the editorial team
CISO of the Year Award special with Floor van Eijk

CISO of the Year Award special with Floor van Eijk

In this last episode, we talk to Floor van Eijk, CISO at NN Group, and nominated for the CISO of the Year Award 2024. Other guests are jury member Job Voorhoeve (Amrop) and CISODAY partners Boudewijn van Lith (Proofpoint) and Thijs Timmerman (KPMG).

CISO of the Year Award special with Jan Joost Bierhoff

CISO of the Year Award special with Jan Joost Bierhoff

In this episode, we talk to Jan Joost Bierhoff, Global CISO at Heineken, and nominated for the CISO of the Year Award 2024. Other guests are jury member Madelein van der Hout (Forrester) and CISODAY partners Marijn van Overveld (Noesis) and Daan Hakkert (IBM).

CISO of the Year Award special with Jeroen Schipper

CISO of the Year Award special with Jeroen Schipper

In this episode, we talk to Jeroen Schipper, CISO at Gemeente Den Haag, and nominated for the CISO of the Year Award 2024. Other guests are jury member Madelein van der Hout (Forrester) and CISODAY partners Vincent van Kooten (Netskope) and Mark van Leeuwen (Okta).

CISO of the Year Award special with Lies de Wit

CISO of the Year Award special with Lies de Wit

In this episode, we talk to Lies de Wit, CISO at Stater, and nominated for the CISO of the Year Award 2024. Other guests are jury member Job Voorhoeve (Amrop) and CISODAY partners Ivo van Bennekom (PwC) and Hans van den Boomen (CheckPoint).

CISO of the Year Award special with Pieter van Houten

CISO of the Year Award special with Pieter van Houten

In this first episode, we talk to Pieter van Houten, CISO at SHV, and nominated for the CISO of the Year Award 2024. Other guests are jury member Madelin van der Hout (Forrester) and CISODAY partners Mike Remmerswaal (Netskope) and Mark van Leeuwen (Okta). The host is Rob Beijleveld.

Eight cybersecurity predictions for this year (and beyond)

Eight cybersecurity predictions for this year (and beyond)

In March, Gartner revealed its cybersecurity predictions for 2024 and beyond. Its analysts believe generative AI (GenAI) adoption will close the cybersecurity skills gap and reduce employee-driven cybersecurity incidents. They also predict that two-thirds of global 100 organizations will extend directors and officers insurance to cybersecurity leaders due to personal legal exposure.

Two thirds of employees gamble with security

Two thirds of employees gamble with security

Over two-thirds of Dutch employees knowingly put the organization at risk, leading to ransomware or malware infections, data breaches or financial loss. More than four in five of the organizations surveyed experienced at least one successful attack by 2023.

Government launches NIS2 Quick Scan

Government launches NIS2 Quick Scan

On February 29, the central government launched the NIS2 Quick Scan that allows organizations to prepare for the new European NIS2 directive. This directive is aimed at increasing the digital resilience of companies and organizations in the EU.

The AVG and IB

The AVG and IB

You frequently see the CISO/Privacy Officer roles combined. I did combine it myself for a while. Even though the two topics overlap, they are also very different. Because the interests (data subjects vs. organization) are apart and also the scope differs from each...

Hackers are friends, not food – how they can help you

Hackers are friends, not food – how they can help you

Hackers are invaluable to your organization. They have the time and motivation to fiddle endlessly with a thread until an entire sweater is reduced to a pile of yarn. Whereas pen testers have limited time and are paid by the hour, reporters at a CVD often charge nothing at all. All they want is a T-shirt and an honorable mention. How do you get them to work for you?

CISO Platform Nederland board is complete

CISO Platform Nederland board is complete

The board of CISO Platform Nederland, the non-profit association of CISO community Nederland, is complete: CISOs Dimitri van Zantvliet, Luisella ten Pierik, Mahdi Abdulrazak, Justin Broeders and co-founder Rob Beijleveld officially joined the organization’s board on February 16.

ZBO without embargo

ZBO without embargo

Originally a talk I gave at a lunch meeting with several ZBOs. ZBO stands for independent administrative body. These are the government agencies that have independent governance but belong to a ministry. That this is a complex construction, you will already...

The C in CISO stands for Compliance

The C in CISO stands for Compliance

''We are ISO certified and therefore 100% cyber-secure!'' A statement that I think few security experts will endorse. And yet, compliance is an important and sometimes useful tool within information security. With the current laws and regulations, you can't really...

Dutch government fails to meet implementation of NIS2 and CES on time

Dutch government fails to meet implementation of NIS2 and CES on time

Businesses are not the only parties experiencing problems with implementing of the new European guidelines for Network and Information Security (NIS2) and the Critical Entity Resilience Directive (CER). In the Netherlands, the preparations for the consultation on the Dutch implementation of these European directives are already delayed.

Learning to advise

Learning to advise

''Gives solicited and unsolicited advice'' is often in our job description. Giving advice is a skill. One which is relevant to a range of roles within information security. For (C)ISOs as well as consultants and pentesters. But how do you give good advice? What is the...

Airbags and aliens – performing risk analysis without stress!

Airbags and aliens – performing risk analysis without stress!

A quality risk analysis is one that you, the expert, stand behind. You must be able to explain and defend the outcome. Risk analyses are used to identify risks, determine measures and put responsibility where it belongs. But after the report you (C)ISO are not...

Ten security myths debunked (podcast)

Ten security myths debunked (podcast)

“Public WIFI is unsafe,” and “Password books are a bad idea!”. CISO Fleur van Leusden debunks these myths and eight more. This podcast is in Dutch.

CISO community, CISO Platform Nederland established officially

CISO community, CISO Platform Nederland established officially

The CISO community Nederland and the associated CISO Platform Nederland are a reality. The new combination supports Dutch companies’ Chief Information Security Officers (CISOs) in various industries, non-profit organizations, and the government.

CSBN 2023: Digital threat to the Netherlands undiminished

CSBN 2023: Digital threat to the Netherlands undiminished

Every organization must be prepared for unexpected attacks, warns the National Coordinator for Counterterrorism and Security (NCTV), who published the Cybersecurity Assessment of the Netherlands (CSBN) 2023 early this month. The CSBN reflects the trends, incidents, threats, and challenges in cybersecurity within our national security.

Sharp increase in attacks on decision makers’ cloud accounts

Sharp increase in attacks on decision makers’ cloud accounts

The number of successful cyberattacks taking over the cloud accounts of top executives has increased by more than 100 percent. Cybercriminals are using a phishing tool – EvilProxy – based on a reverse proxy that they use to steal MFA data and session cookies, according to research by Proofpoint.

Organizations fend off 6 out of 10 attacks

Organizations fend off 6 out of 10 attacks

Security teams make four “impossible” trade-offs when fending off threats. They must decide which attacks to prioritize; choose which vulnerabilities to fix; optimize prevention or detection controls; and finally decide what to log and what to warn about. So reports Picus Security following a report released this month.

Government decides on one organization for cybersecurity

Government decides on one organization for cybersecurity

The Cabinet has decided to merge the existing cybersecurity organizations of the central government. The National Cyber Security Center (NCSC) of the Ministry of JenV, the Digital Trust Center (DTC), and the Computer Security Incident Response Team for Digital Service Providers (CSIRT-DSP), both of the Ministry of EZK, will merge into a new organization.