However, this involves a delicate legal balance. In this session, let’s find out more about the regulatory aspects surrounding ‘ethical hacking’ and ‘bug bounties’, and the adoption of Coordinated Vulnerability Disclosure Policies (CVDPs). First, the Centre for Cyber security Belgium (CCB) will explain the new legal framework around identifying and reporting vulnerabilities in networks and information systems located in Belgium. Then, we’ll hear from Intigriti about how recent changes to the law will impact the experiences of ‘ethical hackers’. Finally, Partena will share their real-life story of setting up a CVDP: steps, challenges and more.

Beltug’s corporate basic and corporate premium memberships allow you to pass on this invitation. We think this session might interest your colleagues in legal.



(in English) Welcome and introduction

Ann Guinée, Communication Manager, Beltug


(in English) A new legal framework for reporting IT vulnerabilities

As part of the implementation of the national cybersecurity strategy, a new legal framework has been adopted in Belgium to address CVDPs and ‘bug bounties’. It aims to clarify the conditions under which someone with ‘good intentions’ can search, find and report existing vulnerabilities in networks and information systems in Belgium. Among these conditions is reporting the discovered vulnerabilities to the CCB as soon as possible, and according to the procedure provided for this purpose. Let’s have a look at the ins and outs of this new legal framework.

Valéry Vander Geeten, Legal officer and NIS project Manager, Centre for Cybersecurity Belgium


Q&A: Your questions, your experience


(in English) I fought the law, and the law changed

Intigriti’s Chief Hacking Officer, Inti De Ceukelaire, will share his real-life experiences facing the legal challenges while responsibly disclosing a vulnerability for a Belgian company. He will explain how recent legal changes mean that he no longer has a criminal record, and explore the impact of the new law giving future ethical hackers legal coverage facilitating their efforts to ‘do the right thing’.

Inti De Ceukelaire, Chief Hacking Officer, Intigriti


(in English) User story: Setting up a CVDP, the Partena experience

Let’s find out how Partena Professional is taking on the project to set up a CVDP. Why have they decided to publish such a policy? How will they approach it, and who will write the policy? Where do they see the challenge along this journey, and what are the next steps?

Paul Loonen, CISO & DPO, Partena Professional


Q&A: Your questions, your experience


Wrap up & End

1 Step 1
How will you attend?

If you are registering more than one person from your organisation, or need to indicate that another person will be replacing you at the event, please fill in a separate registration page for each person.

FormCraft - WordPress form builder