Cyber Security District

Title: Securing the World´s biggest HR Firm | Martijn Nykerk, CISO at Randstad | Cyber Security District
Episode Description:
What does it take to secure a company that manages the careers of millions of people across the globe?
In this episode of Cyber Security District, we sit down with Martijn Nykerk, CISO at Randstad, one of the world’s largest HR and recruitment firms, with over 6,000 branches across 38 countries. Martijn has spent 20 years inside Randstad, growing from running the Dutch telco infrastructure to becoming its first global CISO, building security from the ground up as the company transformed from a federation of local operators into a true multinational.
With an engineering background forged on North Sea gas platforms, Martijn brings a rare perspective to the CISO role: the ability to zoom in and out across technical, process, organizational, and business layers simultaneously. In this conversation, he breaks down what that actually looks like in practice, why social skills matter more than most security professionals think and how to build a security function that people want to work with. 
In this episode, we explore:
How Martijn’s career started on a North Sea gas production platform  and why safety systems are the original cybersecurity
What it took to build Randstad’s first global security function from scratch
The CISO dilemma: centralize or embed? 
How to build a security team people actually want to engage with
Managing vulnerability backlogs, budget battles, and the patching problem
The real-world incident that moved cybersecurity from priority 43 to priority 1 overnight
How AI is lowering the barrier for attackers  including 16-year-olds running perfect phishing campaigns
Why CISO community-building and information sharing matter more than ever
Timestamps:
(00:00) – Introduction
(01:15) – Starting on a North Sea gas platform
(05:30) – Joining Randstad and running the Dutch telco infrastructure
(09:00) – Becoming Randstad’s first global CISO
(14:20) – The “zoom in and zoom out” CISO mindset
(19:45) – What would surprise someone shadowing a CISO for a week
(24:10) – Compliance-heavy vs. risk-driven CISO profiles
(28:30) – Embed vs. centralize: the security team structure debate
(33:00) – How to make security a team people want
(37:15) – Patching, vulnerability backlogs, and the budget war
(42:30) – Building a security narrative that lands with leadership
(46:00) – The incident that changed everything: data breach and crisis response
(53:20) – What makes a great security professional (hint: it’s social skills)
(58:00) – The CISO hiring interview: starting with “What questions do you have for me?”
(01:02:10) – Community building and the 80% overlap problem
(01:07:30) – AI as an attacker accelerant 
(01:12:00) – Final message to CISOs: trust each other and share more
 
Connect with the guest:
Martijn Nykerk: https://www.linkedin.com/in/martijnnykerk/
 
Follow Cyber Security District:Laurens Jagt on LinkedIn: https://www.linkedin.com/in/laurensjagt/Website: https://www.cybersecuritydistrict.com/All channels & newsletter: https://beacons.ai/cybersecuritydistrict
 

