Breaking the Illusion: Exposing Security Fallacies

Threat Talks - Infographic Security Fallacies

Find this Threat Talk on

Exposing Security Fallacies

Breaking the Illusion: Confronting Cybersecurity’s Biggest Fallacies

Are we truly protecting ourselves from cyber threats, or are we blinded by outdated security practices? In this episode of Threat Talks, ON2IT’s Lieuwe Jan Koning sits down with cybersecurity experts Fleur van Leusden and Jeroen Scheerder for an in depth discussion on the challenges and misconceptions shaping cybersecurity today.

Our main guest, Fleur van Leusden, a seasoned CISO and host of the Dutch podcast ‘CISO Praat’, shares her insights on one of the industry’s biggest fallacies: the overreliance on end-user awareness to mitigate risks. Fleur argues that, despite our focus on educating users, the effectiveness of awareness training often falls short, underscoring the need for robust technical controls and systematic approaches to secure complex IT environments.

Don’t miss out on this dynamic discussion as we rethink traditional approaches and uncover the hidden vulnerabilities shaping today’s cybersecurity scene as:

 

  • The CrowdStrike auto-update disaster
  • Backdoor vulnerability in XZ Utils (CVE-2024-3094)
  • UNIX CUPS

 

Explore the Hack’s Route in Detail

Find a complete overview of the CrowdStrike Auto-Update Disaster and other attacks featured in Breaking the Illusion: Exposing Security Fallacies:

Your cybersecurity experts

Lieuwe Jan Koning

Co-Founder and CTO, ON2IT

Fleur van Leusden, CISO and Podcast Creator CISO Praat

Fleur van Leusden

CISO & Podcast creator

Jeroen Scheerder, ON2IT

Jeroen Scheerder

Security Architect, ON2IT

Episode details

It’s not enough to safeguard organizations against increasingly sophisticated threats.

Dive into some of the most pervasive myths in cybersecurity, using real-world incidents to underscore the risks of relying too heavily on awareness training. While end-user education is vital, our experts reveal why it’s not enough on its own to safeguard organizations against increasingly sophisticated threats. They argue for a balanced approach that integrates robust technical controls and system resiliency over the need of patching, moving beyond the flawed expectation that users alone can act as frontline defenders.

Exploring recent high-profile examples, the conversation dissects the CrowdStrike auto-update disaster, which resulted in blue screens for millions of endpoints; the backdoor vulnerability in XZ Utils (CVE-2024-3094), raising concerns about the integrity of trusted software; and a UNIX CUPS incident that exposed hidden risks in common printing systems. Together, these cases highlight the need for a proactive security framework—one that emphasizes on segmenting your network, continuous monitoring, and layered defenses over an over-reliance on human vigilance. Tune in for an eye-opening look at the technical measures needed to counter modern cyber threats effectively.

 

Best way to support Threat Talks

Is to like this episode and subscribe to our channels!

Threat Talks - Infographic Security Fallacies

Get your Hacker T-shirt

Join the treasure hunt!

Find the code within this episode and receive your own hacker t-shirt for free.

13 + 3 =

Threat Talks Shirt