From 13-Year-Old Hacker to Cybersecurity Leader with Mischa van Geelen

In this episode of Cyber Security District, we sit down with Mischa van Geelen, one of the Netherlands’ most remarkable cybersecurity professionals. At just 13 years old, Mischa discovered a critical vulnerability at a major Dutch bank. By 15, he was the youngest full-time pen tester at a global consultancy. Now in his twenties, he’s already co-founded one of the top incident response firms in the country, served as TISO at leading payment institutions like iDEAL and European Payment Institute (EPI) and is gearing up to launch his next venture. Mischa’s story is anything but ordinary. A self-taught hacker turned security strategist, he shares candid insights into the realities of incident response, the pitfalls of “watermelon compliance,” and why cybersecurity must be treated as a business enabler, not a sunk cost. Whether it’s rebuilding a college’s IT infrastructure after a massive ransomware attack or scaling a startup from scratch, Mischa combines technical brilliance with rare clarity on communication, compliance, and leadership. In this episode, we cover: Discovering his first vulnerability at age 13 Interning at ABN AMRO while still in high school Joining a consultancy firm as a full-time pen tester at 15 Building and scaling an incident response company Inside stories from real-world cyberattacks Why most companies still don’t “get” compliance The burnout risk of incident responders His thoughts on AI, deepfakes, and the future of cybercrime Plans for his next cybersecurity venture Advice for aspiring ethical hackers and cyber entrepreneurs Whether you're a CISO, student, founder, or future threat analyst, this episode is packed with valuable lessons and honest reflections from someone who's lived cybersecurity from every angle and isn't done yet. Timestamps: 00:00 – Intro 01:00 – Finding His First Vulnerability at 13 04:20 – Interning at ABN AMRO 07:00 – Getting Misunderstood by the School System 09:40 – Joining a Consultancy as a Teenager 14:00 – Launching a Cybersecurity Company at 17 17:20 – Challenges of Managing Incident Response Teams 22:30 – Real-Life Ransomware Incidents 27:10 – The Reality of 24/7 Cyber Incident Response 31:45 – The Emotional Impact of Cybercrime 34:30 – Working with iDEAL & EPI 38:10 – AI Threats and the Rise of Deepfakes 42:00 – Watermelon Compliance & What’s Broken in Cyber 45:50 – Mischa’s Next Venture: Automating Real Compliance 49:20 – Communication as the Missing Skill in Cybersecurity 52:00 – Final Message to Global CISOs   Connect with the guest: Mischa van Geelen: https://www.linkedin.com/in/rickgeex/ Learn more about Anovum: https://www.anovum.nl  Follow Cyber Security District: Laurens Jagt (Host): https://www.linkedin.com/in/laurensjagt/ Website: https://www.cybersecuritydistrict.com All channels & newsletter: https://beacons.ai/cybersecuritydistrict

There are no comments yet.

Please log in to write the first comment.