Jeroen Schipper, CISO at the Municipality of The Hague, won the CISO of the Year 2024 Award last night. He owes the award to his transformational role and his holistic and inclusive approach to cybersecurity. His contributions to the professionalization of the CISO profession and his role as an active representative of the city of The Hague in cybersecurity matters were also taken into consideration.

The award was presented at the first CISODAY, which attracted over 200 security professionals from large companies, and government and non-profit institutions in the Netherlands.

For the last six years, Jeroen Schipper has made digital resilience the focus of the security strategy of The Hague. He has a background in IT and more than 20 years of experience in cybersecurity, largely gained at the Ministry of Defence. In his daily work, Schipper deals with complex threats and incidents, as well as compliance issues or stakeholder management. In doing so, he knows how to connect and inspire people.

“I am proud that Jeroen has been awarded the first CISO of the Year Award,” said Aart Jochem, jury chairman and CISO for the Dutch Central Government. “His vision for the role, his ability to plan, influence, and adapt to changing situations were tested and discussed by the jury and proved to be the best of the nominees. I am convinced he is and will be a role model for the profession.”

“I see the CISO of the Year Award as a recognition of the increasingly important role the CISO plays in organizations,” Jochem continued. “As more and more assets of organizations and society as a whole are being digitized, and at the same time the threats to them, knowledgeable, innovative, and agile professionals are becoming crucial for business and society. Therefore, the award presented last night also recognizes the important position the CISO holds – or should hold – in organizations.”

Other nominees for the award were CISOs Jan Joost Bierhoff (Heineken), Floor van Eijk (NN), Pieter van Houten (SHV), and Lies de Wit (Stater). These candidates also scored strong to very strong on almost all selection criteria.

“We had an interesting and intensive award process behind us. The nominees were assessed on various aspects of the CISO role. It was a confirmation that there is no such thing as the CISO. Every CISO role is different, depending on the type and maturity of the organization and the personality of the CISO. That also made it very difficult to choose a winner,” said jury member Luisella ten Pierik, herself CISO at Stedin and vice-chair of the CISO Platform Nederland, initiator of CISODAY together with the CISO community Nederland.

Both organizations aim to improve the position of the CISO within organizations and strengthen cooperation with the ultimate goal of raising the cyber resilience of the Netherlands to a higher level. This year’s theme was therefore ‘Stepping out of the Shadows’. “It was a wonderful day, said Dimitri van Zantvliet, Chairman of the CISO platform Netherlands and co-initiator. “We started only five months ago, and already we have a room full of fantastic people together.”

Cybersecurity Achievement Award

Hans de Vries, Chief Cybersecurity Officer at ENISA and former Director of the National Cyber Security Centre (NCSC), was presented the Cybersecurity Achievement Award for his long-standing commitment to strengthening cybersecurity in the Netherlands by Dimitri van Zantvliet. “Hans has made a significant contribution to the cybersecurity ecosystem in the Netherlands. He is a visionary leader. He has enhanced the NCSC’s operational capabilities and demonstrated exceptional value during global incidents. His personality, even more than his extensive experience, enabled him to forge lasting connections between the public, private, and academic sectors,” Van Zantvliet said.

The selection process

The CISO of the Year Award has been given through a rigorous and objective process, honoring the candidate with the highest performance and fulfillment of their role and responsibilities. The selection of one winner does not reflect negatively on the other nominees, as they were all highly qualified candidates.

The five nominees were chosen from a shortlist of ten candidates following the first step in the process: a self-assessment on, among other things, digital maturity and cybersecurity maturity in the organization. The five best-scoring CISOs were then subjected to a series of validation interviews and then a research assessment by Bibi van den Berg, professor of cybersecurity governance at Leiden University. In addition, the board of the CISO Platform Netherlands gave its feedback to the jury. Finally, the five CISOs provided a pitch and were subjected to an interview with the jury at the final jury meeting on 14 May.

The jury

The jury consisted of chairman Aart Jochem, Luisella ten Pierik, CISO at Stedin; Job Voorhoeve, Global Digital Practice Leader & Partner Professional Services Practice at Amrop; Bibi van den Berg, Professor of Cybersecurity Governance at Leiden University; Madelein van der Hout, Senior Analyst Security and Risk team at Forrester; and Rob Beijleveld, co-initiator of the CISO community Netherlands and CEO of ICT Media.

Photography: Dennis Khalil