In this episode of Cyber Security District, we speak with Chris Zadeh, serial entrepreneur, fintech pioneer, angel investor, and author. Chris was founder and CEO of Ohpen, one of the first cloud-native core banking platforms in Europe, orchestrating more than €100 billion in financial flows. After building and scaling Ohpen for ten years, he exited and shifted his focus to investing, launching a dedicated cybersecurity fund and his own investment vehicle.
From growing up without financial privilege to becoming one of the early digital banking pioneers at Binck in the Netherlands, Chris shares an unfiltered look at execution, obsession, discipline, and what it truly takes to win in regulated markets. Now Chris is investing in cybersecurity startups, Chris explains what he looks for in founders, why AI is reshaping risk and compliance, and why Europe must rethink digital sovereignty.
In this episode, we cover:
Chris’ founder journey: from Binck Bank scale-up years to building Ohpen for 10 years
What “security-first” looks like in fintech, non-negotiables, resilience, and trust with enterprise buyers
Execution culture, exceeding expectations, hiring for discipline, and why culture beats product
The shift to investing and why he started a cyber fund and what he looks for in founders
What’s next in AI-driven risk, compliance + security convergence, and Europe’s digital sovereignty challenge
Timestamps:00:00 – Intro00:14 – Meet Chris Zadeh01:59 – Growing up without financial safety nets03:14 – Joining BinckBank at 2306:52 – Scaling to market dominance08:57 – Wanting to sit at the decision-making table11:36 – Early infrastructure and security lessons14:18 – A firewall shutdown incident17:55 – Leaving to build Open18:48 – The vision for cloud-native core banking22:29 – 744 pages of rejection before first contract27:14 – Migrating €15B live28:09 – Security as non-negotiable32:15 – Hiring discipline and execution mindset35:05 – Culture: exceed expectations or leave37:35 – The cost of extreme execution41:21 – Transitioning to investing44:27 – Why he rejects the “solo entrepreneur” myth49:35 – Launching the cybersecurity fund51:16 – AI, compliance, and new cyber opportunities58:55 – European cloud sovereignty01:04:03 – Signal message to CSOs: stay curious01:06:00 – Outro
Connect with the guest:Chris Zadeh: https://www.linkedin.com/in/chriszadeh/Dark Red (Cyber Fund): https://www.darkred.at/
Follow Cyber Security District:Laurens Jagt on LinkedIn: https://www.linkedin.com/in/laurensjagt/Website: https://www.cybersecuritydistrict.com/All channels & newsletter: https://beacons.ai/cybersecuritydistrict

What if the real cybersecurity crisis isn’t attackers, but our own backlog?
In this episode of Cyber Security District, we sit down with Jaya Baloo, former CISO at major global organizations including KPN, Avast, and Rapid7 and now founder of AISLE™, an AI-native platform designed to not just detect vulnerabilities, but fix them.
After years defending complex enterprises from relentless threats, Jaya made a bold move: stepping out of the CISO seat to build the kind of technology she wished she had. Her mission is clear, eliminate the massive vulnerability backlog that leaves organizations trapped in “security theater” instead of meaningfully reducing risk.
This conversation goes beyond buzzwords. We unpack why detection without remediation is broken, how AI can be applied responsibly to actually close security gaps, and what it takes to build transformative security products in stealth.
 
In this episode, we explore:
Why Jaya left top-tier CISO roles to start AISLE™
The uncomfortable truth about vulnerability backlogs and unpatched systems
Why identity failures remain a systemic weakness
How AISLE uses AI for detection, remediation, and verification
The importance of stealth mode before going public
What leadership looks like in an AI-driven cybersecurity era
Key Takeaways:
Vulnerability management without remediation is incomplete
Security technical debt is evolving into a societal-level risk
AI must be paired with verification and human oversight
Innovation is essential to preserving true defence in depth
The best CISOs stay curious and challenge their own assumptions
Timestamps:00:00 – Introduction01:20 – Jaya’s transition from enterprise CISO to founder05:45 – The vulnerability backlog problem10:30 – Why identity failures remain systemic16:40 – Building AISLE™: from concept to stealth22:15 – AI for remediation, not just detection29:50 – Verification, testing, and human-in-the-loop controls36:10 – Working with design partners and open-source communities42:35 – The AI shift in cybersecurity48:20 – Leadership lessons from the CISO seat54:10 – Final message to global CISOs
Connect with the guest:Jaya Baloo: https://www.linkedin.com/in/jaya-baloo-558492/
Website: https://aisle.com/
Follow Cyber Security District:Laurens Jagt on LinkedIn: https://www.linkedin.com/in/laurensjagt/Website: https://www.cybersecuritydistrict.com/All channels & newsletter: https://beacons.ai/cybersecuritydistrict

