What does threat hunting actually look like in the real world — and where does cyber threat intelligence fit into a modern SOC?

In this episode of the NEVERHACK Estonia Cybercast, Louis Zezeran speaks with Piotr Czopik from Recorded Future about the reality of threat hunting: the learning, investigation, pattern recognition, and deep analysis required to find what automated tools can miss. Together, they explore how attackers reuse familiar methods, why behavior matters more than simple indicators, and how intelligence-led detection helps analysts connect the dots faster.

The conversation also covers supply-chain risk, third-party exposure, advanced threats hiding inside legitimate-looking processes, and why smaller organizations should never assume they are beneath an attacker’s interest.

If you want to understand the human side of cybersecurity detection — beyond AI buzzwords and standard alerting — this episode is for you.

Listen now, visit NEVERHACK Estonia for more insights, and subscribe for more expert cybersecurity conversations.

something unusual at exactly the wrong time? In this Client Day 2026 special from Tallinn, Louis Zezeran speaks with Sander van den Nieuwenhuijzen (Mimecast Incydr) about Human Risk Management and how modern insider threat detection really works.

We explore behavior-based risk scoring (0–10), why “nudges” can be more effective than instant blocking, and how AI tools can accidentally (or deliberately) become new data-exfiltration paths. Sander also shares a striking real-world style story: a lawyer printing PII late at night to a different printer than usual—individually allowed actions that, together, revealed a serious insider risk pattern.

🎧 Listen now, connect with Louis and Sander on LinkedIn, and subscribe for more NEVERHACK Estonia Cybercast episodes.

Can your organization safely use ChatGPT-style tools—and trust what comes back? Recorded at NEVERHACK Estonia’s Client Day 2026 in Tallinn, Louis Zezeran sits down with Jonne Tuomela (Senior Solutions Engineer, Netskope) to unpack the real risks of large language models: prompt injection and jailbreaks, hallucinations and misinformation, poisoned training data, and why “perfect” safety is unrealistic.

They discuss how AI red teaming works at scale (thousands of test prompts), how guardrails can inspect both prompts and responses, and why smart policies (like allowing prompts but blocking file uploads) can protect sensitive data without wrecking user experience. Plus: why coaching and employee education still beat buying “one more tool.”

🎧 Listen now, follow NEVERHACK Estonia Cybercast, and subscribe for more real-world security conversations.

What happens to digital trust when AI agents start doing real work for us? In this episode, Louis Zezeran talks with Mihkel Tammsalu, Head of eID & Trust Services at SK ID Solutions, about identity in an AI future—where “trust” becomes verification, certificates act as assertions, and delegation becomes the missing layer.

They explore a practical question with huge implications: if an AI logs in and acts on your behalf, is it using your identity—and are you responsible when it makes a mistake? From low-risk tasks like emails to high-value actions like purchases or registry updates, the conversation unpacks guardrails, time-limited permissions, “human in the loop” approvals, and why e-services may need more machine-to-machine APIs.

Listen now, follow NEVERHACK Estonia Cybercast, and connect with us on LinkedIn to continue the conversation.

Cybercrime isn’t a niche problem anymore—it’s a scalable, borderless business. In this episode of NEVERHACK Estonia CyberCast, Anett Numa speaks with Estonian State Prosecutor Vahur Verte about how cybercrime has evolved, why one attacker can impact thousands (or more), and what it really takes to investigate and prosecute digital crimes in a world where data moves instantly.

You’ll hear why international cooperation is the biggest bottleneck, why deterrence depends more on the likelihood of being caught than harsher punishment, and how Estonia thinks about defending a highly digital e-state without compromising citizens’ rights. Plus: the human side—what it’s like to prosecute crimes at massive scale, and why public officials must live with extra caution online.

🎧 Listen now, follow NEVERHACK Estonia CyberCast, and visit our website for more episodes and insights.

Cybersecurity is no longer “handled by IT.” Under NIS2 Directive, it’s a leadership responsibility—with real accountability, fast incident reporting expectations, and growing supply-chain pressure. In this Cybercast episode, host Anett Numa speaks with Henri Ratnik and Rainer Ratnik from WIDEN legal about what NIS2 changes in everyday business, how boards should think about liability and resilience, and the biggest mistakes companies make when preparing. You’ll also hear practical advice for SMEs and scale-ups: how to prioritize, build layered defenses (“Swiss cheese”), and avoid expensive security theater.

🎧 Listen now and share this with your CEO/board team. For more episodes, visit our website and subscribe.

NIS2 is now reshaping cybersecurity expectations for Estonian businesses—and the scope has grown fast. In this episode of the NeverHack Cybercast, Louis Zezeran is joined by NEVERHACK security advisor Andres Järv to break down what NIS2 really is (an EU directive), how Estonia implemented it through the Cybersecurity Act (KüTS), and why thousands more organizations may now be in scope.

You’ll learn the difference between E-ITS (Estonia’s detailed, prescriptive standard) and ISO 27001 (international, risk-based), what audits and evidence look like, and what “management responsibility” means in practice. Andres also shares practical first-step examples—policies, risk management, incident handling, asset/vulnerability management, and staff awareness—so you can start building compliance without panic.

🎧 Listen now, subscribe for more, and contact NEVERHACK if you need guidance on where to begin.

Phishing is evolving fast—and in 2026 it’s no longer “just suspicious emails.” In this episode of NeverHack CyberCast, host Louis Zezeran talks with Urmo Keskel from Phishbite (Estonia) about the newest phishing tactics: AI-personalized lures in perfect local language, deepfake social engineering, hybrid attacks that jump from LinkedIn to Telegram, ClickFix campaigns that trick users into running commands, and the growing underground market for stolen sessions and access.

They also cover hiring-process malware traps, supply-chain invoice scams, and how QR code phishing moves victims from protected laptops to less protected phones. Most importantly: what actually works in the real world—continuous simulations, behavior-driven metrics, and building awareness without blame.

🎧 Listen now, follow/subscribe for more CyberCast episodes, and share this with someone who still thinks “I’d never fall for phishing.”

Most organizations understand the idea of “cybersecurity” as tools, controls, and response plans. But Cyber Threat Intelligence (CTI) often sits in a strange place: it’s widely advertised, frequently misunderstood, and sometimes dismissed as buzzword fuel. In this NEVERHACK CyberCast episode, host Louis Zezeran sits down with Britta Sillaots, a NEVERHACK Cyber Threat Intelligence analyst, to unpack what CTI actually is—what it looks like in the real world, how it supports security teams, and why it’s not reserved for “big enterprise only.”

Britta’s definition is simple, and that simplicity is the point: CTI is about making information useful. Not just collecting data, not just “watching the dark web,” and not just generating reports. CTI is the process of taking scattered signals—news, indicators, chatter, leaks, vulnerabilities—and adding enough context that a security team can act.

In this CyberCast episode, host Louis Zezeran is joined by Rob Gillette (NAL Research) and Stefan Grefsgaard (SGM Technology) to unpack a growing and often misunderstood threat: GPS spoofing and jamming in the maritime domain. The conversation explores why GNSS systems are vulnerable by design, how interference manifests in real-world operations, and why this issue has become a critical concern for safety, security, and commercial shipping.

Through real-world examples and testing experiences, the discussion explains the difference between jamming and spoofing, how navigation systems behave under interference, and why trust in positioning data has become a security concern. Rather than focusing on a single solution, the episode looks at broader principles such as independent verification, resilience, and operational awareness.

🎧 Listen now and subscribe for more practical discussions on real-world security challenges from NEVERHACK Estonia.