If anyone should breeze through an ISO 27001 audit, it's a cybersecurity company — right? In this episode of the NeverHack Cybercast, host Louis Zezeran sits down with Andres Järv, vCISO at NeverHack Estonia, fresh from the firm's own recertification, for an honest look at what the standard really demands.

Andres breaks down what ISO 27001 actually is, the three-year audit cycle, what auditors look for (and how they catch you out), and why your documentation has to match reality. Then he unpacks the virtual CISO model: why even profitable companies outsource security leadership, what Estonia's talent shortage means under NIS2, and how NeverHack "eats its own dog food" by acting as its own vCISO client.

Practical, candid, and jargon-free — essential listening for anyone facing certification or deciding whether to hire or outsource.

🎧 Listen now. Connect with Louis & Andres on LinkedIn, and visit neverhack.com to learn more. Subscribe for more from the NeverHack Cybercast.

What happens when you put AI in the hands of a professional hacker?

In this episode of the NEVERHACK Cybercast, host Louis Zezeran sits down with Giorgi Sharia — Senior Penetration Tester at NEVERHACK Estonia — for one of the most honest and practical conversations about AI and offensive security you'll hear this year.

Giorgi covers how AI is already being used in real pen test engagements, the growing threat of ungoverned AI models in the hands of attackers, why guardrail bypass is now a mainstream attack vector, and how NEVERHACK is building its own localised AI solution for clients who can't use public platforms.

He also tells the story of Ronny — the custom LLM he built for the Nordic Baltic Security Summit CTF — and what happened when conference attendees tried to convince it to give up its secrets.

Whether you're a seasoned security professional or just starting out, this one's unmissable.

🎧 Listen now. Follow for new episodes. Reach out to Louis or Giorgi on LinkedIn.

AI is changing cybersecurity, software development, and digital transformation faster than most organizations can keep up with. But how do you adopt AI securely without slowing innovation?

In this episode of the NEVERHACK CyberCast, Louis Zezeran sits down with Gregory Van Den Top, Field CISO at Cloudflare, during the Immerse Tallinn event to explore Cloudflare’s vision for AI governance, secure agent architectures, AI gateways, serverless Workers, and the future of edge-based AI infrastructure.

They discuss how organizations can safely experiment with AI, why flexible “AI primitives” matter more than rigid platforms, and how Zero Trust principles apply to autonomous AI agents. The conversation also dives into AI model orchestration, token optimization, developer-first infrastructure, and why many digital transformation projects fail.

Whether you’re a developer, security professional, or business leader, this episode offers practical insights into building secure and scalable AI strategies for the future.

Listen now and subscribe for more cybersecurity insights from NEVERHACK CyberCast.

Quantum computing is coming—but what does it really mean for cybersecurity?

In this NEVERHACK webinar, Louis Zezeran (Host, NEVERHACK Estonia) is joined by Guillaume Tassin (Head of GRC, NEVERHACK France), Kalev Pihl (CEO, SK ID Solutions), and Marco Berardi (Business Unit Manager, Data Security, NEVERHACK Italy) to break down the reality behind the hype.

You’ll learn:

• What quantum computing actually is—and why it matters

• The real risk behind “harvest now, decrypt later”

• How digital signatures and encryption could be impacted

• Practical steps to start your post-quantum readiness journey

This session combines strategic insight, technical expertise, and real-world experience to give you a clear, grounded understanding of what’s coming—and how to prepare.

🎧 Listen now and stay ahead of the next major shift in cybersecurity.

What does it really take to become a cybersecurity leader?

In this episode of NEVERHACK Estonia Cybercast, Louis Zezeran sits down with Jürgen Erm, Country Manager of NEVERHACK Estonia, for a personal and insightful conversation about leadership, career growth, and the human side of cyber. From growing up in eastern Estonia during a time of major social change to learning early lessons about online trust, military service, stakeholder management, and leading under pressure, Jürgen shares the experiences that shaped his approach.

This episode covers:

• Jürgen’s path from IT student to cybersecurity leader

• How vulnerability management taught real leadership

• Why calm leadership matters in crisis

• Lessons from military service, mentors, and business growth

• How NEVERHACK Estonia evolved its cyber services for clients

If you work in cybersecurity, lead teams, or want to understand the mindset behind resilient leadership, this episode is for you.

