The recent ‘Application Security’ Experience Sharing Day covered several Belgian research projects on advanced security approaches.
NIS Focus Group – 3 March 2020 – Operationalizing the NIS Directive: a transport sector case study
4 mars 2020 – Cyber Security Coalition
The Network and Information Security Directive requires ‘operators of essential services’ (OES) to take measures to insure the availability of those services. The FPS Mobility and Transportation explained about the legal and regulatory framework of NIS in Belgium, for subsectors as aviation, navigation, rail and road, as well as the tasks of the FPS itself (identifying services and OES, providing advice, monitoring sectors). The authorities also determine which standard(s) the operators must comply with.
Presentations by key transport actors (NMBS/ SNCB, Infrabel, Eurocontrol among them) discussed concrete efforts made by them, with active input from attendees through questions and answers. The Centre for Cyber Security Belgium announced a platform for incident notification and a FAQ list (to come). Clearly there is an urgent need for more operational technology experts with cyber security expertise (as proposed by HOWEST), more sectorial cyber security guidelines, more ‘information sharing and analysis centers’, as well as better use of available tools (e.g. from ENISA). A particular challenge will be finding experts capable of auditing transport systems, consisting of extremely customized mixes of modern and legacy systems, with proprietary protocols and strict operating conditions.
Nos autres articles
Chairman D. Stevens presented the 2020-2025 Strategic Plan of the Belgian DPA to the Privacy Focus Group and R. Lembrechts tackled the issue of Shadow-IT.
The afternoon’s programme included two external speakers who talked about ‘SaaS security & compliance management challenges’ and ‘shift left’.
The Focus Group discussed the application of an ESA maturity model and took a closer look into the API management domain, one of the pillars of enterprise digital transformation.
NIS workshop – 26 November 2019 – Operationalizing the NIS Directive in the water distribution industry
Late November saw the kick-off meeting of a series of workshops on the NIS implementation in the impacted sectors.