In this episode of Cyber Security District podcast, we speak with Marco Ramilli, a cybersecurity visionaire, TEDx speaker, and founder of IdentifAI, a deepfake detection company working at the intersection of AI, trust, and digital identity. From writing early sandboxing papers to leading cyber defense teams and selling his previous startup to VirusTotal (Google), Marco has spent the last two decades safeguarding digital borders.
At IdentifAI, he’s now taking on one of the biggest threats of the AI era: manipulated content. Whether it’s fake insurance claims, fraud in football scouting, or synthetic identities onboarding to banks, his platform uses AI to detect AI: verifying whether images, voices, or videos were generated by humans or machines.
In this episode, Marco shares his founder story, why he believes the shift from deterministic to probabilistic computing will reshape cybersecurity, and how his latest startup scaled to enterprise use cases within a year.
In this episode, we cover:
Marco’s hacking origin story and first run-in with his university
Researching malware and voting systems at UC Davis
Founding his first cybersecurity company in Italy when the market wasn’t ready
Bootstrapping a business through 3+ years of break-even before momentum hit
Early ransomware response and reverse-engineering threats
Getting acquired by Tinexta and integrating into VirusTotal
Building IdentifAI to detect deepfakes using AI-powered forensics
From onboarding fraud to football scouting scams,  real use cases
The rise of “digital performers” and the ethics of synthetic content
Why deterministic cybersecurity tools are no longer enough
The philosophical shift security teams must make to handle probabilistic models
Advice for scaling startups, hiring A-players, and letting go as a founder
His signal message to CISOs: curiosity will save us
Timestamps:
00:00 – Intro00:14 – Meet Marco Ramilli01:00 – Hacking the campus network (with a for loop!)02:15 – Getting caught, and hired for cyber research03:10 – Reverse engineering malware at UC Davis04:30 – Cybersecurity in Italy: too early, too expensive05:45 – Why compliance was seen as a cost06:20 – Building a company just to be the “owner of his time”07:00 – Early business struggles & staying focused08:30 – Why saying “no” saved his startup10:10 – On embracing failure and learning from loss11:30 – Curiosity, discomfort, and moving to the U.S.13:00 – Sleeping on floors and working without backup14:00 – Founding Yoroi, growing from 4 to hundreds of employees15:30 – The ransomware era and massive inbound traction16:45 – Sandboxing: research, papers, and real-world applications18:00 – Joining Google via acquisition19:30 – Startup phases and letting go as a founder21:00 – Hiring advice: don’t save money on great people23:00 – Launching IdentifAI: how a fake Pope jacket sparked a real mission25:00 – Building AI to detect AI: early model design27:00 – From 80% to 96% accuracy in deepfake detection28:00 – Why images are more dangerous than text29:45 – The weaponization of synthetic media31:20 – How IdentifAI detects voice, image, and video manipulation32:45 – Use cases: banking KYC, insurance fraud, and football scouting35:00 – API-first strategy and enterprise readiness36:30 – “Digital Performers” and the ethics of representation37:30 – Real-time meeting detection via agents39:00 – Why probabilistic AI is changing the rules40:00 – How cybersecurity must evolve to deal with uncertainty43:20 – Deployment flexibility: on-prem or private cloud46:20 – The philosophical challenge of non-deterministic systems49:30 – Final message to CISOs: stay curious
Connect with the guests:
Marco Ramilli: https://www.linkedin.com/in/marcoramilli/
Website: https://identifai.net/
Follow Cybersecurity District:
Laurens Jagt on LinkedIn: https://www.linkedin.com/in/laurensjagt/
Website: https://www.cybersecuritydistrict.com/
All channels & newsletter: https://beacons.ai/cybersecuritydistrict