Listen now, follow NEVERHACK Estonia Cybercast, and visit our website for more episodes and cybersecurity insights.

The future of defense will not be defined by hardware alone. In this episode of NEVERHACK Estonia Cybercast, Graham Taylor CBE, Director Defence Strategy for Northern Europe at OPSWAT, talks with Anett Numa, Chief of International Affairs for NEVERHACK to explore how cyber resilience, interoperability, AI, and trusted data are transforming modern military strategy.

From NATO’s changing role and the lessons of Ukraine to the growing value of cyber talent and the challenge of securing multi-domain operations, this episode looks at what real defense readiness means in a digital age. Graham also explains why treating every file as a threat is more than a cybersecurity slogan — it is a mindset that matters for military and critical infrastructure resilience.

If you work in cybersecurity, defense, policy, or critical infrastructure, this episode offers valuable perspective on where security strategy is heading and what organizations need to prioritize now.

Listen now, visit our website for more episodes, and subscribe to NEVERHACK Estonia Cybercast for more expert insights.

How has the modern SOC evolved from basic log monitoring into an AI-assisted, OpenXDR-driven security operation?

In this episode of the NEVERHACK Estonia Cybercast, Louis Zezeran is joined by Henk van der Heijden, Vice President of Sales at Stellar Cyber, for a conversation about the changing reality of security operations. They explore how the old SIEM model has given way to more connected platforms, why East-West visibility matters for spotting attacker movement, and how AI can help reduce alert fatigue and analyst burnout.

The discussion also looks at one of the biggest challenges in cybersecurity today: how to build and retain strong SOC teams in a market with too many alerts and too few skilled people. Rather than replacing analysts, AI is helping them move toward higher-value work.

If you want practical insight into where SOCs are heading and what modern security operations should look like, this is an episode worth hearing.

Listen now, visit our website for more episodes, and subscribe to NEVERHACK Estonia Cybercast for more cybersecurity conversations.

What does threat hunting actually look like in the real world — and where does cyber threat intelligence fit into a modern SOC?

In this episode of the NEVERHACK Estonia Cybercast, Louis Zezeran speaks with Piotr Czopik from Recorded Future about the reality of threat hunting: the learning, investigation, pattern recognition, and deep analysis required to find what automated tools can miss. Together, they explore how attackers reuse familiar methods, why behavior matters more than simple indicators, and how intelligence-led detection helps analysts connect the dots faster.

The conversation also covers supply-chain risk, third-party exposure, advanced threats hiding inside legitimate-looking processes, and why smaller organizations should never assume they are beneath an attacker’s interest.

If you want to understand the human side of cybersecurity detection — beyond AI buzzwords and standard alerting — this episode is for you.

Listen now, visit NEVERHACK Estonia for more insights, and subscribe for more expert cybersecurity conversations.

something unusual at exactly the wrong time? In this Client Day 2026 special from Tallinn, Louis Zezeran speaks with Sander van den Nieuwenhuijzen (Mimecast Incydr) about Human Risk Management and how modern insider threat detection really works.

We explore behavior-based risk scoring (0–10), why “nudges” can be more effective than instant blocking, and how AI tools can accidentally (or deliberately) become new data-exfiltration paths. Sander also shares a striking real-world style story: a lawyer printing PII late at night to a different printer than usual—individually allowed actions that, together, revealed a serious insider risk pattern.

🎧 Listen now, connect with Louis and Sander on LinkedIn, and subscribe for more NEVERHACK Estonia Cybercast episodes.

Can your organization safely use ChatGPT-style tools—and trust what comes back? Recorded at NEVERHACK Estonia’s Client Day 2026 in Tallinn, Louis Zezeran sits down with Jonne Tuomela (Senior Solutions Engineer, Netskope) to unpack the real risks of large language models: prompt injection and jailbreaks, hallucinations and misinformation, poisoned training data, and why “perfect” safety is unrealistic.

They discuss how AI red teaming works at scale (thousands of test prompts), how guardrails can inspect both prompts and responses, and why smart policies (like allowing prompts but blocking file uploads) can protect sensitive data without wrecking user experience. Plus: why coaching and employee education still beat buying “one more tool.”

🎧 Listen now, follow NEVERHACK Estonia Cybercast, and subscribe for more real-world security conversations.