CYRIS360

We transform cyber risks from business inhibitor to a growth enabler.

Our services

We empower our clients to leverage the immense potential of Digital Transformation, while effectively managing the inherent risks that come with Digital Technologies. Thus, enabling you to accelerate your business-growth safely and efficiently.

Governance, Risk and Compliance

Our GRC (Governance, Risk, and Compliance) consulting services help your organization establish robust frameworks to manage information security. We guide you through the complexities of standards like ISO27001 for implementation and audit preparation, ensuring your systems meet international best practices. Additionally, we assist with NIS2 and DORA compliance, helping you navigate new regulatory landscapes to protect critical infrastructure and digital services.

#GRC
#ISMS
#ISO27001
#ISO22301
#NIS2
#DORA

Learn More Order

Cybersecurity Engineering

Our Cybersecurity Engineering services embed security directly into your development and operational lifecycles. We integrate security from the design phase through deployment, reducing vulnerabilities in your applications. We also ensure CRA (Cyber Resilience Act) compliance, helping you build robust and resilient digital products that meet upcoming regulatory requirements for connected devices.

#SoftwareLifecycle
#SDLC
#IOT
#Pentest
#RED
#CRA

Learn More Order

Frequently Asked Questions

We provide end-to-end support for ISO/IEC 27001 certification, including gap analysis, implementation roadmap, policy development, risk assessment, internal audit, tailored trainings and workshops to raise awarness regarding the ISMS, and guidance through the certification process with accredited certification bodies.

A virtual Chief Information Security Officer (vCISO) provides strategic cybersecurity leadership without the cost of a full-time executive. Cyris360's vCISO services include security strategy development, risk management, compliance oversight, and security program management tailored to your organization's needs and budget.

NIS2 (Network and Information Security Directive 2) is an EU directive, which is transposed into local law, and sets cybersecurity requirements for essential and important entities in different sectors. DORA (Digital Operational Resilience Act) is an EU-wide act to enhance the resilience of financial sector. Cyris360 helps organizations understand their obligations, assess their current security posture, and implement necessary measures to achieve compliance.

The RED-DA supplements RED by activating certain cybersecurity requirements. The harmonised standards corresponding to RED-DA are in the EN 18031 series (parts 1, 2, 3), addressing network protection, privacy/data protection, and fraud-resistant features. The Cyber Resilience Act (CRA) is a newer, broader EU regulation aimed at strengthening cybersecurity rules across all products with digital elements (not just radio equipment). Noncompliance could lead to fines (e.g. up to EUR 15 million or 2.5% of global turnover, whichever is higher) and restrictions on placing products on the EU market.

Our team

Cyris360 was founded in 2023 with a focus in cybersecurity governance, risk management, and secure software development. To offer broader services and complementary capabilities, we've partnered with Saneon GmbH to expand our network in the Automotive sector. Furthermore, we're founding member of Bare-Alliance.eu — a collaborative network designed to bring together diverse skill sets and decades of accumulated experience.

Saber Ferjani

CEO & Lead Consultant

Saber is the founder of Cyris360, he holds several certifications including CISM, CSSLP, and ISO/IEC27001 LI, which reflect his commitment to helping organizations build resilient and standards-aligned security programs.

Paolo Carner

Lead Consultant & vCISO

Paolo is an Information security consultant & (Co-)Founder of Bare-Alliance. Paolo holds several certifications including CISSP and ISSMP, and has proven record of supporting clients with SOC2 (SAE 3404) assessments, and managed security services.

Alexia Ronda

Lead Consultant & Auditor

Alexia is the founder of FortRisk. Alexia supports organizations with Governance, Risk & Compliance (GRC) in the field of Information Security, Business Continuity and Data Protection (including ISO 27001, ISO 27701, NEN 7510 & ISO 22301).

Ilyess Benaicha

Operations Manager

Ilyess has a proven track record in business administration and driving operational efficiency. With a strong background in Mathematics, he oversees daily operations by managing internal processes, optimizing resources, and people.

Kağan Gökbayrak

Consultant & Pentester

Kağan holds a CEH certification and has extensive hands-on experience in application security and penetration testing. Kağan supports automotive clients by providing consulting services focused on building secure and resilient digital products.

Our methodology

At Cyris360, we have developed the Cyber Risk Framework (CRF), a modular framework designed to support businesses in addressing their cybersecurity challenges, in 3 steps:

Governance
This pillar focuses on understanding your organization's unique context, by performing a gap assessment, followed by a roadmap with one or muliple work product(s) to reach the desired outcome.
Implementation
This pillar is about delivering the work product(s) and creating measurable improvements that build a more secure and resilient IT environment and increased staff awareness.
Operations
This pillar focuses on maintaining cybersecurity resilience in day-to-day activities. This ensures the long-term sustainability of your cybersecurity efforts, as your business evolves.

Our value proposition

CYRIS360 is trusted by global brands, including:

At Cyris360, we help our clients with clarity and confidence. Here's what sets us apart:

Trusted
With consistently high client satisfaction and long-standing partnerships, we've built a reputation for delivering on our promises and acting as a dependable advisor in every engagement.
Proficient
We bring the best of both worlds: strong technical expertise and real-world, hands-on experience. This combination allows us to understand your challenges deeply and craft practical, high-impact solutions.
Efficient
We focus on what matters most. By streamlining processes and eliminating unnecessary complexity, we deliver results quickly and make the most of your budget and resources.

The collaboration led to enhanced threat awareness and strengthened security controls. It also reduced the risk of potential breaches and compliance issues.

Worked with Saber for an ISO27001 internal audit. It was a very positive experience!

Everything was great! It was very productive.

It's been a pleasure working with Saber. His knowledge on Information Security and ISO27001 together with his can do attitude and an unending curiosity make him a valuable partner.

Saber consistently exceeded expectations. He is a seasoned security professional with a deep understanding of the field. He is an excellent communicator and can build strong relationships with stakeholders at all levels.

CYRIS360

Our services

Governance, Risk and Compliance

Cybersecurity Engineering

Frequently Asked Questions

How can Cyris360 help my organization achieve ISO/IEC 27001 certification?

What is a vCISO and how can it benefit my organization?

What is NIS2 and DORA and how do these regulations affect my business?

What is RED-DA and CRA how do these regulations affect my products?

Our team

Saber Ferjani

CEO & Lead Consultant

Paolo Carner

Lead Consultant & vCISO

Alexia Ronda

Lead Consultant & Auditor

Ilyess Benaicha

Operations Manager

Kağan Gökbayrak

Consultant & Pentester

Our methodology

Governance

Implementation

Operations

Our value proposition

Trusted

Proficient

Efficient

Forms:

Partners:

Trust:

‎