Skip to main content

Setting up a cybersecurity squad from scratch

Thales Cyber Defense Solutions aims to raise the digital resilience of critical infrastructures. A growing number of utilities, maritime companies and chemical factories are having their crucial control systems scrutinized by Roel van Rijsewijk and his team of threat hunters.

“As our critical infrastructures become more and more digitalized, they’re also more and more exposed to all kinds of cyber threats. We’re seeing a strong increase in ransomware attacks and state actors trying to hack our OT, our operational technology,” says Roel van Rijsewijk, director cyber defense at Thales. “It’s an illusion to think that we can completely shield ourselves from all these dangers. Being connected makes us vulnerable. It’s unfeasible, and undesirable, to be 100 percent secure. The key is to be resilient, to be able to detect attacks, limit the damage and come out stronger and wiser.”

Van Rijsewijk heads the Cyber Defense Solutions (CDS) business line, which is part of Thales’ global business unit Secure Information Communication Systems (Six). “Before joining Thales, I worked at Deloitte for two decades. Combining risk assessment with my fascination for the digital transformation, I ended up leading the Cyber Risk team there and growing it from 80 to 150 professionals, ranging from advisory and implementation experts to ethical hackers with deep technical knowledge. In 2019, Thales came and asked me to do the same for their cyber team in Huizen.”

“Having an entrepreneurial spirit, I immediately was keen to take on the challenge. I’m not technical myself, but I do really like working with techies. And I see a huge opportunity for Thales in cybersecurity for operational technology,” explains Van Rijsewijk, detailing why he chose to accept the offer. “The IT cybersecurity market is quite crowded already, but OT cybersecurity is relatively new, with industrial and other infrastructures being rather low on the cyber maturity scale. A specialist in military-grade protection systems and digital technologies, Thales is well positioned to become a leading provider of cyber defense solutions.”

Purple teaming
CDS has four main activities. “Our first value proposition, as I like to call it, is offensive security,” Van Rijsewijk elaborates. “This basically boils down to red team pen testing. Penetration testing is having our ethical hackers attack the systems of our customers to determine where the holes are. Red teaming is playing the enemy and actually exploiting the vulnerabilities to get in and steal data.”

“Our second value proposition is managed services,” Van Rijsewijk goes on to explain. “In Huizen, we have our SOC, our Security Operating Center, where we keep an eye on the IT and OT environments of our customers, 24/7. We monitor their systems, their networks and all the traffic that flows through them. Any sign of suspicious activity will raise an alarm. We then help our customers respond and recover to a higher level of resilience.”

“Our third value proposition is what I call cyber consulting. By that, I don’t mean giving advice; I mean integrating solutions. The Thales Group has a wide range of security products, including a big encryption portfolio acquired through the takeover of Gemalto in 2019. This business has been incorporated as Digital Identity and Security, DIS, and we work closely with them to implement their products at our customers.”

“Our fourth value proposition is delivering so-called sovereign security solutions, tailored to very strict customer needs. The Dutch government and the Dutch armed forces, for example, work with highly confidential information that they want protected by Dutch solutions. Whenever they find American or Israeli products not trustworthy enough to guard their secrets, they turn to us for custom-built specialties. We do the same for Thales’ Naval programs in Hengelo.”

The value propositions also compound to create new opportunities. “When you combine offensive security and managed services, you get purple teaming,” illustrates Van Rijsewijk. “A red team tries to get into a system protected by a blue team – red mixed with blue gives purple. When the attack remains undetected, you need to come up with new detection mechanisms. You may even need to implement additional security solutions, which then results in a consulting project.”

From startup to scale-up
In the past four years under Van Rijsewijk’s direction, CDS has grown to over fifty people, working for dozens of customers. “During my job interview, Thales Netherlands CEO Gerben Edelijn expressed his wish for this business line to extend beyond the defense domain. Well, we’re now almost exclusively serving civil clients, ranging from utilities to maritime companies and chemical factories. We’re monitoring both their corporate IT and their critical control systems.”

Van Rijsewijk’s squad includes cyber specialists, consultants and engineers. “We have three competency teams: developers working on our SOC platform and our other technology, generalists supporting our customers with advice about people, processes and technology, and hackers and analists hunting for threats. Together, these three teams are responsible for delivering our value propositions.”

When Van Rijsewijk came on board, he was encouraged to run his squad like a startup. “That was music to my entrepreneurial ears, so that’s what I did. In the first year or two, to avoid getting smothered and prevent the seedling from being nipped in the bud, I steered clear of the big warm Thales blanket as much as possible. To grow the new business, I had to step out of the company’s comfort zone and go out on a limb.”

Now that Van Rijsewijk has successfully matured CDS into a scale-up, it’s very convenient to have this warm blanket. “Having gained a foothold in the market, the need to take risks isn’t as pressing anymore. The time has come to cuddle up – carefully, because you don’t want to smother the scale-up either. It’s going to mean falling into line with the company processes, but it also comes with a lot of perks. When you have a huge organization like Thales working for you, you can take on the world. It allows us, as a relatively small security outfit, to serve really big customers.”

Want to learn more about what it feels like to work at Thales? Looking for a job at a true high-tech company, building a future we can all trust? Click here for our current job openings!