Introducing New HSD Premium Partner: Secior

Secior recently became a part of the Security Delta (HSD) security cluster as a premium partner. Secior is a solution provider working to increase the cyber resilience of data centres. To get a feeling for their expertise, services, and ambitions, we sat down with Sander Nieuwmeijer (Founder) and Fred Streefland (CEO) in their office in Schiphol-Rijk.

How would you describe Secior’s activities?

“We are mainly focused on helping data centres be more cyber resilient, as well as to help them comply with the new NIS2 directive”, Streefland summarises. The NIS2 legislation had just been adopted the day before our interview. “In part we do this by monitoring their networks, and by examining their infrastructure. We want to be the preferred partner when it comes to security and compliance of data centres.”

“We mainly look at the infrastructure of data centres”, Streefland continues. “To operate safely, data centres need continuous access to (electrical) power, as well as a constant temperature that doesn’t fluctuate. All these systems that make a data centre into a smart building, that’s what Secior focuses on. The building itself.”

What is the main reason you wanted to become a Premium Partner of HSD?

“We’ve seen co-operation is extremely important in the cybersecurity domain”, Streefland observes. “If you do it alone, you won’t go as far. The HSD Campus is the best place for collaboration in cybersecurity. So many organisations are included, and the motto ‘sharing is caring’ is something that we really see at HSD.”

Streefland has been involved with HSD through various other organisations. “I told Sander we needed to start a partnership with HSD. The network present here is invaluable, and there’s expertise abound. In short: networking is extremely important, and for us that was one of the main reasons to become a Premium Partner.

What are you hoping premium partnership will bring?

“As I said, networking is important, so I’m hoping to make some meaningful connections”, Streefland explains. “We want people to get to know us better. We also want to find potential collaborations with partners. As an example, I know the Campus has an Internet of Things (IoT) Lab, which is obviously very interesting for parties like us. I know that HSD Premium Partners can get help with organisational matters as well, which we also hope to get a lot out of.”

What do you think Secior adds to the cluster by becoming a partner?

“A lot of it comes down to knowledge and expertise.” Sander Nieuwmeijer, one of Secior’s founders, has been involved with the construction of hundreds of data centres. “Over a period of 25 years all I’ve done is design and construct data centres, as well as maintain and operate them. I have experience with every component used in these centres.”

“I’ve also seen”, Nieuwmeijer continues, “that they started connecting (OT) equipment to the internet about 15 years ago. I have seen people control data centres through an iPhone. In our current age, that can be life threatening. Seeing such things was what made me want to start a company that fully focuses on protecting critical infrastructure which data centres are.”

What do you view as the biggest challenge within the domain of security?

“Moving past all the geopolitical problems we’re currently facing; we keep automating more and more”, Nieuwmeijer states. “This is something that started with this pandemic. How many people work from home now? This fact alone means data centres are more important than ever. The biggest challenge would be keeping those data centres secure.”

The threats to data centres are diverse, and do not just involve hackers looking to make money through ransom. “The NCTV just issued a press statement saying critical infrastructure needs better protection”, Streefland adds. “Because of threats from Russia and China. Data centres are this critical infrastructure.  We all need to be ready for a situation where actual sabotage takes place. Another threat in that regard is the focus on IT security, leading to people forgetting about OT security. There’s not enough expertise in this OT domain, while the damage to these systems can be many times more painful.”

What would you say is the best way to face these challenges?

“I wish clients of data centre would ask more questions,” Streefland answers. “How is the OT-security handled within the data centres where their servers are hosted?, Physical security is always up to speed, and IT is handled properly as well at most data centres, but not enough clients challenge their data centres about OT security.”

Not having your affairs in order can also lead to legal trouble. Nieuwmeijer adds: “This year we’ve seen several data centres in the US become the subject of lawsuits because they lost customer data due to outages. What makes it complicated is they are data centres as well as cloud providers. So, was it an attack on the cloud or physical services? I can assure you: if the whole data centre dealt with an outage, that’s an attack on its OT.

“Insurers see the risks as well”, Streefland comments. “Starting in the second quarter of 2023 damages caused by a nation state attack will not be compensated as easily. Across the board we’re seeing that insurers are becoming less willing to cover for cyberattacks. Secior wants to help offer a solution.”

“Almost all serious cyberattacks start in a data centre. Look at examples such as the Colonial Pipeline ransomware attack in the US. Because the protection of their data centres was not sufficient, they had to halt operation for days. It led to huge financial damage, as well as tons of people not being able to even fuel their car. Our advice is to take OT seriously, and invest in it, to prevent worse scenarios”, Streefland concludes.