Event organized by the Cyber Security Coalition on 26 October 2024.
Keynote: Will the NIS2 law make us more secure?
As we approached the deadline for Member States to transpose the NIS-2 Directive into national law by 17 October 2024, this was a central topic of our conference. Ensuring accurate information is crucial for a successful implementation, and we were honoured to have the CCB on board. Managing Director General and Cyber Security Personality 2023 Miguel De Bruycker delivered the keynote, providing essential insights into this important legislation.
David Track: Navigating the evolving threat landscape
This track included a roundtable titled “To Share or Not to Share Threat Intelligence”. The panel explored the complexities of threat information sharing from various perspectives, including government, academia, vendors, legal, and compliance.
Disinformation is often misunderstood, which weakens our fight against it. Journalist Rien Emmery delved into the true nature of disinformation, its impact on society, the difference with propaganda and the approach governments and citizens could take.
Ali Haidar and Sabine Kim Salloum (Anomali) presented a growing new trend where threat actors interact with targets to bypass security controls — an emerging tactic that every cybersecurity professional should be aware of.
Guest speakers:
- Mr. Rien Emmery, Journalist KNACK/ VRT NWS: “Hybrid threat or human nature? Strategies to combat disinformation”
- Mr. Ali Haider, Chief Adoption Officer & Mrs. Sabine Kim Salloum, Senior Data Analyst Anomali: “From trust to threat: How attackers leverage trust to breach” systems
Panel discussion “To share or not to share threat intelligence? “
Moderator:
Mrs. Sujin Chan-Allen, Chief Legal Adviser / General Counsel NATO Communications and Information Agency (NCI Agency)
Panel Members:
Mr. Bart Asnot, National Security Officer & CSA Manager Microsoft Belgium
Mr. Ilias Chantzos, Global Privacy Officer and Head of EMEA Government Affairs Broadcom Inc.
Mr. Alex Vandurme, Head, NATO Cyber Security Centre Cyber Hygiene Branch NATO Communications and Information Agency (NCI Agency)
Mr. Miguel De Bruycker, Managing Director General Centre for Cybersecurity Belgium
Prof. Bart Preneel, Full Professor KU Leuven & Director Cyber Security Coalition
Hebe Track: Certify to secure? Rethinking cybersecurity assurance
This track tackled cybersecurity assurance from three angles: employees, organizations, and products/services.
In his presentation, Eric Van Cangh explored the world of cybersecurity certifications, highlighting some of the most well-known and highly respected organizations in the field. He also presented the key attributes that define these certifications, from domains and knowledge levels to business relevance and technology focus. In addition, Eric share dvaluable insights on how to build a successful career in cybersecurity, discussing the added value of certifications versus hands-on experience and shedding light on the market demand for certified professionals.
The journey from the long-established Common Criteria (CC) system to the newly developed European Union Cybersecurity Certification Scheme (EUCC) has been extensive. Numerous highly qualified and distinguished experts, bringing a wide array of relevant skills, competencies, and experience, have played a pivotal role in shaping the EUCC. Is Europe prepared to fully harness the benefits of this substantial effort to enhance its ICT resilience and protection across all levels—government institutions, the private sector, and the general public? Find the answers to this question in the presentation of Dr. Octávia Portugal Frota.
The Hebe panel explored the Cyber Resilience Act, imposing robust cybersecurity standards for digital products and services across the EU. The panel featured diverse viewpoints on regulatory, industry, technical, and implementation aspects, providing a comprehensive understanding of the topic.
Guest Speakers:
- Mr. Eric Van Cangh, Senior Business Group Leader Digital Agoria: “Cybersecurity certifications: Key to career growth”
- Dr. Octávia Portugal Frota, Chair of the Grouping High AD&S and ULB-ATM, Senior Advisor for Aerospace, Defence and Security: “From CC to EUCC: Two letters that contain a long journey”
Panel discussion: “Certification: the path to cybersecurity maturity?”
