DEFION Security

When migrating to a modernized backend, do users actually experience this improvement? In a recent collaboration with OctoPerf, we explored how front-end performance testing can validate backend modernization efforts. Instead of only measuring infrastructure metrics, we simulated real user behaviour to see what actually changed from the user’s perspective. What we measured: - response times - stability - application behaviour under load Because modernization only delivers value when architectural improvements translate into a better user experience. Front-end performance testing helps answer the question many teams overlook: did the modernization really improve the application? Discover our findings here: https://lnkd.in/e7fFp8Mt

Financial Services & FinTech Companies are prime targets for financially motivated and state-sponsored cyber operations💰 Banks, insurers, asset managers, and fintechs must safeguard sensitive data, keep services available, and meet stringent security regulations. DEFION delivers financial sector-specific cybersecurity that strengthens resilience end-to-end. The financial services industry is a digital frontrunner, with mobile banking, fintech partnerships, and instant payments reshaping customer expectations. At the same time, the sector faces one of the strictest regulatory landscapes. The Digital Operational Resilience Act (DORA), NIS2, PCI-DSS, ISO 27001, and other supervisory requirements demand not only compliance on paper, but demonstrable operational resilience in practice. Meanwhile, ransomware, fraud, and supply chain attacks are flagged among the top systemic risks by regulators and boards. This week, there was also a publication from DNB regarding the need for increased vigilance due to state-sponsored threats… The challenge for C-level leaders is clear: ensuring compliance and resilience without slowing down innovation or growth. Our services for Financials: F inancial institutions operate under continuous regulatory scrutiny. Compliance is not optional - it is a prerequisite for trust, market access, and growth. DEFION provides services that align directly with these realities, helping clients demonstrate compliance while building resilience against modern threats.  🔐 Regulatory & Compliance Readiness Support for DORA, NIS2, PCI-DSS, ISO 27001, and sector-specific requirements. Gap analyses, compliance roadmaps, and CISO-as-a-Service.  🔐 Red Teaming & Cyber Stress Testing Simulations of real-world adversaries and stress tests to ensure systems, processes, and people meet both resilience and regulatory standards.  🔐 Managed Detection & Response 24/7 monitoring powered by threat intell and expert analysts.  🔐 Incident Response Contain, eradicate, and recover—fast and defensibly. Turn 24/7 security monitoring into real response capability. Speak with our experts and learn how rapid, expert-led response transforms your security posture.

From Madrid to Oslo: DEFION Security is contributing to the cybersecurity conversation across Europe. 🌍 This week our team is engaging with the international security community at two leading conferences. 🇪🇸 In Madrid, our Spanish CEO Abraham Pasamar is attending RootedCON, one of Europe’s most influential cybersecurity conferences. DEFION Security Spain is present with a stand and participating in the Law Enforcement track. 🇳🇴 In Oslo, Daan Keuper, Head of DEFION Research Labs, is speaking at @NDC Oslo {Security} Conference 2026, presenting new research on emerging cyber threats targeting edge devices such as routers and SSL VPN systems. 💜 Different stages, same focus: advancing cybersecurity through research, knowledge sharing and collaboration. The insights we gain from these events feed directly into how we help organisations identify vulnerabilities earlier, understand emerging attack paths and strengthen their security posture. These developments highlight how quickly the threat landscape is evolving, and why understanding where your organisation is vulnerable is more important than ever. #cybersecurity #threatintel #ndcsecurity #rootedcon

🔐 2025 Annual Ransomware Report - The Netherlands The 2025 Annual Ransomware Report has been published by the Nationaal Cyber Security Centrum (NCSC-NL), the Politie Nederland, the Netherlands Public Prosecution Office (Openbaar Ministerie) and Cyber Secure NL (Cyberveilig Nederland) - the association of Dutch cybersecurity companies - by means of participating incident response firms, including DEFION Security. In 2025 DEFION's Digital Forensics and Incident Response Team handled 15 ransomware specific cases. The NL report’s findings closely reflect what we observe in our global incident response practice: identity compromise is a primary entry vector and the business impact remains significant. For many organisations, ransomware is not just a theoretical cyber risk, but a real business continuity challenge. Key findings of the NL annual report are: ➡️ 65 ransomware incidents reported to police ➡️ 39 unique ransomware families observed ➡️ 55% of attacks started with account compromise ➡️ 42.5% involved double extortion ➡️ 43% of organisations experienced downtime exceeding 3 days ➡️ 15% required a week or more to recover 📄 Read the full report in Dutch 🇳🇱 here: https://lnkd.in/dUAxPi82 Other contributing incident response companies include DataExpert, Deloitte, Eye Security, Fox-IT, NFIR B.V., Northwave Cyber Security, Tesorion, Kennedy Van der Laan and PwC. #Ransomware #PublicPrivateCollaboration #CyberResilience #IncidentResponse #BusinessContinuity #DEFION

