risk.

In this Insights Interview, we discuss developments in the threat landscape with Haider Pasha, CSO for EMEA at Palo Alto Networks, following the company’s recent Ignite event in London.

As he describes it, Europe faces its own pressures, as malicious actors exploit differences between countries, their policies and even cultures.

But security leaders in Europe, and elsewhere, also face challenges from AI, quantum computing, and a fragmented and increasingly complex regulatory landscape.

So how do security teams close those gaps?

Interview by Stephen Pritchard.

What, exactly, is threat intelligence? And how do CISOs use it?

Security teams now have access to multiple sources of information on threats and threat actors. These come from industry, from law enforcement, and even their own networks and SOCs.

But how effective is it against an ever-changing roster of adversaries? And how do CISOs become informed consumers of intelligence?

We invited Rafe Pilling, director of threat intelligence at Sophos, to discuss how threat intelligence has developed, in the context of some of the recent attacks and threat groups.

What is digital sovereignty, how does it relate to data sovereignty, and to resilience?

In this CISO Interview, we speak to Kim Larsen, CISO at Keepit, a service provider specialising in protecting data for SaaS applications.

With a career spanning policing, government and the private sector, he has witnessed the growing influence of geopolitics on cybersecurity. And he suggests both businesses and public sector bodies need to think about not just where their data are, but how to guarantee access to their technology if the worst does happen.

Interview by Stephen Pritchard

The cybersecurity skills gap might be narrowing. According to the latest Cybersecurity Workforce Study, from ISC2, CISOs are less concerned about the number of cyber professionals in their organisations. Instead, the focus is on whether they have the right mix of skills, to take on an increasingly complex threat landscape.

We go through the results of the research, and what it might mean for cybersecurity professionals at all points in their careers, with ISC2's COO, Casey Marks.

Interview by Stephen Pritchard

In the first episode of Series 7 of Security Insights,we welcome back Charl van der Walt, head of security research at Orange Cyber Defense.

We discuss the key findings of his team's 2026 Security Navigator report, how AI is tipping the balance of power in favour of malicious actors, and why resilience and agility should be on the CISO's agenda for this year.

Cybersecurity is about building resilient organisations. But this is impossible without resilient people.

Cyber defence is often a highly pressured working environment. And it can be lonely too. But if teams are unable to function at their best, attackers will exploit this.

In the second of our two episodes on cyber resilience, we look at its human side.

Our guests are Rebecca Taylor, threat intelligence knowledge manager and human intelligence researcher at Sophos, and Amelia Hewitt director of cyber consulting at Principle Defence. They're also known as the Cyber Agony Aunts.

They discuss steps organisations, and individuals, can take to improve their resilience with Stephen Pritchard.