Demiroz Consultancy

Demiroz Consultancy B.V. is a personal and independent consulting firm – based in Hengelo the Netherlands – with a focus on information security, cyber resilience and risk management. We see our customers as partners because trust is our most important factor. By more than 18 years’ experience in Cyber Security Consultancy, we have much experience. We think anticipating on trends and developments in the market is important to advise our customers with a vision on the future.

Demiroz Consultancy provides guiding and consulting to the world’s largest and most exciting companies in the following industries: Defense, Manufacturing, High Tech, Public Services, Health- and Financial Services. Demiroz Consultancy designs and implements solutions for the transformation and optimization of our clients’ Cyber Security resilience. 

Interested in our company? Check out our career option’s or contact us!




Do you understand your organisation’s vulnerability? Can you be sure that you know exactly what your organization’s most critical information assets are, and that they are protected in line with their importance to the business? Or that your information is not already leaked and that your competitor can gain your R&D information with just one click? How you could effectively respond when an incident occurs?

Information is your most important asset but also the most vulnerable asset. The assurances your company need is that your Critical Business Processes, Systems, and Infrastructure:

  • Are proven and secure
  • Deliver dependable service
  • Are resilient and robust
  • Are protected against cyber attacks


  • Prevents against disclosure of sensitive information
  • Response fast, effective at security incidents
  • Provide Timely, accurate and reliable data
  • Meet legal, regulatory and compliance requirements


Our team of qualified and experienced Lead Auditors and Consultants can give you answers to the previously stated questions. They are able to identify your organisation’s critical business assets, the currently managed information security, identify key risks and areas of non-compliance. Based on this we provide clear prioritized and pragmatic recommendations.



There are different types of industrial information and control systems (ICS) that control and monitor industrial machinery. ICS and ICS-related information need protection from unauthorized access, interference and damage as this information is the key to the organisation’s continuity. The dependency on complex IT and industrial control systems in industrial environments increases. Cyber-attacks and malfunctions make organisations very vulnerable.


The Healthcheck is a strategic tool to assess and improve security arrangements. Through a step-by-step analysis, we assess the current information security by evaluating the current measures and advice improvements of these measures. Also, we give additional recommendations to improve the organisation’s information security. The subjects of our Healthcheck are: 

Read More
  • Identify critical assets and understand current cybersecurity readiness
  • Empower better prioritisation of investments on activities that have a greater impact in managing cybersecurity risks
  • Optimize resources by better aligning cybersecurity initiatives to business requirements, based on resource availability and organization’s risk tolerance Discover ways to effectively respond to security incidents when they occur
  • Gain proactive insight into potential security gaps that can lead to security risks/ vulnerabilities
  • Establish a roadmap with remediation actions to close identified security gaps


Risk assessment is a long-term process to identify, assess and treat information risk to provide an overall picture. With the risk assessment process, the company will be able to make informed choices about future plans and investments. It will help your information risk practitioners to implement the six-phase process consisting: 

Read More
  • Scoping.
  • Business Impact Assessment.
  • Threat Profiling.
  • Vulnerability Assessment.
  • Risk Evaluation.
  • Risk Treatment.

This approach is suitable for organisation where a cybersecurity breach has a big impact on the internal- and external environment.


Nowadays, the chance of a cyber incident is very high. It is crucial that the company responds correctly and timely to a cyber-attack using a predefined and tested Cyber Responds plan. We support your organization with tracking down the and defend from advanced attackers, organized criminals and malicious insiders.


High profile security breaches have shown that securing your supply chain is essential to protect your organisation. We provide organizations with an independent assessment of its approach to supply chain risk management. By identifying all suppliers with critical information and/or sensitive data, evaluating the contracts and agreements. Based on this research we provide recommendations to improve information security in the Supply Chain. 


Do you prefer not to outsource the information security completely but do you want a sparring partner or temporary support at a distance or internally? We offer Independent Security Advisors. We act as your information security partner, provide instant security expertise, specialty skills, and experience to keep you on track.

Do you wish more information about the services above, or something else?

Do not hesitate to contact us!



Where our customers are located: