Gijs founded CTRL Disrupt on a simple observation: most organizations don't need another consultant handing over a security report. They need a security and risk function that actually works, one that someone owns, and that grows up alongside the business.

That conviction comes from years spent inside the problem rather than beside it. Gijs has built and governed security and risk at the enterprise and global level, for a global clearing bank, an insurer, an international fleet and mobility company, global industrial firms, and across the public sector. What's unusual is the combination: he works as both a security professional and an enterprise architect. Most people do one or the other. The questions that matter most, what to protect, how to design for it, where the real risk actually sits, live exactly where those two disciplines meet.

Alongside leading the firm, Gijs sits on the board of KNVI's architecture interest group, and is extending CTRL Disrupt's work into AI governance and audit, ahead of the EU AI Act turning independent assessment from a good idea into a requirement.

That security-meets-architecture thread runs through his academic work too. Gijs studied Information Security Management at The Hague University of Applied Sciences, earning his BSc with a thesis on how enterprise security architecture could help Dutch financial startups. He went on to an Executive Master in Enterprise IT Architecture at Antwerp Management School, completed with distinction, with a thesis on a risk-based approach to enterprise architecture, and is finishing a second Executive Master in IT Management, with a thesis on the risk-based acquisition and integration of IT service providers. His certifications include CISSP, CISM, CISA, CRISC, SABSA SCF, DEMO-4 Professional Specialist (Design & Engineering Methodology for Organizations), and SCF Practitioner.