Moderator:
Mrs. Liliana Musetan, Head of Unit at Council of the European Union
Panel members:
Mr. Sebastien Deleersnyder, Co-founder & CTO Toreon
Mrs. Christiane Kirketerp de Viron, Acting Director for Digital Society, Trust & Cybersecurity European Commission – DG CNECT
Mr. Johan Klykens, Director Certification Authority Centre for Cybersecurity Belgium
Mr. Steve Purser, Independent Cybersecurity Consultant
Mr. Marc Vauclair, Technology Manager & Senior System Architect NXP Semiconductors
Zeus Track: Orchestrating security: The role of leaders, employees & third parties in cyber defence
Dr. Evangelos Ouzounis addressed the growing challenge of third-party cybersecurity risks based on ENISA’s thorough assessment. Supply chain attacks are becoming increasingly complex and persistent. Often, attackers target third-party code making it critical for organizations to validate external code before use. Despite good internal defences, organizations remain vulnerable through these external links, with attackers focusing on valuable customer assets like Personally Identifiable Information (PII) and intellectual property.
In an era where employees are frequently targeted by cybercriminals, it is essential for them to know how to act and react effectively. Yet, despite the growing threats, many companies still struggle with making their cybersecurity awareness programmes truly impactful. In his talk Alexandre Pluvinage (ING Belgium) challenged conventional approaches and explored how age-old learning methods from Ancient Greeks can be adapted to strengthen our defences against today’s digital threats.
The Zeus panel dived into the critical aspects of security leadership, resilience, and compliance from the unique perspectives of key stakeholders—board members, executive management, IT directors, and Compliance Officers. These leaders face increasing challenges in safeguarding their organizations, balancing strategic decision-making with regulatory demands, and ensuring operational resilience in an evolving threat landscape. Join us as they share insights on navigating these complex responsibilities and driving a culture of security from the top down.
Guest speakers:
Mr. Evangelos Ouzounis, Head of Policy Development and Implementation Unit ENISA: “Are you aware of your third-party risks? ENISA’s assessment”
Mr. Alexandre Pluvinage, Head of Fraud and Online Security Awareness ING Belgium: “Stop trying to make your employees aware about cybersecurity, it does not work”
Panel discussion: “Fortifying Cyber Leadership: Empowering CISOs for Resilience & Compliance”
Moderator:
Mr. Marc Vael, Veralto Global Security Leader Planning & Coordination & President SAI vzw
Panel members:
Mrs. Sandra Gobert, Member of the Board & Executive Director Guberna
- Mr. Ronny Depoortere, President Zetes People-ID Division
- Mrs. Marie-France De Pover, General Manager/Directeur Group Compliance KBC Group NV
- Mrs. Karine Goris, Head of IT Security, IT Risk and DRP Belfius & Director Cyber Security Coalition
Mr. Dirk Lybaert, Secretary General Proximus
Artemis Track: Taking action: Use cases for strengthening our critical infrastructure
Kathleen Meganck explored the added value of internal audit in enhancing cyber resilience in the public sector. As we prepare for the implementation of the NIS2 law, FAI FIA will now take on a new role as a Conformity Assessment Body (CAB), combining this with their third-line audit function to deliver maximum impact. Join us to hear more from Kathleen on this crucial topic!
Patrick Van den Branden shared valuable insights into supply chain risk management, drawing from Euroports‘ extensive experience in managing complex logistics and ensuring security in the global supply chain.
Kristof Tuyteleers, our guest speaker from DNS Belgium, a leading digital service provider, shared real-world experiences on how his company effectively identifies and manages cybersecurity incidents, and the strategies they implement to ensure swift and efficient recovery.
This last talk in this track outlined the key components of an effective security testing programme and explore how the IEC62443 and NIS2 standards influence such programmes and, by extension, your overall security governance. Dieter Sarrazyn also covered the various test components that should be included in a security (Fat/SAT) testing programme and how they align with NIS2 and IEC62443 requirements.
Guest Speakers:
Mrs. Kathleen Meganck, Chief Audit Executive Federale Audit Fédéral: “The added value of internal audit in strengthening cyber resilience in the public sector”
Mr. Patrick Van den Branden, Group IT Security Officer Euroports Belgium: “Cyber resilience of the supply chain” (not recorded)
Mr. Kristof Tuyteleers, Chief Information Security Officer DNS Belgium: “The best investment in your security career: Mastering DNS security in just 30 minutes”
Mr. Dieter Sarrazyn, Industrial Security Advisor Secudea: “Use cases: Security testing for ICS – a road to NIS2 & IEC62443 compliancy”
