Independent cybersecurity in Luxembourg
Built for organisations that have real security obligations but no dedicated security team.
Barend van Lith
Founder, Lithsecure
Barend van Lith has spent more than a decade working in information security — first as a network security engineer at a Luxembourg financial institution, then as a senior analyst at a managed security service provider where he led detection and response work across client environments in Luxembourg, Belgium, and the Netherlands.
Over that period he worked with fiduciary firms, law practices, technology companies, and fund administrators navigating their first formal security programmes. What he consistently found was that the organisations most in need of structured security guidance were also the ones least served by the market: too large to ignore their obligations, too small to justify a full-time security team.
Barend founded Lithsecure to close that gap directly — providing the kind of expert, independent guidance that enterprise organisations have always had access to, structured for the scale and budget of an SME. He holds professional certifications in information security risk management and has advised organisations through two regulatory cycles of GDPR enforcement and NIS2 implementation.
He is based in Luxembourg and works with clients across Luxembourg, Belgium, and the Grand Region. (This bio is a placeholder — please update with your own details.)
Why Lithsecure exists
Most cybersecurity firms are built to serve enterprise clients. Their tools are priced for large IT teams, their reports are written for security engineers, and their sales cycle assumes a procurement department.
Lithsecure exists for the organisations in between — the fiduciary firm, the regional law practice, the managed service provider — that are fully in scope for NIS2 but have no dedicated security resource. We work directly with management, write in plain language, and price for organisations that are spending on security for the first time.
We don't resell hardware or software. We charge for time, expertise, and the outcomes that come with them. That keeps our advice independent.
Where we work
Lithsecure is based in Luxembourg and serves clients in Luxembourg, Belgium, and the Grand Region — including France (Lorraine, Champagne-Ardenne) and Germany (Saarland, Rhineland-Palatinate). We work on-site and remotely.
Most of our clients are in financial services, legal services, IT services, and professional services sectors — the sectors most commonly in scope for NIS2 at SME scale.
Experience and credentials
Six years of MSSP experience
Monitoring, detection, and incident response across dozens of client environments.
NIS2 & GDPR specialisation
Practical compliance work in regulated sectors — not just policy writing.
Luxembourg & Belgium market
We understand the local regulatory context: CNPD, ILR, NBB, and the local NIS2 transpositions.
Independent
No vendor partnerships. No hardware resale. Advice that serves your interests.
How we can help
NIS2 Compliance
A complete programme from scope determination to board-ready documentation.
Managed Threat Detection
Continuous monitoring with human triage. Alert within 15 minutes of a confirmed incident.
NIS2 Readiness Review
Fixed-price gap analysis. Know where you stand before committing to a programme.