Behind the scenes with liaison partner Securify

Securify is a cybersecurity company that offers advanced preventive security solutions, independently verifying and validating the resilience of organizations, infrastructures, applications, and code. "Our goal is a world in which most disruptions caused by digital threats are prevented, starting with companies in the Netherlands. We achieve this through offensive security testing, ranging from relatively simple penetration tests to more complex Red and Purple Team assignments and advanced attacks simulating state-sponsored actors. Our team of professional ethical hackers, experts in security code reviews, and Red Teaming identifies areas where security optimization is necessary for our clients. Every year, we help secure the data of millions of Dutch citizens through hundreds of penetration tests, Red Team assignments, and code reviews," says Kees Stammes, responsible for strategy and leadership at Securify.

An innovative perspective ahead

“Innovation is extremely important to us, which is precisely where our connection with PCSI lies. PCSI keenly identifies opportunities for innovation. Innovative projects are initiated based on market demand. We have now been a liaison partner for four years and occasionally contribute to topics relevant to our work. Despite being a small player with about fifty employees, it is incredibly rewarding to be part of the PCSI network. It allows us to contribute to the future of the market. Through collaboration and investment, we achieve more together than individually. Our partnership is informal, accessible, and non-binding. However, once committed to a project, delivering results is expected. It is always clear upfront how much time a project will require, and everything is discussed transparently. Every meeting organized is valuable, keeping us informed about innovations and challenges within the sector. The collaboration with PCSI is practical, future-oriented, and innovative," Stammes explains.

Valuable interactions within projects

 “Securify currently participates in two projects—one technical and one non-technical. The technical project, Purple AI 2.0, has recently concluded, with results to be presented at the Partner Event. The project aimed to use AI to enhance Red and Blue Team capabilities. Initially, we were somewhat skeptical about the Red Teaming aspect and whether it would produce a viable Proof-of-Concept (PoC). However, my colleague Stefan, who participated in the project, is very enthusiastic afterward. He learned a great deal about AI's capabilities and was impressed by the dedicated professionals from TNO and the expertise of other PCSI partners. A potential follow-up project, Purple AI 3.0, might emerge. The second project is less technical. We co-authored an article for the Platform for Information Security, discussing the role of regulations in relation to tech transfer, scheduled for publication in June. Participating in such projects allows us to share our perspectives with a broader audience and establish valuable connections with other contributors, potentially leading to further collaboration. Networking is indeed a significant advantage of being active within PCSI, addressing shared and emerging issues collaboratively," Stammes elaborates.

Challenges & opportunities for the future

 “The digital world is rapidly evolving. AI is often presented as a universal solution, though we remain somewhat skeptical about its truly groundbreaking potential in offensive security testing. Nevertheless, we closely monitor all innovations. If AI allows us to perform our work more effectively or efficiently, we will undoubtedly embrace it, especially since skilled experts are scarce in our sector. This applies to automation generally, not only AI. Additionally, developments in regulations, especially those coming from the European Union, are intriguing. It would be beneficial to gain more insights into this collectively. However, I hope we avoid excessive regulation that restricts innovation," Stammes states.

"The way PCSI promotes innovation within the cybersecurity sector is incredibly valuable. It begins with the core partners, who identify current trends and, using the PCSI Security Radar, decide which topics deserve attention. Subsequently, project groups tackle these topics. Moving from a PoC to an actual market-ready product remains challenging. It would be fantastic if Securify could eventually introduce an innovation or product to the market, perhaps through contributions to a spin-off. However, tech transfer is complex. PCSI addresses this by setting clear feasibility goals before and during projects. Intellectual property issues can be challenging and must avoid disrupting the market. This gap can be bridged through transparent communication and agreements in advance. If success is possible anywhere, it’s within PCSI. I would advise interested companies to join and experience PCSI firsthand. Collaborating to innovate based on real market issues is truly inspiring," Stammes concludes.