By taking a majority stake in cybersecurity specialist Secura, Bureau Veritas adds best-in-class expertise to its cybersecurity conformity assessment services
Bureau Veritas, a world leader in testing, inspection and certification, announced today that it has completed the acquisition of Secura B.V. (starting with a majority stake), an independent service company specializing in cybersecurity services. Secura will be a cornerstone in the cybersecurity strategy of Bureau Veritas.
Rising demand in digital security and new regulations drive a growing need for conformity assessments. As a result, Testing, Inspection and Certification (TIC) services for cybersecurity are an emerging market with substantial expected growth and significant momentum. In this promising new conformity market, Secura is a recognized cybersecurity player with a strong orientation toward TIC activities.
Established in 2000 in the Netherlands, Secura has 100 employees located in two technological centers in Eindhoven and Amsterdam. The company posted 2020 revenues slightly below €10 million.
With solid expertise and capabilities, Secura takes a holistic security approach in identifying and assessing cybersecurity risks according to standards, frameworks and certification programs. Secura’s mission is: “providing insight into your security.”
“Cybersecurity risks are growing for companies and individuals alike,” says Didier Michaud-Daniel, Chief Executive Officer of Bureau Veritas. “Personal and professional data and system protection have become a crucial challenge surrounding security, safety, and even business sustainability. This strategic alliance supports Bureau Veritas’ fast-paced development in the conformity assessment of non-physical assets. As we anticipate an acceleration of the current momentum of the cybersecurity TIC market in the coming years, Secura’s expertise will further reinforce our global offering addressing key geographies and industries. On behalf of the Bureau Veritas Executive Committee, I want to warmly welcome the Secura team.”
“Both Bureau Veritas and Secura see the big opportunity in cybersecurity in the coming decades,” adds Dirk Jan van den Heuvel, Managing Director of Secura. “There is a clear need to bring security to a higher level in many places in society. Joining forces with Bureau Veritas will undoubtedly boost our expansion and accelerate Secura’s capability in providing security expertise. We are confident that this strategic move will enable us to develop even faster in the future, as we benefit from the large footprint of Bureau Veritas and the integrity reputation it has earned from the world’s leading corporations.”
Secura provides security testing, audit, training and certification services covering people, organization, and technology (networks, systems, applications and data). The company holds an extensive range of top-notch accreditations and licenses to operate to offer security testing and certification services according to a number of standards (including ISO 270011, NIST CSF2, OWASP ASVS3, ISAE 3000/34024, UNECE5 regulations, ETSI EN 303 6456, IEC 624437, Common Criteria8).
While firmly grounded in the European security market, the company now serves a diversified international client base and is active in all sectors, focusing on technology, energy, industrial, automotive, financial, public and healthcare markets.
1 ISO 27001 is the leading global standard on Information Security Management
2 The NIST Cybersecurity Framework (CSF) is a set of guidelines for private sector companies to follow to be better prepared in identifying, detecting, and responding to cyber-attacks
3 The OWASP Application Security Verification Standard (ASVS) is a detailed list of security requirements and guidelines that can be used to design, build and test highly secure applications
4 ISAE 3000/3402 are standards to provide assurance over non-financial information (3000) and Internal Controls (3402)
5 The United Nations Economic Commission for Europe (UNECE) regulations cover vehicle safety, environmental protection, energy efficiency and theft resistance
6 ETSI EN 303 645 provides baseline requirements for Consumer IoT devices
7 IEC 62443 standard specifies security capabilities for control system components and systems
8 The Common Criteria for Information Technology Security Evaluation (referred to as Common Criteria or CC) is an international standard (ISO/IEC 15408) for computer security certification