Membership in Industry and Professional Associations
Secura actively seeks collaborations and alliances with high-quality organizations and companies in related fields. We do this in part to stay informed about vulnerabilities, threats, and threat actors. Additionally, we believe it is important to actively share knowledge with our clients and society.
NCSC - Secura has close ties with the NCSC, the National Cyber Security Centre, both formally and informally. As a key player in the Dutch security market, Secura also aims to share knowledge with the government through these connections. Secura assists the NCSC by reporting security vulnerabilities and providing information about attack surfaces to NCSC staff. Through our role within Cyberveilig Nederland (and with the OKTT status), we also participate in the NCSC’s information-sharing projects, such as the national coverage system.
CCV - Secura is involved in the development of certifications in the field of cybersecurity. For example, we contributed to the creation of the CCV Pentest certification (and of course, we are also certified against this standard). We are currently working on certifications for awareness services, Incident Response (IR), and Monitoring (SOC) services.
NOREA - Secura’s quality system has been assessed and deemed adequate by NOREA. Secura also employs several NOREA-registered EDP auditors for audit services. Additionally, our auditors fulfill various roles within NOREA, such as members of 1) the technical committee, 2) the DigiD assessments working group, and 3) the privacy knowledge group. With this knowledge, we are better able to support our clients technically and according to the latest standards and insights in audit and advisory, DigiD assessments, and privacy.
ISACA - Through this organization, which has both a global presence and a Dutch chapter, standards, frameworks, and whitepapers on current and future-oriented security topics are shared. Through the global organization, Secura is connected to NOREA, and we primarily use security audit-related information. Periodically, the Dutch chapter discusses a current topic.
Cyberveilig Nederland - Secura is a member of and actively involved in Cyberveilig Nederland. Over the past few years, many cybersecurity reports, strategies, and roadmaps have been published with contributions from Cyberveilig Nederland, such as the Dutch Cybersecurity Agenda, the Defense Cyber Strategy, and the WRR report "Preparing for Digital Disruption". Secura is involved in various working groups and co-leads the Quality & Transparency working group. In this role, Secura contributes to the standardization of security services. One result to which Secura has actively contributed, by providing knowledge and content, is the Buyers guide for security testing.
OWASP - Secura regularly engages with leaders within OWASP, such as the leader of the Security Knowledge Framework (SKF) and the chairman of the Dutch chapter. This allows Secura to gain a good understanding of developments in the field of application security, and Secura benefits from training and courses organized (in collaboration) with OWASP.
IOT Security Foundation - Secura is a member of and active within the IOT Security Foundation. This international organization works on standardization, knowledge sharing, and learning about vulnerabilities related to the Internet of Things (IoT devices). Secura contributes to the development of security standards based on best practices, vulnerabilities, and the knowledge and expertise of Secura and other members of the IOT Security Foundation through various conferences, presentations, and standardization groups.
Cloud Security Alliance (CSA) - Secura is a board member of the Dutch Chapter. This allows us to gain knowledge from the various public products of the CSA, which is widely recognized as the standard organization for Cloud providers (AWS, Azure use the CSA's CCM for their security framework and Assurance investigations). We apply this knowledge and experience in audits involving external (Cloud) providers.
INTERSECT - Secura participates in the INTERSECT research program initiated by TU Eindhoven. This collaboration between universities and companies aims to conduct security research in the field of IoT security. Other companies such as Philips, Signify, and TNO are also involved. Through this consortium, Secura hopes to contribute to identifying and solving security vulnerabilities in IoT devices.
Dcypher - Dcypher unites researchers, hackers, educators, students, producers, users, and policymakers in the Netherlands to improve knowledge and expertise in cybersecurity. Dcypher facilitates the scheduling and coordination of (scientific and practice-oriented) cybersecurity research and higher education. Secura contributes by providing speakers for events and supporting the organization of the national Challenge The Cyber (CTC) hack competition (CTF). In 2020, for example, this event was broadcast from Secura's office. The Managing Director of Secura is a member of Dcypher's advisory board.
Cyber Resilience Center Brainport (CWB) - This foundation offers companies, especially in the high-tech and manufacturing industries across the Netherlands, a unique opportunity to better protect themselves against cybercrime, partly through knowledge sharing about vulnerabilities. Secura is a partner of CWB.
PvIB - Platform for Information Security. Through this organization, we stay informed about common and current operational security topics. This is done through sessions where networking with other companies is also possible.
CIP - the Center for Information Security and Privacy Protection is the expertise center for information security and privacy protection by, for, and through government organizations. It has developed into a public-private network organization, in which expert market organizations also participate as knowledge partners. Secura is one of these knowledge partners and contributes by sharing knowledge and organizing webinars.
The Hague Security Delta (HSD) - Secura is a member of The Hague Security Delta and provides knowledge sessions and presentations on digital security. For example, in February 2020, 2021, and 2022, we did a Road Show in the USA together with them (linked to the RSA conference). This resulted, among other things, in the organization of a joint webinar on Automotive Security.
NIDV - Secura is a member of the NIDV, the Dutch Industry for Defense & Security. The Dutch Industry for Defense and Security Foundation (NIDV) is the link between companies, knowledge institutions, and the government.
IECEE - Secura is a member of IECEE (certifications). This is the IEC system for conformity assessment systems for electrotechnical equipment and components, a multilateral certification system based on international IEC standards.
Hacker Conferences - Secura employees not only regularly attend (international) hacker conferences such as DEFCON and Blackhat, but also give substantive presentations on various topics. In addition, these meetings are an opportunity to reconnect with colleagues (and clients). Thanks to these (in)formal contacts, employees are well informed about vulnerabilities and new attack techniques that we use for our services.