In my work as a consultant and business owner, I understand the diverse needs of my clients, ranging from startups to publicly listed companies. By providing an approach that is focused on customer success, we are not afraid to go the extra mile to deliver the best service.

Positive Security provides executive-level cybersecurity leadership, drawing on extensive CISO experience from major Dutch enterprises, including Ahold Delhaize, Essent, and Jacobs Douwe Egberts.

We provide comprehensive security services, from strategic CISO-as-a-service and virtual CISO solutions to hands-on incident response and computer forensics. We combine deep technical knowledge in malware analysis, offensive security, and platform security management with a strategic advisory approach. This dual expertise allows us to address the full spectrum of cybersecurity challenges facing modern organizations, positioning us as both a technical expert and a trusted strategic advisor.

My aspiration extends far beyond building a successful consultancy. I envision a fundamental transformation in how European startups and growing businesses approach cybersecurity—moving from viewing it as a compliance checkbox or necessary evil to embracing it as a strategic differentiator that enables faster growth, stronger partnerships, and greater investor confidence.

This vision led me to co-found BARE ALLIANCE, a collaborative network of boutique cybersecurity consulting firms dedicated to the EU startup ecosystem.

My consulting firm, BARE Cybersecurity, aims to be the go-to partner for startups and scale-ups seeking to enhance their security posture, with a focus on risk management and robust security leadership. We are experts in implementing rapid security programs, including achieving SOC 2 compliance quickly and efficiently. Our team combines deep knowledge of cloud security architectures and DevSecOps practices with a focus on business agility, ensuring your security program is a key enabler of your growth.

With over 10 years of experience in IT and information security, I am the founder of a cybersecurity firm that specializes in helping mid-sized organizations fortify their digital infrastructure against potential threats. I leverage my extensive knowledge and credentials in secure software development, cloud security, and ISO 27001 and ISO 22301 to deliver customized and practical solutions to my clients and their stakeholders.

As a former information security officer at New10 and a senior application security engineer at TomTom, I have successfully implemented and managed cybersecurity programs across various domains and technologies, particularly in the banking and automotive sectors. I have also trained and mentored software developers and architects on how to address security risks in the entire product lifecycle and integrate security tools in the build pipeline. My mission is to build trust in software organizations and to promote shift-to-the-left practices that enhance security and compliance.

CYRIS 360 delivers specialized cybersecurity services with a focus on secure software development and regulatory compliance. Our team brings over a decade of deep technical expertise, including extensive experience as an Information Security Officer at New10 and a Senior Application Security Engineer at TomTom.

We have a proven track record of successfully implementing ISO 27001:2022 programs and training development teams on security best practices. With a unique combination of hands-on technical skills, including over 120 approved security evaluation reports, and comprehensive knowledge of emerging EU regulations such as NIS2, DORA, and CRA, we are uniquely positioned to help organizations navigate complex compliance requirements while building secure digital products.