In this episode of Cyber Security District, we sit down with Kim van Lavieren, co-founder and CTO of Dawnguard, a cybersecurity startup that raised millions in funding before registering a company or launching a product. Kim’s story is anything but ordinary, from leading Marines on no-sleep missions to building offensive hacking tools for the Dutch military, to managing massive security teams at Amazon in the U.S., his path combines discipline, vision, and deep technical mastery.
Together with co-founder Madi Abdurazak, Kim is now on a mission to completely rethink how cybersecurity should be done, by starting not with alerts or vulnerabilities, but with architecture, policy, and real business risk. Dawnguard is building a platform that automates secure-by-design architecture using AI, aiming to replace an entire category of cloud security tools before most companies even realize there’s a better way.
In this episode, we cover:
What the Dutch Marine Corps taught Kim about discipline and decision-making
How a military comms officer became a cybersecurity architect
Building secure systems after discovering flaws in weapons room access
Writing offensive tools for the cyber division of the Dutch Armed Forces
Why cyber soldiers may be more impactful than boots on the ground
Kim’s journey to Amazon and running third-party security at massive scale
The mindset shift from “no” to “how” in security engineering
The origin story behind Dawnguard and raising millions pre-product
How Dawnguard is building a new category for architecture-led security
Using AI to design, verify, deploy, and enforce security from day zero
Advice for cybersecurity newcomers, and why the industry must rebrand
How Dutch risk aversion is holding back innovation — and how to break through
Timestamps:
00:00:00 – Intro00:00:47 – Kim's Background: From Marines to Cybersecurity00:03:29 – Training Under Extreme Pressure00:06:28 – Becoming a Communications Officer & Discovering Security Gaps00:08:18 – First Lines of Code at Age 1000:10:19 – When Tech & Physical Endurance Collide00:11:04 – Offensive Cyber Capabilities in the Military00:14:22 – Why Cyber Soldiers Now Matter More Than Physical Ones00:17:05 – Consulting, CISO Roles & Joining Amazon00:18:49 – The Scale & Speed of Security at Amazon00:21:00 – The Origin of Dawnguard00:23:00 – Automating Architecture Compliance with AI00:25:08 – Using Threat Intel & Policy as a Starting Point00:28:02 – Building the Engine: 5 AIs and a Moonshot00:30:46 – Meeting Madi & Finding the Perfect Co-Founder Match00:33:29 – Raising Millions with No Product — and Building a Dream Team00:36:37 – Rise Into Resilience: What the Dawnguard Slogan Really Means00:38:08 – Rebranding Cyber: Why the Industry Needs a Makeover00:39:44 – Advice for People Trying to Break Into Security00:41:03 – Advice for Aspiring Cyber Entrepreneurs00:44:42 – Certifications, Labs & Reality Checks00:47:25 – Going Big Means Accepting Uncertainty00:49:00 – The 5-Year Vision: Replace Entire Security Categories00:50:30 – Final Signal Message to CISOs: Security Is Balance, Not Absolutes
Connect with the guests:
Kim van Lavieren: https://www.linkedin.com/in/kim-v-0645931b4/
Learn more about Dawnguard: https://dawnguard.ai/
Follow Cyber Security District:Laurens Jagt (Host): https://www.linkedin.com/in/laurensjagt/Website: https://www.cybersecuritydistrict.comAll channels & newsletter: https://beacons.ai/cybersecuritydistrict

In this episode of Cyber Security District, we sit down with Niek Waarbroek (Founder & CTO) and Tycho Klessens (CEO) of Florbs, a Dutch startup transforming file security inside Google Workspace. What started as a simple set of admin scripts has evolved into a powerful SaaS platform, used by global enterprises to automate onboarding, offboarding, and prevent accidental (or malicious) data leaks.
Niek shares how his frustrations with error-prone onboarding flows inspired him to build smarter tools, and how a lack of visibility into shared files became a real security threat for many organizations. After bootstrapping Florbs for three years, he crossed paths with Tycho, then a VC investor, who not only became the commercial co-founder, but helped raise €1 million to scale the team.
Together, they discuss the power of building with product-led growth, how they’re scaling without wasting capital, and why real file security goes beyond Google’s default settings. They also explain why early-stage cybersecurity startups need more than funding, including focus, clarity, and the right partner chemistry.
In this episode, we cover:
The original problem Florbs set out to solve inside Google Workspace
Why offboarding is one of the biggest overlooked security gaps
How ex-employees still access company data without detection
From custom scripts to a full-fledged SaaS product
Product-led growth without a sales team or marketing budget
Raising €1 million from angel investors and CISOs
Going from solo founder to building a complementary co-founder team
How they’re building safe, reversible file actions with real-time insights
Expanding into AI-powered detection and cross-platform collaboration security
Lessons learned transitioning from VC investor to cybersecurity CEO
Whether you're a CISO, founder, or operator working in Google Workspace or building a startup yourself, this episode shows how automation and visibility can finally close one of the biggest blind spots in modern file security.
 
