Volt Typhoon spent years pre-positioning inside US critical infrastructure. Salt Typhoon pulled off one of the largest espionage campaigns in history. They didn't break in. They were already there.

So what do you actually do about it?

Caitlin Clarke, Senior Director of Cybersecurity Services at Venable and former Special Assistant to the President for Cybersecurity and Emerging Technology, joins Lieuwe Jan Koning, Co-founder and CTO at ON2IT Cybersecurity, to work through the practical steps security leaders should be taking right now, before the regulatory guidance catches up with the threat.

What's in this episode for you:

• A clearer view of what's actually in your stack. Hardware is the easy part. Software updates, open source libraries, AI-generated code, outsourced R&D — any of it could be adversarial, and most teams have never asked.
• A practical way to map your supply chain before you have to. Fourth party. Nth party. Vendor exit strategies baked into business continuity. Procurement and security in the same room before the purchase, not after the incident.

A framing that goes beyond the technical. Insider risk. IP theft. Economic espionage. Nation state actors target people and research, not just networks — and that's the gap most organizations leave wide open.

Timestamps

00:00 – Introduction: Critical Infrastructure and the Nation State Threat

01:45 – Volt Typhoon, Salt Typhoon and Why CISOs Need to Think Differently

03:21 – What Is Actually in Your Stack: Critical Infrastructure Cybersecurity Beyond Hardware

09:32 – Mapping Your Supply Chain Including Your Supplier's Suppliers

16:34 – Software, Open Source and AI: The Layers of Risk Most Organizations Have Not Mapped

21:59 – Insider Risk, IP Theft and Economic Security + Wrap Up

Key Topics Covered

• Why cost-driven procurement decisions create long-term security exposure
• How to map your supply chain including your supplier's suppliers
• What the Huawei rip-and-replace experience tells us about waiting too long
• How software, open source and AI-generated code extend the risk beyond hardware
• Why insider risk and IP theft belong in the same conversation as supply chain security

Resources

• Threat Talks – New US Cyber Strategy https://youtu.be/KIByq-ynIZA
• Threat Talks: https://threat-talks.com/
• ON2IT (Zero Trust as a Service): https://on2it.net/
• AMS-IX: https://www.ams-ix.net/ams

Subscribe to Threat Talks and turn on notifications for deep dives into the world’s most active cyber threats and hands-on exploitation techniques.

🔔 Follow and Support our channel! 🔔

===

► YOUTUBE: / @threattalks

► SPOTIFY: https://open.spotify.com/show/1SXUyUE...

► APPLE: https://podcasts.apple.com/us/podcast...

👕 Receive your Threat Talks T-shirt

https://threat-talks.com/

🗺️ Explore the Hack's Route in Detail 🗺️

https://threat-talks.com

🕵️ Threat Talks is a collaboration between @ON2IT and @AMS-IX

If you're waiting for the executive orders to act, you're already behind.

The U.S. has just released a new national cyber strategy.

The core message is clear: stop waiting to be hit, and start making it costly to try.

In this episode of Threat Talks, Caitlin Clarke, Senior Director of Cybersecurity Services at Venable and former Special Assistant to the President for Cybersecurity & Emerging Technology, join Lieuwe Jan Koning, Co-founder & CTO at ON2IT Cybersecurity to break down what the strategy actually says, and what it means for your organization.

The direction is clear. The details are still coming.

But the clock is already running.

This episode helps you stay ahead with three clear pillars of the strategy:

• Pillar 1: Shaping adversary behavior – making it harder, costly and risky to target US and allied interests.
• Pillar 2: Regulatory simplification – deregulation, or simply harmonizing cyber incident reporting requirements
• Pillar 4: Securing critical infrastructure – your stack may already contain foreign technology that can be labelled as ‘adversarial’

Spoiler alert: if you haven't started your Zero Trust and post-quantum cryptography roadmaps yet, the new strategy has a message for you too.

