A takeaway from the interview with Fabrice Wynants is the need for an end-to-end view on cyber security with security measures at different levels - workplace, apps, infrastructure & cloud. Cyber resilience demands expertise regarding prevention, detection, response, and – not to forget - a focus on recoverability, one of Cegeka's areas of expertise.
Leden in de kijker
Benoit Hucq & Jeremy Grandclaudon
Agence du Numérique
The Agence du Numérique is a major facilitator in the ‘Digital Wallonia’ strategy – the roadmap for a digitally strong and inclusive Wallonia. In the update of the strategy, from 2021 till 2024, 15 million euro will be invested in core cyber security. In addition, a dedicated budget for innovation and research, such as the CyberWal research plan, has been put in place. The KIS initiative aims at raising the cyber security maturity of SMBs.
Bringing all of Wallonia up to cyber security speed
The strength of the Cyber Security Coalition rests on three pillars, with private industry, academia and public organizations collaborating closely. The Agence du Numérique represents a prime example of the third pillar, striving to enhance the cyber security posture of all stakeholders – authorities, industry and citizens – in Wallonia.
The Agence du Numérique is a major facilitator in the ‘Digital Wallonia’ strategy – the roadmap for a digitally strong and inclusive Wallonia. Which role does the Agence play, particularly from a cyber security point of view in the new strategy update?
The Agence du Numérique is a public agency with basically four missions. We are helping the governance of public policies in Wallonia; we promote the use of all forms of digital technology in all groups of society; we are the steering authority for projects as for instance digital transformation projects; and we gather and promote best practices, often in collaboration with other regions, also internationally. These efforts are embodied in the Digital Wallonia plan. While advising on government policies, cyber security represents a major challenge. In the ‘relaunch plan’ of three years ago, there was already a clear requirement for actions regarding cyber security and cyber awareness. In addition to our team with a broad diversity of expertise, we accomplish this through a partnership network, mobilized by public financing. In the update of the plan, from 2021 till 2024, 15 million euro will be invested in core cyber security. In addition, there will be a dedicated budget for innovation and research, as well as the CyberWal research plan bringing all Walloon and Brussels universities together, with 19 million euro earmarked in the next four years. This research initiative will be open to other parties, also internationally, with already a link with the region of Bretagne. This way, we will create a strong ecosystem, including partners outside the classic cyber ecosystem.
A specific initiative is the ‘Keep IT Secure’ initiative, in order to raise the level of cyber security in small and midsized businesses. What are its objectives, its successes to date and planned developments?
Started in 2017, the ‘KIS’-initiative targets small and medium sized businesses (“SMB’) with enterprise vouchers to finance investment in more and better cyber security components, as well as to stimulate the growth of cyber security related start-ups. A key objective is to make SMBs understand the need for cyber security efforts, and to put them on the right path of remediation and continuous improvement. We can’t walk the path for them, but we can provide the first push. Today, SMBs as defined by the EU are beneficiaries, but this will be extended to even smaller companies.
Next, there will be also more dedicated efforts to convince these companies why now is the time to take cyber security steps, by collaborating with industry federations and partners and through more defined campaigns. In these campaigns, we will use success stories to prove cyber security is possible for SMBs. Also, a big help in these efforts will be developments as the new NIS regulation on critical infrastructure businesses, with increased attention for ISO27001 compliance; the need for secure working at home because of COVID; as well as increased demands for proof of cyber security between business partners. And yes, in future public tenders, cyber security will gain in importance when selecting providers.
The KIS initiative provides a list of vetted cyber partners, assisting customers in choosing a trustworthy company. These partners will receive help to best showcase themselves too, to promote companies that provide SMBs the right and relevant help. Aside from quality services, the sole condition for inclusion in the list is a company’s dedication to serve businesses in Wallonia.
Public organizations and services represent the third pillar of the Cyber Security Coalition. What role does the Agence want to play in the activities of the Coalition? Which working groups are of interest to the Agence?
Our present role can be described as ‘consommacteur’, somewhat more of a consumer of Coalition benefits, than actor. But as of 2022 this will change, with the Agence becoming much more involved. Obviously, we will make use of what’s available so as not to reinvent the wheel, but we will be active in more working groups. On our list, we have Industry 4.0, 5G, AI and of course awareness/sensibilization. We want to be active in a couple of working groups in a solid way, rather than try to do everything at the same time. That implies exchanging lessons learned, as well as Agence people actively participating in the work of these groups. The Agence is quite new to the Coalition and we do not have silver bullet solutions, but we can offer our experience of the ‘Keep IT Secure’-initiative. Also, we are interested in the governance role of the Coalition.
Furthermore, there are elements of interest in the updated Digital Wallonia for Cyber Security programme. It pursues for the region a coherent policy, covering all components of cyber security, bringing all parties involved together ‘in the same room’.
Anderen leden in de kijker
Among the member organizations of the CSC, Toreon is an example of an SME achieving world leader quality through exquisite focusing on security in general, and both threat modeling and OT security (industrial, medical, IoT) in particular.
As a member of the Cyber Security Coalition, financial sector federation Febelfin focuses on many more aspects of cyber security than just the security of financial systems. To this end, Febelfin counts on the cooperation of a large and diverse community of partners.
International law firm Allen & Overy offers extensive insights in cyber security, as it sits at the cross road of many areas of expertise and operates in over 30 countries around the world. Based in Allen & Overy’s Brussels office, Thomas Declerck deals with both the preventive and incident response aspects of cyber security, with a specific focus on investigating and litigating cybercrime.
Cyber diplomacy comes into its own in a world with increasingly severe cross-border state sponsored – as well as criminal - cyberattacks. At Belgium’s Federal Public Service (FPS) of Foreign Affairs, Séverine De Potter focuses on this new extension of the age old art of diplomatic response to skirmishes.