“Our goal is to be a trustworthy police service, including in the digital sphere”
In the past, different aspects of information security were spread across various departments of the Federal Police: privacy was handled by the data protection unit, incident response by the ICT service, and awareness by the prevention teams. “The puzzle pieces already existed, but there was no clear line,” Coenraets explains. “My role is to draw that line: identify risks, set priorities, and ensure we have a strategy that covers the entire organisation.”
That strategy is part of a broader digital transformation within the Federal Police. In addition to information security, there are also sections focusing on innovation, data intelligence and technology. Together, they form a platform set up by the Commissioner General to guide the police towards the future. “Our goal is to be a trustworthy police service that protects citizens, including in the digital sphere,” he says.
The size of the task does not intimidate Coenraets. “With nearly 15,000 staff members and databases containing national registry numbers and criminal records, our responsibility is enormous. We need to protect this data from criminals who want to exploit it for extortion or to further their own activities. Ransomware attacks and data leaks are not hypothetical scenarios, but real risks.”
Learning from others
Coenraets has a lengthy career in combating cybercrime, notably at the Federal Computer Crime Unit. “That experience gives me insight into how offenders operate, and makes it easier to know how to strengthen our own defences.” Still, he realises he cannot do it alone. “Every CISO knows the challenges are immense. Within the police, we need to assess what already exists, what is missing, and what needs strengthening. But that learning process can go much faster by looking at how others approach it.”
That is precisely where the Cyber Security Coalition comes into play. “Membership in the Coalition is extremely valuable to me,” Coenraets stresses. “I can connect with CISOs from the private and public sectors who have been working on certain issues for much longer. Their experiences help me to move forward more quickly. That kind of benchmarking is crucial.”
The Coalition not only offers knowledge-sharing, but also a network of like-minded professionals. “For me, it is particularly useful to learn from other CISOs in governmental contexts, such as Justice or Home Affairs. Our worlds are and remain different from that of multinationals. At the same time, the challenges are often similar: putting information security on the agenda, securing budgets, raising awareness.”
Coenraets observes that Belgium’s cyber landscape has a strong international reputation for knowledge-sharing. “There are many initiatives that bring people together: the Centre for Cybersecurity Belgium, training opportunities, networking events. Looking at my agenda, there are sometimes more events than I can possibly attend. I have to make choices. But it shows that there is a dynamic ecosystem here. That is a major asset, one we must continue to build on,” he concludes.
