Talks and articles

I greatly enjoying presenting to audiences large and small, conducting workshops or writing articles about cybersecurity.

The conferences where I spoke include ISF Worldwide Congress (
2011, 2014, 2015, 2017, 2018), Black Hat USA (2016) NCSC One Conference (keynote 2018), RSA Europe, SANS EU Forensic Summit (2010), Still Hacking Anyway – SHA (2017), O’Reilly Security Conference Europe (2016), BruCON (2016), (ISC)² Worldwide Congress (2016), London E-Crime Congress (2010, 2011), Microsoft Envision NL (2024) and Microsoft Ignite NL (2023).

Some examples of recordings, written interviews or articles can be found below.

🎤 Speaking engagements, presentations & webcasts

• NCSC One Conference 2018 – Hack your mind
• SHA 2017 – We don’t need no security!
• Black Hat USA 2016 – Security Through Design – Making Security Better By Designing for People
• BruCON 0x08 – Security Through Design
• Jaarevenement 2021 Cybersecurity Alliantie (in Dutch)
• DevOn summit 2017 – Security is dead
• Het is tijd voor een Deltaplan Cyber Security (in Dutch, with Inge Bryan)
• Iedereen is ICT-er: state of cybercrime (in Dutch)
• Webinar nation state threats (in Dutch)

🎙️ Podcasts & interviews

• Zoldersession podcast (in Dutch)
• Quality Code, Safer World: Rethinking Security in Software Development – Beyond Coding Podcast 
• Verdieping in de 8 Cyber Security basismaatregelen van het NCSC (in Dutch)
• Stop Blaming Users. Make Security User-Friendly.
• Cyber Security District podcast: it’s the people, stupid!
• Cyber Chain Resilience podcast (in Dutch)
• NCSC Enter – Oekraïne: schouder-aan-schouder (in Dutch)

👥 Panel Sessions

• Insight organiseert The Best Kept Secret (short event summary in Dutch)
• The Best Kept Secret – Insight (full event)
• Cybersecurity TV Nederland Episode 4 – Microsoft
• Het Nationale Cybersecurity Debat (in Dutch)
• Digital Safe Cities: securing the infrastructure of tomorrow
• Virtuele rondetafel over DORA: Leer van early adopters en de toezichthouder (Eraneos) (in Dutch)
• Voor cybersecurity is de cloud veiliger dan systemen in eigen beheer (CTAC) (in Dutch, English subtitles)
• Hybrid working in progress (in Dutch)
• Open Dialoog Pakhuis de Zwijger: Kunstmatige Democratie (in Dutch)
• Bescherm je bedrijfsvoering en creëer Security Awareness (Axians) (in Dutch)
• Voorkom je cyberaanvallen vooral door technische of menselijke factoren? (CTAC) (in Dutch, English subtitles)
• Wel of geen losgeld betalen wanneer je bent gehackt? (CTAC) (in Dutch, English subtitles)
• Port Cyber Cafe FERM – Cloud security (in Dutch)

📝 Articles & publications

• The human is not the weakest link – the human is the solution!
• Can a hacker be a builder instead of a breaker?
• Security through design – reading list
• Beveiligingswaarschuwingen als digitale buienradar (in Dutch)
• Why security is not about Prevention, but about building Capacity

📺 Media appearances & press

• De mens is een essentiële schakel in cybersecurity – dutchcowboys.nl (in Dutch)
• Column | Wat zijn de trucs van Russische hackers? – NRC (in Dutch) [mirror]
• Maybe Security Isn’t Just a ‘Human Stupidity’ Problem – sdxcentral.com
• Wachtwoorden: we moeten ervanaf. Maar hoe? – NOS (in Dutch)
• Spookie just stole your password – Times of India
• The rebellious origins of cybersecurity’s wittiest, must-read report
• Datensicherheit für Banken – Risiken erkennen und minimieren (in German)
• Strijd banken tegen phishing werpt vruchten af – RTL Nieuws (in Dutch)
• Petra Oldengarm reikt roze slot uit aan Deloitte tijdens #Hacktalk11 (in Dutch)
• Cybersecurity niet op orde?- New Business Radio (in Dutch)
• Gewoon beginnen’ is het advies voor veilig werken in de cloud (in Dutch)