Perium takes risk management to the next level

With great regularity we see and read reports of cyber-incidents such as data breaches, hacks, identity theft. For a growing number of organizations, this is reason to give risk management a prominent place in their operations. For many, it is even mandatory to take appropriate management measures in the area of information security and data privacy.

Yet it turns out to be quite difficult to demonstrate that you are "in control." Arjan Kremer found this unnecessarily difficult. Together with Jasper de Vries he therefore started Perium, a clear and accessible platform that helps organizations to take the management and control of risks in the field of IT, information security and data privacy to a higher level.

Accessible

'I increasingly noticed that organizations were trying to reinvent the wheel themselves,' says Kremer, who, like De Vries, has been active in the world of risk management, security and privacy for years. 'Not infrequently this led to all kinds of problems such as incorrect access to data, inconsistent data or, from a broader perspective, lack of insight and coherence in threats, vulnerabilities, risks and management measures. While these problems can be relatively easily prevented. Simply because there is a lot of relevant information available in various places about, for example, norms, standards and best practices. On Perium, all that available information is shared and, within certain limits, made accessible to everyone. And yes, that saves time, effort and thinking. And so it makes it significantly easier for organizations to increase their resilience to risks and threats.'

Cyclical management system

Of course, sharing best practices, standards and norms is nice and valuable. But what makes Perium especially special is that it features a cyclical management system. The platform thus enables organizations to continuously improve. 'Based on generic and sector-specific features, Perium provides a comprehensive database, including threats, vulnerabilities, risks and control measures,' Arjan clarifies. 'The control measures are related to the right risks on the platform. As an organization, you are, as it were, forced to periodically draw up and implement assessments and, where necessary, improvement plans. This creates a so-called Plan-Do-Check-Act cycle, which gives you insight into and a grip on all the risks surrounding security and privacy at all times. At the same time, we will display benchmarks on Perium, completely anonymously of course. This means that as an organization you can compare your scores on risks in the area of, for example, logical access security with those of similar organizations. You then immediately know where you stand.

Large market demand

The market opportunities did not go unnoticed. Thus NOM recently decided to provide Perium with funding, together with G-Force Capital, Stichting Telematica and software developer Stekz, responsible for the technical realization of the platform. What was the deciding factor? 'The scalability of the platform combined with Arjan and Jasper's knowledge and expertise,' says Ytsen van der Meer, Investment Manager of the NOM. 'Beforehand, of course, we did careful research. This showed that there is a great need in the market for such a platform. The solutions currently on offer are quite complex and often focused on one specific sector. Perium, on the other hand, is broadly applicable and also very accessible and low-threshold.'