Amsterdam, 8 February 2022
Secura wins Dutch Railways tender for security pentesting
The tender covers both pentesting and source code reviews, as well as knowledge development within cybersecurity.
In the review of the tender process, Onno Wierbos (delegated principal and owner of the new contract) indicated that it was a valuable and successful project for NS.
"Through this process, we were able to unanimously select the best security testing partner; it also intensified the collaboration and shared vision from the NS departments involved."
Not everything is outsourced: as a result of the increasing cyber threat, the Dutch Railways has its own security test team since 2018, which consists of internal security engineers who perform most of security tests (including Threat Modeling and Red Teaming) themselves. The Dutch Railways and Secura's security test teams will work closely together in projects and share knowledge amongst each other.
"Under this contract with Secura, we periodically have our IT systems assessed externally as well, so we can scale up capacity as needed, and we can learn and continue to develop on sub-specialty topics. " - Onno Wierbos
"We are immensely proud of the collaboration with the Dutch Railways, their way of working matches well with ours. Given our role within the vital sector and other industrial companies, the Dutch Railways fit right in with our service and customer portfolio. We look forward to work with the Dutch Railways on their cyber resilience over the next 4 to 8 years." - Sjoerd Peerlkamp, Manager Industrial Market Group at Secura
To celebrate the collaboration, a thumbs-up launch event was organized with the people from Secura and the involved NS departments: