Meet Tom Van de Wiele - Founder and Head Hacker at Hacker Minded

Get to know our special speaker from the Security Stage - Tom Van de Wiele, founder and head hacker at Hacker Minded. He kindly gave us an interview before the largest tech conference in CEE, and we are counting the days until we reunite, on June 4th-5th. Keep on reading to see what drives Tom in the industry, and personal life.

Can you introduce yourself in a few words? Hi, I'm Tom. I am a long-standing ethical hacker that performs the worst-case scenarios for organisations when it comes to intrusion testing and attack scenario simulation, while also giving talks and masterclasses to help address the challenges that organisations face today that still allow for cyber attacks and incidents. How did you get into what you’re doing right now, career wise? I am self-taught and always had a fascination for not only finding out how things work, but also observing how people think technology works. By spending a lot of time with technology, I was able to turn my passion into my career to help others better protect themselves while having a lot of fun in the process. What is the biggest cybersecurity threats you’re seeing in 2025? Generally not understanding how attackers operate and what their cost structure is combined with the negative feedback model of security. More than 80% of successful attacks nowadays involve phishing and social engineering based on stealing accounts. Because why hack when you can log in. And yet most organisations do not address these threats enough and are vulnerable to them while they stop at checklist compliance. In your view, what do you think is the biggest change that shaped the tech industry of today? Democratization and availability of IT services with the cloud and the role of open-source software where any specialized service can be purchased and integrated. How do you think AI is changing both the attack and defense sides of cybersecurity? Attackers always have the advantage, whether it is for target profiling, analysis, attack planning and corporate identity impersonation. Something that does not get enough attention in the media who are too busy with focusing on red herrings like deep-fakes and disinformation campaigns. The uptake of AI for cybersecurity defense is currently too slow and is facing too much conservatism because the technology is not understood enough, an all too human trait. If you had to sum up the industry in one sentence, what would you say? Not enough budget to do it right, but always enough budget to do it twice. If you could invent any piece of technology that doesn't currently exist, what would it be and why? A portable piece of technology that can generate electricity, capture moisture and purify water. Not enough people have access to basic needs and we need everyone on board to help build the next century of technology and development. What is something you’re looking forward to at DevTalks 2025? Diversity of topics where security hopefully plays a key role. If you had to predict one major technological breakthrough that will revolutionize the world in the next decade, what would it be? The breakthroughs in battery technology because of economics of scale which combined with AI vision powered robotics will enable "lights-out" or "dark manufacturing" at scale where almost no humans are required. It will have a profound effect on society because it will force us to re-evaluate what is work, what are merely tasks and what it means to be human with regards to value and purpose. This will have ripple effects across the world and will compel new economic models and ways of thinking. If you could time-travel to any point in history with a piece of modern technology, where would you go and what would you bring? Water purification and vaccine technology to save lives. But also releasing robot vacuum cleaners in the middle of historic medieval battles for my own personal amusement. What message do you have for our Romanian IT community? Embrace security-first development, model the threats and build resilient systems that are fault-tolerant by design. Make security and privacy core components in anything you do and not just as checkboxes on paper, but with the same budget and resources as all other functionality.