Breaking the Illusion: Exposing Security Fallacies
Find this Threat Talk on
Exposing Security Fallacies
Breaking the Illusion: Confronting Cybersecurity’s Biggest Fallacies
Are we truly protecting ourselves from cyber threats, or are we blinded by outdated security practices? In this episode of Threat Talks, ON2IT’s Lieuwe Jan Koning sits down with cybersecurity experts Fleur van Leusden and Jeroen Scheerder for an in depth discussion on the challenges and misconceptions shaping cybersecurity today.
Our main guest, Fleur van Leusden, a seasoned CISO and host of the Dutch podcast ‘CISO Praat’, shares her insights on one of the industry’s biggest fallacies: the overreliance on end-user awareness to mitigate risks. Fleur argues that, despite our focus on educating users, the effectiveness of awareness training often falls short, underscoring the need for robust technical controls and systematic approaches to secure complex IT environments.
Don’t miss out on this dynamic discussion as we rethink traditional approaches and uncover the hidden vulnerabilities shaping today’s cybersecurity scene as:
- The CrowdStrike auto-update disaster
- Backdoor vulnerability in XZ Utils (CVE-2024-3094)
- UNIX CUPS
Explore the Hack’s Route in Detail
Find a complete overview of the CrowdStrike Auto-Update Disaster and other attacks featured in Breaking the Illusion: Exposing Security Fallacies:
Your cybersecurity experts
Lieuwe Jan Koning
Co-Founder and CTO, ON2IT
Fleur van Leusden
CISO & Podcast creator
Jeroen Scheerder
Security Architect, ON2IT
Episode details
It’s not enough to safeguard organizations against increasingly sophisticated threats.
Dive into some of the most pervasive myths in cybersecurity, using real-world incidents to underscore the risks of relying too heavily on awareness training. While end-user education is vital, our experts reveal why it’s not enough on its own to safeguard organizations against increasingly sophisticated threats. They argue for a balanced approach that integrates robust technical controls and system resiliency over the need of patching, moving beyond the flawed expectation that users alone can act as frontline defenders.
Exploring recent high-profile examples, the conversation dissects the CrowdStrike auto-update disaster, which resulted in blue screens for millions of endpoints; the backdoor vulnerability in XZ Utils (CVE-2024-3094), raising concerns about the integrity of trusted software; and a UNIX CUPS incident that exposed hidden risks in common printing systems. Together, these cases highlight the need for a proactive security framework—one that emphasizes on segmenting your network, continuous monitoring, and layered defenses over an over-reliance on human vigilance. Tune in for an eye-opening look at the technical measures needed to counter modern cyber threats effectively.
Best way to support Threat Talks
Is to like this episode and subscribe to our channels!
Get your Hacker T-shirt
Join the treasure hunt!
Find the code within this episode and receive your own hacker t-shirt for free.