Audits strengthen business operations, yet many organizations are fearful of the process, rather than seeing the benefits of audits. In this webinar, you get better insights in the auditing process and how you can use audits to strenghten and mature your overall risk programme.
NIS Focus Group – 3 March 2020 – Operationalizing the NIS Directive: a transport sector case study
4 March 2020 – Cyber Security Coalition
The Network and Information Security Directive requires ‘operators of essential services’ (OES) to take measures to insure the availability of those services. The FPS Mobility and Transportation explained about the legal and regulatory framework of NIS in Belgium, for subsectors as aviation, navigation, rail and road, as well as the tasks of the FPS itself (identifying services and OES, providing advice, monitoring sectors). The authorities also determine which standard(s) the operators must comply with.
Presentations by key transport actors (NMBS/ SNCB, Infrabel, Eurocontrol among them) discussed concrete efforts made by them, with active input from attendees through questions and answers. The Centre for Cyber Security Belgium announced a platform for incident notification and a FAQ list (to come). Clearly there is an urgent need for more operational technology experts with cyber security expertise (as proposed by HOWEST), more sectorial cyber security guidelines, more ‘information sharing and analysis centers’, as well as better use of available tools (e.g. from ENISA). A particular challenge will be finding experts capable of auditing transport systems, consisting of extremely customized mixes of modern and legacy systems, with proprietary protocols and strict operating conditions.
Other blog posts
This webinar focuses on the context of information security through governance, more particularly on the key role of the CISO and the value of COBIT as a digital governance framework for information security activities supported by the presentation of a best practice.
This webinar presents the building blocks of an effective organization-wide risk management and explains the requirements for IT risk management certification.
In this Cyber Talk you gain insights in advanced threats outside your organisation and what you could potentially do to protect you from them.
In this first webinar of the GRC: Be Connected! series, some very basic aspects of cyber security are treated: how to manage necessary skills, what about frameworks, where to find knowledge.