We are proud to announce that DEFION Security has obtained its SOC 2 Type II certificate! 💜 As a Managed Security Services Provider (MSSP), assurance and control are fundamental to how we operate. With increasing regulatory pressure such as NIS2, organizations must be able to rely on partners whose IT and information security processes are structured, controlled and independently audited. Our SOC 2 Type II certificate confirms that our controls are not only properly designed, but also tested over time by an external auditor. This is especially important as we continue to expand our 24/7 MDR SOC-SIEM practice. Clients trust us to monitor, detect and respond to threats around the clock. That responsibility requires mature governance, disciplined operations and demonstrable security controls. This milestone reinforces our commitment to transparency, reliability and security at scale. If you would like to discuss what this means for your organization, feel free to reach out. #SOC2 #MDR #SIEM #NIS2 #CyberSecurity #MSSP

Cybersecurity is surprisingly often not what CEOs wake up thinking about. And that genuinely surprises us. There’s always something that feels more urgent: growth, hiring, margins, customer retention, innovation. Cybersecurity then gets parked under “IT will handle it”. What we keep seeing in executive conversations is that urgency usually only appears after one of these triggers: 🔹Once a major incident hits Only after ransomware, fraud or a data breach does momentum build. Yet prevention is almost always cheaper than recovery. 🔹Compliance deadlines start coming into view DORA, NIS2, PCI-DSS, ISO 27001, IEC 62443. The moment an audit, supervisory request or deadline approaches, cybersecurity suddenly becomes a board-level priority. 🔹A customer or partner demands security assurance More and more, supply chain security determines whether you can do business at all. No demonstrable security controls? No contract. 🔹Uncomfortable questions start piling up Insurers getting stricter. Banks asking deeper questions. Investors wanting to understand how risk is managed. So what’s the real point? Cybersecurity is not an IT issue. It’s a business risk. The question isn’t whether you should act. It’s when. Because if you wait until it “feels urgent”, it usually already is. Just in the worst possible way: under pressure, with damage, and with operations at risk of grinding to a halt. At DEFION, we take an active defence approach. We work with leaders before cybersecurity becomes urgent. Before incidents, audits or external pressure force reactive decisions. By embedding cybersecurity into the core of the organisation early, we help turn it from a last-minute IT concern into a managed business risk and a strategic advantage. Because waiting until it feels urgent usually means you are already too late or doing too little under pressure.

We are pleased to announce the appointment of Talitha Papelard as Chief Client Officer (CCO) at DEFION Security for the BeNeLux 🇧🇪 🇳🇱 🇱🇺 (please scroll down for the Dutch version of this statement)   In this newly created role, Talitha strengthens our position as a strategic cybersecurity partner and is responsible for delivering maximum client value across the Benelux. She will work closely with boards, executive teams, and security leaders to help organizations navigate an increasingly complex digital risk landscape with confidence.   Talitha brings extensive experience at the intersection of cybersecurity, strategy, and commercial leadership. Prior to joining DEFION Security, she served as General Manager Benelux at Northwave, where she played a key role in positioning cybersecurity at board level during a period of significant growth. She has a strong track record in helping leadership teams structurally embed cybersecurity into their organizations.   With the appointment of a Chief Client Officer, DEFION Security further strengthens the connection between cybersecurity and leadership. Our focus is not only on technical excellence, but on enabling better risk decisions, improving cybersecurity maturity, and building sustainable digital resilience.   Welcome to DEFION Security, Talitha — we’re excited to build the future of strategic cybersecurity together. 🚀 💜 *** 🇳🇱 Met trots verwelkomen wij Talitha Papelard als Chief Client Officer (CCO) BeNeLux bij DEFION Security 🇧🇪 🇳🇱 🇱🇺 In deze nieuwe rol versterkt Talitha onze positie als strategisch cybersecuritypartner. Ze werkt nauw samen met bestuurders en security leaders om maximale klantwaarde te realiseren en organisaties te ondersteunen bij besluitvorming in een steeds complexer digitaal risicolandschap. Talitha brengt ruime ervaring mee op het snijvlak van cybersecurity, strategie en leiderschap. Voor haar overstap naar DEFION Security was zij General Manager Benelux bij Northwave, waar zij cybersecurity succesvol op bestuursniveau positioneerde tijdens een periode van sterke groei. Welkom bij DEFION Security, Talitha — fijn dat je er bent! 🚀 💜