Timestamps:00:00 – Intro01:15 – What Inspired Florbs: The Google Workspace Problem03:40 – Why Onboarding & Offboarding Create Risk06:00 – Real-World Cases: Ex-Employees Accessing Confidential Docs08:45 – Building from Admin Scripts to Full Product11:30 – Why Google Alone Doesn’t Cut It for File Security14:50 – The Origins of the Name “Florbs”18:10 – Google Developer Expert Status & Product-Led Growth21:00 – Meeting Tycho: From VC Investor to Co-Founder25:30 – The First Pitch, the Missed Investment & The Unexpected Partnership30:40 – Raising Smart Capital (Not Just Any Capital)34:00 – Scaling Carefully: Where the €1M Will Go37:20 – Building Automated Security Workflows40:15 – Preventing AI-Fueled Phishing & Lookalike Domain Attacks44:00 – Hiring Philosophy, Co-Founder Chemistry & Startup Reality49:00 – Final Advice for Entrepreneurs & First-Time CISOs52:30 – One Signal Message to CISOs: Don’t Block Everything
 
Connect with the guests:
Niek Waarbroek: https://www.linkedin.com/in/niekwaarbroek/
Tycho Klessens:https://www.linkedin.com/in/tycho-klessens-a215abb7/
Learn more about Florbs: https://florbs.io
Follow Cyber Security District:Laurens Jagt (Host): https://www.linkedin.com/in/laurensjagt/Website: https://www.cybersecuritydistrict.comAll channels & newsletter: https://beacons.ai/cybersecuritydistrict

In this episode of Cyber Security District, we sit down with Seemant Sehgal, founder and CEO of Breachlock, one of the fastest-growing offensive security companies in the world. Seemant’s journey took him from a small town in Northern India to leading global cybersecurity teams at ING Bank, before founding a startup that’s now active in over 20 countries.
At Breachlock, Seemant is rethinking how offensive security is done. His platform combines automation, AI, and human-led red teaming to deliver scalable Pen Testing as a Service (PTaaS) that addresses the growing inefficiencies of traditional penetration testing.
Seemant has built a globally distributed company operating in over 20 countries, while staying close to the ground truth of cyber operations and keeping his team deeply connected to the challenges that security teams face every day.
In this episode, we cover:
Building a global cyber career without a linear path
Lessons from running cybersecurity at ING Bank
The inefficiencies of traditional pen testing
Starting BreachLock with automation and AI at the core
Launching Adversarial Exposure Validation (AEV)
Balancing AI and human expertise in offensive security
Leading a remote team across 20+ countries
Hiring for culture and alignment, not just skills
How to sell cyber risk to non-technical stakeholders
Message to all CISOs
Whether you're scaling a security startup, running a blue team, or navigating board-level cyber strategy, this episode delivers hard-earned insights from someone who's seen the full lifecycle, technical, strategic, and entrepreneurial.
Timestamps: 00:00 – Intro 01:10 – Growing Up in Northern India 03:25 – Starting Out in Ethical Hacking at IBM 06:10 – From Defense to Offense: Career at ING Bank 09:00 – Identifying the Pain Points of Traditional Pentesting 11:30 – Founding BreachLock: Automating What Matters 15:40 – What is Adversarial Exposure Validation (AEV)? 19:20 – Scaling with AI, But Keeping It Human 23:45 – Managing a Remote-First Global Team 26:30 – Hiring Philosophy: Look for Disagreement and Culture Fit 30:15 – Translating Cyber Risk for the C-Suite 33:00 – Staying Grounded: Lessons from Building Profitably 36:20 – Advice to Future Founders & Security Leaders 39:00 – Final Message to all CISO’s
Connect with the guest:Seemant Sehgal: https://www.linkedin.com/in/s-sehgal/Learn more about Breachlock: https://www.breachlock.com/
Follow Cyber Security District:Laurens Jagt (Host): https://www.linkedin.com/in/laurensjagt/Website: https://www.cybersecuritydistrict.comAll channels & newsletter: https://beacons.ai/cybersecuritydistrict
 

