Eye Security, a cybersecurity company based in The Hague, said on June 30 that it had raised €60 million in a Series C round led by the Belgian investment firm Sofina, which took a minority stake. The money arrived with a pitch that has become common across European technology: that the continent should defend its networks with tools built and owned closer to home.
That framing sits alongside a cap table that is not entirely European. Two of the round’s named investors, J.P. Morgan Growth Equity Partners and Bessemer Venture Partners, are American, and both had backed earlier rounds; the Dutch fund TIN Capital increased its stake. The new European lead is Sofina, a Brussels-listed investment company. The sovereignty language is Eye Security’s own.
Founded in 2020 by former employees of the Dutch intelligence and security services, Eye Security sells what it calls intelligence-grade protection to organizations that cannot build their own security operations, mostly mid-sized companies. It says it now covers more than a thousand organizations across the Benelux and German-speaking markets. Its platform, Cyber Guard, pairs automated threat detection with a round-the-clock team of human analysts, and the company folds incident response, threat intelligence and its own cyber-insurance underwriting into a single package. The Series C money is earmarked for expansion into more European countries, deeper integrations with other security tools, more work on AI-assisted detection, and hiring across engineering, threat intelligence and customer support.
The sovereignty pitch
Eye Security’s positioning leans on a specific worry in European boardrooms: that the software defending sensitive systems is largely American, and that data, access and legal jurisdiction travel with it. The company stresses that it is built and headquartered in the EU, keeps customer data inside EU borders, and helps clients meet the NIS2 directive, the bloc’s tightened cybersecurity rules, and GDPR. Chief executive Job Kuijpers framed the round as a bet that “Europe needs sovereign cybersecurity solutions.” The trade publication Techzine described the company as positioning itself as a European alternative to many American providers.
One feature is genuinely unusual. Eye Security underwrites cyber insurance in-house, alongside the security service it sells, and presents that as an advantage at a moment when some traditional insurers are pulling back from cyber coverage. It also concentrates two roles in one company: the party assessing the risk, and the party being paid to reduce it.
What “sovereign” does and does not guarantee
“Sovereign” is a marketing term here, not a certification. What Eye Security describes is EU incorporation, EU data residency and compliance with European law, which are real and checkable. That is not the same as European ownership of the company or its capital, and this round makes the point plainly: part of the money behind a “sovereign” European vendor is American. Sovereignty claims in cybersecurity usually turn on where data sits and who can be compelled to hand it over, not on the nationality of the shareholders, so the gap between the word and the structure is narrower than it first looks. It is still worth naming.
The round is also modest by the standards of the field it wants to lead. €60 million is a Series C; the largest American security firms raise and spend on a different order. And several of the claims around the deal, that AI-driven attacks are surging and that insurers are retreating, come from the company and its investors, who have an interest in the story. They are plausible and widely repeated, but they are arguments for the investment rather than independent findings.
What the round does show is that European buyers increasingly want to know where their security comes from, and that investors, European and American alike, are willing to fund companies that answer the question. Whether “sovereign” turns out to be a durable category or a marketing season is the part no funding round can settle.













