During the last Privacy Focus Group meeting, the VBO-FEB explained the functioning and the advantages of the interactive DPO Connect platform which was set up by the Data Protection Authority (DPA) in collaboration with DPO-Pro and the Vrije Universiteit Brussels (VUB) with the support of the European Commission.
ESA focus group – 27 November 2019 – ESA Practice and API Security Architecture
27 November 2019 – Cyber Security Coalition
The agenda of the November session listed two distinct topics. The first one, brought by ING, forced us to take a distance from our day-to-day, technical focus and reflect on the purpose, mission, values and impact of our practices. The relative gap in maturity, initially perceived by some members, clearly is no longer an impediment to actively participating to open discussions among trusted members, boosting the sharing and value creation! Concrete proposed actions resulting from this activity are the co-creation and application of an ESA maturity model and the edition of an article on what enterprise security architecture is about and how the Coalition can help member and non-member organizations in achieving professional standards.
The second topic, jointly brought by BNP Paribas Fortis and Proximus, took a closer look into the API management domain, one of the pillars of enterprise digital transformation. Several architecture views, access control mechanisms and secure reference designs were elaborated. Three concrete patterns were analysed for trade-offs between their protection level and the implied management effort.
On the picture, from left to right: Sven Vermeulen (KBC Group), Peter Spiegeleer (Proximus), Coen De Roover (VUB)
Other blog posts
During the first in-person meeting since the Corona pandemic broke out, the Privacy Focus Group engaged into a lively discussion on the effectiveness and strategic role of the DPO and addressed the question whether one single person can wear the hat of both CISO and DPO.
How do you develop cyber security awareness? The Cyber Security Coalition and the CCB created a training programme that you can apply in your own organisation.
Though still very much a work in progress, with no enforcement expected before 2024, organizations would do well to start evaluating the impact of the draft NIS.2 directive proposal on their current security posture. The presentation of Mr. Pieter Byttebier (Centre for Cyber Security Belgium) is a very good start for this exercise.
The GOVERN&LAW experts share the do's and don'ts when setting up a whistleblowing system in your organization and demonstrate how such an effective and robust system can help you self-detect incidents before they become scandals.