In this episode of Cyber Security District, we sit down with Mischa van Geelen, one of the Netherlands’ most remarkable cybersecurity professionals. At just 13 years old, Mischa discovered a critical vulnerability at a major Dutch bank. By 15, he was the youngest full-time pen tester at a global consultancy. Now in his twenties, he’s already co-founded one of the top incident response firms in the country, served as TISO at leading payment institutions like iDEAL and European Payment Institute (EPI) and is gearing up to launch his next venture.
Mischa’s story is anything but ordinary. A self-taught hacker turned security strategist, he shares candid insights into the realities of incident response, the pitfalls of “watermelon compliance,” and why cybersecurity must be treated as a business enabler, not a sunk cost. Whether it’s rebuilding a college’s IT infrastructure after a massive ransomware attack or scaling a startup from scratch, Mischa combines technical brilliance with rare clarity on communication, compliance, and leadership.
In this episode, we cover:
Discovering his first vulnerability at age 13
Interning at ABN AMRO while still in high school
Joining a consultancy firm as a full-time pen tester at 15
Building and scaling an incident response company
Inside stories from real-world cyberattacks
Why most companies still don’t “get” compliance
The burnout risk of incident responders
His thoughts on AI, deepfakes, and the future of cybercrime
Plans for his next cybersecurity venture
Advice for aspiring ethical hackers and cyber entrepreneurs
Whether you're a CISO, student, founder, or future threat analyst, this episode is packed with valuable lessons and honest reflections from someone who's lived cybersecurity from every angle and isn't done yet.
Timestamps: 00:00 – Intro 01:00 – Finding His First Vulnerability at 13 04:20 – Interning at ABN AMRO 07:00 – Getting Misunderstood by the School System 09:40 – Joining a Consultancy as a Teenager 14:00 – Launching a Cybersecurity Company at 17 17:20 – Challenges of Managing Incident Response Teams 22:30 – Real-Life Ransomware Incidents 27:10 – The Reality of 24/7 Cyber Incident Response 31:45 – The Emotional Impact of Cybercrime 34:30 – Working with iDEAL & EPI 38:10 – AI Threats and the Rise of Deepfakes 42:00 – Watermelon Compliance & What’s Broken in Cyber 45:50 – Mischa’s Next Venture: Automating Real Compliance 49:20 – Communication as the Missing Skill in Cybersecurity 52:00 – Final Message to Global CISOs
 
Connect with the guest:Mischa van Geelen: https://www.linkedin.com/in/rickgeex/Learn more about Anovum: https://www.anovum.nl 
Follow Cyber Security District:Laurens Jagt (Host): https://www.linkedin.com/in/laurensjagt/Website: https://www.cybersecuritydistrict.comAll channels & newsletter: https://beacons.ai/cybersecuritydistrict