We are DEFION. We embed cybersecurity into the core of organisations, turning it into a strategic enabler for long-term protection and progress. DEFION delivers independent, expert-led security across complex digital environments. From detection and response to strategic advisory, we support continuity, resilience and compliance in an evolving threat landscape. We work with organisations for whom cyber resilience is not theoretical. Downtime, data breaches and disruption have a direct impact on operations, reputation and, in some cases, societal continuity.  ☑️ Decades of hands-on security experience Our experience dates back to the late 1990s, with deep roots in digital forensics, code security and performance engineering. Over time, this evolved into advanced threat detection, incident response, offensive security and strategic security advisory. In 2025, this expertise came together in DEFION as an independent European cybersecurity partner.  ☑️ 90+ security specialists, one integrated team With more than 90 security specialists, ranging from researchers and ethical hackers to incident responders and consultants, we make security manageable both technically and organisationally.  ☑️ Trusted across sectors where continuity matters Together with DEFION Spain, we support over 1,000 organisations across sectors where trust and continuity are critical. These include critical infrastructure, government, financial services, retail and e-commerce, technology and SaaS, manufacturing and industry, and research and education.  ☑️ Continuous visibility across complex environments At an operational level, we maintain continuous visibility across more than 100,000 endpoints, enabling real-time detection, rapid response and informed decision-making. Cybersecurity is not a one-off project. It is an ongoing responsibility. Curious how DEFION can strengthen your resilience and turn security into a strategic advantage? Discover our approach at https://lnkd.in/ewdmbZhE

Many people associate cybersecurity primarily with technology: firewalls, encryption and anonymous hackers causing digital disruption. That is partly true, but it systematically overlooks one crucial factor: people. Not the “average” employee, but the security professionals on the front line: CISOs, security officers, SOC analysts, incident responders and ethical hackers. In this article, I take a clear position on the unreasonable pressure and responsibility they face, grounded in scientific research and informed by personal experience. I am keen to hear what resonates with you, what you feel is missing from the debate, and where you fundamentally agree or disagree. I would very much welcome your responses and ideas. This article was originally published in Dutch and has been translated into English at the request of many readers. Written by Jeroen Schipper.

Cybersecurity is never ‘one size fits all’. Each sector faces unique risks, regulations and operational realities. DEFION specialises in sectors where a security failure doesn’t just affect the organisation itself, but can ripple into supply chains, communities and society. 👉🏼 Financial Services Banks, insurers, asset managers and fintechs are prime targets for cybercrime. DEFION strengthens resilience across prevention, detection, response and recovery, while supporting strict regulatory demands. 👉🏼 Critical Infrastructures Energy, water, healthcare, telecom and transport rely on uninterrupted operations. DEFION secures essential services with sector-specific IT and OT controls and NIS2-aligned capabilities. 👉🏼 Government Public authorities manage sensitive citizen data and deliver essential public services that society depends on. When these services fail, the societal impact is immediate and significant. DEFION helps government entities stay resilient, compliant and operational under increasing cyber pressure. 👉🏼 Manufacturing & Industry Production environments depend on reliable IT and OT systems. DEFION reduces the risk of downtime, supply-chain disruption and operational failure through integrated industrial cybersecurity. 👉🏼 Research & Education Universities, research institutes and academic hospitals face ransomware, espionage and data theft. DEFION protects knowledge, people and innovation through advanced detection, response and threat intelligence. 👉🏼 Retail & E-commerce Digital and in-store operations must remain secure and available. DEFION mitigates fraud, breaches and downtime so retailers can maintain customer trust and revenue gains. 👉🏼 Technology & SaaS Tech platforms and MSPs operate at speed and scale. DEFION embeds security into products, infrastructure and supply chains to support safe growth and compliance. Where cyber risk is high, DEFION keeps you ahead of the threat.