CYRIS360

We transform cyber risks from business inhibitor to a growth enabler.

Our services

We empower our clients to leverage the immense potential of Digital Transformation, while effectively managing the inherent risks that come with Digital Technologies. Thus, enabling you to accelerate your business-growth safely and efficiently.

GRC - ISO/IEC 27001 - NIS2 & DORA

GRC - ISO/IEC 27001 - NIS2 & DORA


Elevate your organization's information security with our Governance, Risk and Compliance (GRC) services. We offer time-boxed gap assessment, and implmentation of ISO/IEC27001 compliant Information Security Management System (ISMS), augmented with industry-specific framework (TISAX, NEN7510), as well as regulatory compliance (NIS2, DORA).

  • #GRC
  • #ISMS
  • #ISO27001
  • #ISO22301
  • #NIS2
  • #DORA
Secure Software Development Lifecycle

Secure Software Development Lifecycle


Our technical consulting services empowers our clients to design, implement, and release secure products. We support our clients with implementation of Cybersecurity Management System (CSMS) for Automotive, including Commercial trucks, as well as Cybersecurity requirements for Internet of Things (IoT) according to harmonized standards (EN18031).

  • #SoftwareLifecycle
  • #CloudSecurity
  • #IAM
  • #API
  • #RED
  • #CRA

Frequently Asked Questions

We provide end-to-end support for ISO/IEC 27001 certification, including gap analysis, implementation roadmap, policy development, risk assessment, internal audit, tailored trainings and workshops to raise awarness regarding the ISMS, and guidance through the certification process with accredited certification bodies.
A virtual Chief Information Security Officer (vCISO) provides strategic cybersecurity leadership without the cost of a full-time executive. Cyris360's vCISO services include security strategy development, risk management, compliance oversight, and security program management tailored to your organization's needs and budget.
NIS2 (Network and Information Security Directive 2) is an EU directive, which is transposed into local law, and sets cybersecurity requirements for essential and important entities in different sectors. DORA (Digital Operational Resilience Act) is an EU-wide act to enhance the resilience of financial sector. Cyris360 helps organizations understand their obligations, assess their current security posture, and implement necessary measures to achieve compliance.
The RED-DA supplements RED by activating certain cybersecurity requirements. The harmonised standards corresponding to RED-DA are in the EN 18031 series (parts 1, 2, 3), addressing network protection, privacy/data protection, and fraud-resistant features. The Cyber Resilience Act (CRA) is a newer, broader EU regulation aimed at strengthening cybersecurity rules across all products with digital elements (not just radio equipment). Noncompliance could lead to fines (e.g. up to EUR 15 million or 2.5% of global turnover, whichever is higher) and restrictions on placing products on the EU market.

Our team

Cyris360 was founded in 2023 with a focus in cybersecurity governance, risk management, and secure software development. To offer broader services and complementary capabilities, we've partnered with Saneon GmbH to expand our network in the Automotive sector. Furthermore, we're founding member of Bare-Alliance.eu — a collaborative network designed to bring together diverse skill sets and decades of accumulated experience.

Saber Ferjani

Saber Ferjani

CEO & Lead Consultant


Saber holds several certifications including CISM, CSSLP, and ISO/IEC27001 LI, which reflect his commitment to helping organizations build resilient and standards-aligned security programs.

Paolo Carner

Paolo Carner

Lead Consultant & vCISO


Paolo is seasoned Information security consultant & (Co-)Founder of Bare-Alliance. Paolo holds several certifications including CISSP and ISSMP, and has proven record of supporting clients with SOC2 (SAE 3404) assessments.

Ilyess Benaicha

Ilyess Benaicha

Operations Manager


Ilyess has a proven track record in business administration and driving operational efficiency. With a strong background in Mathematics, he oversees daily operations by managing internal processes, optimizing resources, and people.

Our methodology

At Cyris360, we have developed the Cyber Risk Framework (CRF), a modular framework designed to support businesses in addressing their cybersecurity challenges, in 3 steps:

  • Governance

    This pillar focuses on understanding your organization's unique context, by performing a gap assessment, followed by a roadmap with one or muliple work product(s) to reach the desired outcome.

  • Implementation

    This pillar is about delivering the work product(s) and creating measurable improvements that build a more secure and resilient IT environment and increased staff awareness.

  • Operations

    This pillar focuses on maintaining cybersecurity resilience in day-to-day activities. This ensures the long-term sustainability of your cybersecurity efforts, as your business evolves.

Our value proposition

CYRIS360 is trusted by global brands, including:

ANYbotics logo
E2CAD logo
Jopp Automotive logo
Man logo
CerQlar logo
ANYbotics logo
E2CAD logo
Jopp Automotive logo
Man logo
CerQlar logo
ANYbotics logo
E2CAD logo
Jopp Automotive logo
Man logo
CerQlar logo

At Cyris360, we help our clients with clarity and confidence. Here's what sets us apart:

  • Trusted

    With consistently high client satisfaction and long-standing partnerships, we've built a reputation for delivering on our promises and acting as a dependable advisor in every engagement.

  • Proficient

    We bring the best of both worlds: strong technical expertise and real-world, hands-on experience. This combination allows us to understand your challenges deeply and craft practical, high-impact solutions.

  • Efficient

    We focus on what matters most. By streamlining processes and eliminating unnecessary complexity, we deliver results quickly and make the most of your budget and resources.

Hannes Wyss
Hannes Wyss
Principal Robot Cybersecurity Engineer at ANYbotics

The collaboration led to enhanced threat awareness and strengthened security controls. It also reduced the risk of potential breaches and compliance issues.

Anton Fedorov
Anton Fedorov
Head of Development at Cerqlar - Part of ACT Group

Worked with Saber for an ISO27001 internal audit. It was a very positive experience!

Anonymous
Anonymous
Release manager at a Tier-1 Automotive supplier

Everything was great! It was very productive.

Herman Greeven
Herman Greeven
Global Security Manager

It's been a pleasure working with Saber. His knowledge on Information Security and ISO27001 together with his can do attitude and an unending curiosity make him a valuable partner.

Craig Knox
Craig Knox
Director of Product & Platform Security

Saber consistently exceeded expectations. He is a seasoned security professional with a deep understanding of the field. He is an excellent communicator and can build strong relationships with stakeholders at all levels.

Cyris360 BV - KVK 90766229 - All rights reserverd - 2025