Florence Mottay is CISO of the Year 2025

The award was presented at CISODAY, which drew more than 300 cybersecurity professionals from large corporations, government, and nonprofit organizations in the Netherlands. 

Winner Florence Mottay, who started 25 years ago in the U.S. as an ethical hacker specializing in writing exploits, has a varied career path behind her. She spent ten years leading various branches of companies in information security in EMEA and became CISO nine years ago: first at Ahold Delhaize, followed by Zalando three years ago. She has technical expertise, strategic insight, and knows how to implement these, according to the jury. 

“Choosing a winner proved challenging, however, hearing the nominees' pitches and witnessing their professional growth was truly inspirational,” said jury chairman Aart Jochem, CISO for the Central Dutch Government. The other two nominees for the award were Martin de Vries (Eindhoven University of Technology) and Vladimir Cibic (KPN). These CISOs also scored strong to very strong on almost all selection criteria. 

“Once more, this year the candidates went through an intensive selection process. These are CISOs that the Netherlands can be proud of. But there can only be one winner. And this year's winner is once again a true figurehead for our community,” said jury member Luisella ten Pierik, CISO at Stedin and vice president of the CISO Platform Nederland, initiator of CISODAY together with the CISO community Nederland. 

The CISO community and the Platform aim to enhance the role of the CISO within organizations and foster cooperation, with the ultimate goal of increasing the Netherlands' cyber resilience to a higher level. This year's theme was “Together, we stand."

Cybersecurity Achievement Award

The founders of the Dutch Institute for Vulnerability Disclosure (DIVD), Victor Gevers, Astrid Oosenbrug, and Chris van 't Hof, received the Cybersecurity Achievement Award from the chairman of CISO Platform Nederland, Dimitri van Zantvliet, for their unwavering and selfless contribution to the cybersecurity of the Netherlands. 

“Victor, Astrid, and Chris have built something special. Not a company, not a government agency, but a movement: a volunteer-driven force for good that finds holes in security before the bad guys do, and then works tirelessly to close them,” Van Zantvliet said. 

Hans de Vries, winner of the first award in 2024 and Chief Cybersecurity Officer at ENISA, addressed the founders via a video message: "I have fond memories of my time working with DIVD. Your commitment comes from the heart; you have exceptional expertise and an incredible drive, all dedicated to a noble cause."

The selection process

The three nominees for the CISO of the Year Award were chosen from a shortlist of six candidates following the first step in the process: a self-assessment on, among other things, digital maturity and cybersecurity maturity in the organization. The three highest-scoring CISOs were then subjected to a series of validation interviews and a research assessment by Frieda Barendse, Partner, Leadership Services at Amrop. In addition, the board of the CISO Platform Netherlands gave their feedback to the jury. Finally, the three CISOs provided a pitch and were subjected to a Q&A with the jury at the final jury meeting on May 14.

The Jury

The jury comprised chairman Aart Jochem, CISO Rijk; Luisella ten Pierik, CISO at Stedin; Job Voorhoeve, global digital practice leader at Amrop; Madelein van der Hout, senior analyst, security and risk team at Forrester; Lokke Moerel, professor of global IT law at Tilburg University and senior of counsel at Morrison and Foerster; Jeroen Schipper, CISO of the Municipality of The Hague and CISO of the Year 2024; and Rob Beijleveld, co-initiator of the CISO community Netherlands and CEO of ICT Media.

Photo: Dennis Khalil