Timestamps

00:00 – America's New Cyber Strategy: First Impressions

01:28 – What the US National Cyber Strategy Is Really Saying

02:52 – Pillar 1: Shaping Adversary Behavior and Cyber Deterrence

10:28 – Pillar 4: Securing Critical Infrastructure and Adversary Technology

18:07 – Pillar 2: Harmonizing Cyber Incident Reporting Requirements

22:17 – What CISOs Should Do Now: Supply Chain, Zero Trust and Post-Quantum Cryptography

27:11 – Wrap up

Key Topics Covered

• What the US national cyber strategy means for security leaders
• How cyber deterrence is shifting beyond pure defense
• Why supply chain risk is now a board-level issue
• What regulatory simplification means for cyber incident reporting requirements
• Where Zero Trust and post-quantum cryptography fit in

Resources

• Threat Talks – Vendor Audit episode with Lokke Moerel: https://www.youtube.com/watch?v=hyKOxJUa4Go
• Threat Talks – Vendor dependency episode with Bart Groothuis: https://www.youtube.com/watch?v=Vj5Z7RYMACY
• Office of National Cyber Director website: https://www.whitehouse.gov/oncd/
• Threat Talks: https://threat-talks.com/
• ON2IT (Zero Trust as a Service): https://on2it.net/
• AMS-IX: https://www.ams-ix.net/ams

Subscribe to Threat Talks and turn on notifications for deep dives into the world’s most active cyber threats and hands-on exploitation techniques.

🔔 Follow and Support our channel! 🔔

► YOUTUBE: / @threattalks

► SPOTIFY: https://open.spotify.com/show/1SXUyUE...

► APPLE: https://podcasts.apple.com/us/podcast...

👕 Receive your Threat Talks T-shirt

https://threat-talks.com/

🗺️ Explore the Hack's Route in Detail 🗺️

https://threat-talks.com

🕵️ Threat Talks is a collaboration between @ON2IT and @AMS-IX

We always worried about lock-in.

But the real risk is getting locked out – of your cloud.

Your data may sit in Europe.

Your systems may run on trusted platforms.

But if access is restricted tomorrow – by a provider, a government, or a legal decision - what actually happens?

Can you still operate?

In this episode of Threat Talks, Lieuwe Jan Koning (co-founder and CTO at ON2IT Cybersecurity) speaks with Lokke Moerel (Professor of Global ICT Law at Tilburg University and leading expert in EU cybersecurity regulation) to break down what data sovereignty really means- beyond the illusion of control.

Because sovereignty doesn’t fail where you think it does.

It breaks in four places:

• Storage - where your data lives
• Access - who can reach it (and revoke it)
• Operations - whether you can keep running without your provider
• Jurisdiction - which laws override your control

Most organizations only solve the first - and that’s where the real risk starts: dependency on providers you don’t control.

As cloud and AI deepen that dependency, the question isn’t where your data sits, but who decides what happens to it tomorrow.

From sovereign cloud initiatives to European AI models like GPT-NL, this episode explores how regions are trying to regain control, and why relying entirely on big tech may not be sustainable.

Key Topics Covered

• What data sovereignty really means beyond data location
• How dependency on cloud providers impacts AI data governance
• Why jurisdiction, access, and control matter more than compliance
• What organizations must do to regain control over data and infrastructure

Resources

• Threat Talks: https://threat-talks.com/
• ON2IT (Zero Trust as a Service): https://on2it.net/
• AMS-IX: https://www.ams-ix.net/ams

Subscribe to Threat Talks and turn on notifications for deep dives into the world’s most active cyber threats and hands-on exploitation techniques.

🔔 Follow and Support our channel! 🔔

===

► YOUTUBE: / @threattalks

► SPOTIFY: https://open.spotify.com/show/1SXUyUE...

► APPLE: https://podcasts.apple.com/us/podcast...

👕 Receive your Threat Talks T-shirt

https://threat-talks.com/

🗺️ Explore the Hack's Route in Detail 🗺️

https://threat-talks.com

🕵️ Threat Talks is a collaboration between @ON2IT and @AMS-IX