In this episode of Cyber Security District, we sit down with Marco Riccardi, threat intelligence expert, startup founder, and the mind behind QuoIntelligence. From getting his first computer at age 7 to running cyber operations at Deutsche Bank and the European Central Bank, Marco’s journey is anything but linear. He’s built a deep-tech company protecting European infrastructure, all while fusing AI, geopolitics, and intelligence analysis into a single mission: safeguarding Europe’s digital future.
Marco is the founder and CEO of QuoIntelligence, a fast-growing European scale-up tackling the growing need for context-aware threat intelligence. His roots lie in coding and hacking, but his vision is firmly set on building an intelligence powerhouse grounded in critical thinking, geopolitics, and predictive security. In this episode, he breaks down the gaps in the vendor market, why Europe needs its own intelligence solutions, and what it takes to scale a security company without losing its soul.
We cover:
Marco’s early obsession with computers and hacking
His time in military psy-ops and its influence on his thinking
Building threat intel teams at European Central Bank and Deutsche Bank
Spotting the market gap that led to founding QuoIntelligence
The rise of AI in cyber defense and offense
Why most security teams fail at scaling
His philosophy on intelligence, communication, and critical thinking
Lessons from five years of building a remote-first startup
The future of European cybersecurity
Whether you’re a cyber leader, an aspiring threat analyst, or simply curious about how intelligence intersects with business, this episode offers a raw, honest, and insightful look into one of Europe’s most original cybersecurity minds.
Timestamps:00:00 – Intro01:00 – Meet Marco Riccardi04:00 – First Hacking Experiences at Age 1107:45 – From Military Psy-Ops to Cybersecurity11:30 – Moving to Barcelona & Malware Research16:00 – Career at ECB and Deutsche Bank21:15 – Why Europe Lacked Local Threat Intel Vendors25:30 – Intelligence as a Business Advantage30:00 – Building QuoIntelligence35:50 – Starting a Company During COVID39:30 – Lessons in Scaling: Hiring Mistakes & Culture44:00 – The Power of AI in Cybersecurity48:30 – What Threat Actors Are Doing with AI53:00 – Advice for Entering Threat Intelligence58:30 – Final Message to CISOs Worldwide
Connect with the guest:Marco Riccardi: https://www.linkedin.com/in/marcoriccardi/Learn more about QuoIntelligence: https://www.quointelligence.eu
Follow Cyber Security District:Laurens Jagt (Host): https://www.linkedin.com/in/laurensjagt/Website: https://www.cybersecuritydistrict.comAll channels & newsletter: https://beacons.ai/cybersecuritydistrict

In this episode of Cyber Security District, we speak with Mahdi Abdulrazak, a cybersecurity leader, serial investor, and one of the most remarkable self-made minds in the field. He just left his CISO position SHV Energy, where he led a team of over 100 professionals, but his journey started much earlier as a refugee, a teenage hacker, and a relentless entrepreneur.
Mahdi’s story spans continents, industries, and disciplines. Fluent in over 8 languages and driven by curiosity, he's not only built pioneering technology platforms but also invested in some of the most promising cybersecurity startups in Europe, including Hadrian and Workwise, and now his own venture Dawnguard. From building his first tech company in the early 2000s to mentoring the next generation of founders, Mahdi brings a rare blend of street smartness, deep technical insight, and philosophical clarity.
After years witnessing how reactive cybersecurity slows innovation, Mahdi is building Dawnguard to make security-by-design the new default, shifting security left from day zero with the power of AI and automation.
In this episode, we explore:
How growing up in poverty sparked Mahdi’s hacker mindset
His first steps into cybersecurity at age 15
Co-founding a platform ahead of its time in smart connectivity
Investing in cybersecurity startups across Europe
Why he always invests in people, not products
Advice for professionals who want to become entrepreneurs
How to deal with pressure and avoid burnout in security roles
His vision for agentic AI, machine learning, and the future of cyber defense
Mahdi speaks with striking honesty about risk, purpose, and what it means to truly contribute. Whether you’re a young professional, a seasoned CISO, or an aspiring founder, this conversation will challenge and inspire you.
Timestamps:00:00 - Introduction00:40 - Meet Mahdi Abdulrazak03:00 - From Warzone to Amsterdam07:20 - Hacking as a Form of Learning11:00 - Building a Tech Startup in the Early 2000s16:45 - Investment Philosophy: People over Products21:30 - Why Dutch Cyber Needs More Startups25:00 - Becoming CISO of SHV Energy29:15 - Handling Pressure & Avoiding Burnout33:50 - Advice for Cybersecurity Entrepreneurs37:40 - The Promise of Agentic AI in Cyber Defense41:00 - Leaving a Legacy & Staying Curious44:20 - Final Message to Global CISOs
Connect with the guest:Mahdi Abdulrazak: https://www.linkedin.com/in/mahdiabdulrazak/Learn more about Dawnguard – www.dawnguard.ai
Follow Cyber Security District:Laurens Jagt (Host): https://www.linkedin.com/in/laurensjagt/Website: https://www.cybersecuritydistrict.com/All channels & newsletter: https://beacons.ai/cybersecuritydistrict