Title: Securing the World´s biggest HR Firm | Martijn Nykerk, CISO at Randstad | Cyber Security District

Episode Description:

What does it take to secure a company that manages the careers of millions of people across the globe?

In this episode of Cyber Security District, we sit down with Martijn Nykerk, CISO at Randstad, one of the world’s largest HR and recruitment firms, with over 6,000 branches across 38 countries. Martijn has spent 20 years inside Randstad, growing from running the Dutch telco infrastructure to becoming its first global CISO, building security from the ground up as the company transformed from a federation of local operators into a true multinational.

With an engineering background forged on North Sea gas platforms, Martijn brings a rare perspective to the CISO role: the ability to zoom in and out across technical, process, organizational, and business layers simultaneously. In this conversation, he breaks down what that actually looks like in practice, why social skills matter more than most security professionals think and how to build a security function that people want to work with.

In this episode, we explore:

• How Martijn’s career started on a North Sea gas production platform and why safety systems are the original cybersecurity
• What it took to build Randstad’s first global security function from scratch
• The CISO dilemma: centralize or embed?
• How to build a security team people actually want to engage with
• Managing vulnerability backlogs, budget battles, and the patching problem
• The real-world incident that moved cybersecurity from priority 43 to priority 1 overnight
• How AI is lowering the barrier for attackers including 16-year-olds running perfect phishing campaigns
• Why CISO community-building and information sharing matter more than ever

Timestamps:

(00:00) – Introduction

(01:15) – Starting on a North Sea gas platform

(05:30) – Joining Randstad and running the Dutch telco infrastructure

(09:00) – Becoming Randstad’s first global CISO

(14:20) – The “zoom in and zoom out” CISO mindset

(19:45) – What would surprise someone shadowing a CISO for a week

(24:10) – Compliance-heavy vs. risk-driven CISO profiles

(28:30) – Embed vs. centralize: the security team structure debate

(33:00) – How to make security a team people want

(37:15) – Patching, vulnerability backlogs, and the budget war

(42:30) – Building a security narrative that lands with leadership

(46:00) – The incident that changed everything: data breach and crisis response

(53:20) – What makes a great security professional (hint: it’s social skills)

(58:00) – The CISO hiring interview: starting with “What questions do you have for me?”

(01:02:10) – Community building and the 80% overlap problem

(01:07:30) – AI as an attacker accelerant

(01:12:00) – Final message to CISOs: trust each other and share more

Connect with the guest:

Martijn Nykerk: https://www.linkedin.com/in/martijnnykerk/

Follow Cyber Security District: Laurens Jagt on LinkedIn: https://www.linkedin.com/in/laurensjagt/ Website: https://www.cybersecuritydistrict.com/ All channels & newsletter: https://beacons.ai/cybersecuritydistrict

In this episode of Cyber Security District, we speak with Chris Zadeh, serial entrepreneur, fintech pioneer, angel investor, and author. Chris was founder and CEO of Ohpen, one of the first cloud-native core banking platforms in Europe, orchestrating more than €100 billion in financial flows. After building and scaling Ohpen for ten years, he exited and shifted his focus to investing, launching a dedicated cybersecurity fund and his own investment vehicle.

From growing up without financial privilege to becoming one of the early digital banking pioneers at Binck in the Netherlands, Chris shares an unfiltered look at execution, obsession, discipline, and what it truly takes to win in regulated markets. Now Chris is investing in cybersecurity startups, Chris explains what he looks for in founders, why AI is reshaping risk and compliance, and why Europe must rethink digital sovereignty.

In this episode, we cover:

• Chris’ founder journey: from Binck Bank scale-up years to building Ohpen for 10 years
• What “security-first” looks like in fintech, non-negotiables, resilience, and trust with enterprise buyers
• Execution culture, exceeding expectations, hiring for discipline, and why culture beats product
• The shift to investing and why he started a cyber fund and what he looks for in founders
• What’s next in AI-driven risk, compliance + security convergence, and Europe’s digital sovereignty challenge

Timestamps: 00:00 – Intro 00:14 – Meet Chris Zadeh 01:59 – Growing up without financial safety nets 03:14 – Joining BinckBank at 23 06:52 – Scaling to market dominance 08:57 – Wanting to sit at the decision-making table 11:36 – Early infrastructure and security lessons 14:18 – A firewall shutdown incident 17:55 – Leaving to build Open 18:48 – The vision for cloud-native core banking 22:29 – 744 pages of rejection before first contract 27:14 – Migrating €15B live 28:09 – Security as non-negotiable 32:15 – Hiring discipline and execution mindset 35:05 – Culture: exceed expectations or leave 37:35 – The cost of extreme execution 41:21 – Transitioning to investing 44:27 – Why he rejects the “solo entrepreneur” myth 49:35 – Launching the cybersecurity fund 51:16 – AI, compliance, and new cyber opportunities 58:55 – European cloud sovereignty 01:04:03 – Signal message to CSOs: stay curious 01:06:00 – Outro

Connect with the guest: Chris Zadeh: https://www.linkedin.com/in/chriszadeh/ Dark Red (Cyber Fund): https://www.darkred.at/

Follow Cyber Security District: Laurens Jagt on LinkedIn: https://www.linkedin.com/in/laurensjagt/ Website: https://www.cybersecuritydistrict.com/ All channels & newsletter: https://beacons.ai/cybersecuritydistrict

What if the real cybersecurity crisis isn’t attackers, but our own backlog?

In this episode of Cyber Security District, we sit down with Jaya Baloo, former CISO at major global organizations including KPN, Avast, and Rapid7 and now founder of AISLE™, an AI-native platform designed to not just detect vulnerabilities, but fix them.

After years defending complex enterprises from relentless threats, Jaya made a bold move: stepping out of the CISO seat to build the kind of technology she wished she had. Her mission is clear, eliminate the massive vulnerability backlog that leaves organizations trapped in “security theater” instead of meaningfully reducing risk.

This conversation goes beyond buzzwords. We unpack why detection without remediation is broken, how AI can be applied responsibly to actually close security gaps, and what it takes to build transformative security products in stealth.

In this episode, we explore:

• Why Jaya left top-tier CISO roles to start AISLE™
• The uncomfortable truth about vulnerability backlogs and unpatched systems
• Why identity failures remain a systemic weakness
• How AISLE uses AI for detection, remediation, and verification
• The importance of stealth mode before going public
• What leadership looks like in an AI-driven cybersecurity era

Key Takeaways:

• Vulnerability management without remediation is incomplete
• Security technical debt is evolving into a societal-level risk
• AI must be paired with verification and human oversight
• Innovation is essential to preserving true defence in depth
• The best CISOs stay curious and challenge their own assumptions

Timestamps: 00:00 – Introduction 01:20 – Jaya’s transition from enterprise CISO to founder 05:45 – The vulnerability backlog problem 10:30 – Why identity failures remain systemic 16:40 – Building AISLE™: from concept to stealth 22:15 – AI for remediation, not just detection 29:50 – Verification, testing, and human-in-the-loop controls 36:10 – Working with design partners and open-source communities 42:35 – The AI shift in cybersecurity 48:20 – Leadership lessons from the CISO seat 54:10 – Final message to global CISOs

Connect with the guest: Jaya Baloo: https://www.linkedin.com/in/jaya-baloo-558492/

Website: https://aisle.com/

Follow Cyber Security District: Laurens Jagt on LinkedIn: https://www.linkedin.com/in/laurensjagt/ Website: https://www.cybersecuritydistrict.com/ All channels & newsletter: https://beacons.ai/cybersecuritydistrict