BSM Better Security Management

About BSM

BSM Better Security Management

The global digitization has many advantages but also creates a whole new set of risks; data leakage, cyber crime and viruses to name just a few. BSM identifies security risks and IT responsibilities for your company, enabling you to safely use all means of communication technology. 

BSM Business Security Management BV was founded in 2004 by Arnoud Bruinsma as a consultancy agency, specializing in ICT security. Along with a few information security experts, he developed the ICCM® audit a practical method to assess a company’s security status. This methods has since been applied to many companies. In 2007 BSM was licensed by the Dutch Ministry of Justice under POB number 1104, making it possible to conduct ciber crime investigations.

To make a better distinction between consulting activities and investigative work, in 2018 the company and website were split into two divisions. We now have:

BSM Better Security Management, (this website): A brand under BSM Business Security Management BV for all consulting, audit and pentest activities

BSM recherche diensten, A brand under BSM Business Security Management BV aiming at traditional investigative work and cyber crime investigations. ‘recherche’  is the Dutch word for detective. 

By expanding the service portfolio towards investigations we created a unique and effective combination: with our knowledge of and experience with information security issues we are able to quickly and efficiently find and capture digital evidence of cyber criminals. Secondly, by knowing how cybercriminals operate we can advise our customers on the most effective way to counter cybercrime.


BSM Better Security Management is no IT supplier.

BSM is an independent consultancy company. We do not sell products and we are not connected to a product supplier or manufacturer. Because we audit many companies, we have good understanding about what ‘average’ security is and want a normal price would be for hardware, software and IT services. We review IT sytems AND IT contracts and write an indipendent report on our findings. In fact, in 25% of our audits our customers change IT supplier after reading our report. 


Product delivery

Many of our projects are finalized by means of a report. Reports of our findings during a security audit are used as a blueprint to implement or improve security management and can be used to proof to your customers and related companies that your security has been tested by an independent, CISSP qualified auditor or pentester. 


Tailor made software tools

For many of our activities we have developed our own software and databases. For example we created tooling to test your e-mail security and e-mail behavior. Also we have software to automate pentesting activities. 


The customer comes first

All our activities are customized and delivering a quality service is of paramount importance to us. All our projects are unique and each audit differs from the next. Each customer is in another stage of the security risk maturity model (ad-hoc policy within new companies and small businesses to completely policy-driven models for mature companies).


Head office in Amsterdam, the Netherlands

Currenly, we operate from our head office in Amsterdam. we are looking into new options to expand abroad including Spain and the US. Many of our services are not bound to physical locations. All websites and e-mail systems are connected to the internet and we can test them anywere in the world. Also, new webmeeting tooling enables us to organize meetings all over the world as long as our customer has an internet connection.


Triple-B Consutancy Maastrticht

In 2019 a new brand was intruduced, aiming at GDPR consulting in combination with Cyber Security. This devision and brand 


Do you want to know more about our pentest, e-mail test, Interim CISO and cyber secruity consulting activities? Please contact us