Secure by design: the principles (N-sight)

Location:BluePoint, Brussels


The return on investment is very high for hackers, so securing our digital world has become a constant effort. Embedding security measures into our ICT environment from the very start – the design – can be key to a successful approach.


During this session, we zoom in on the importance of 'security by design' and how to realise it.  And we learn from real-life cases at Securitas, Johnson & Johnson and CapitalatWork how they embed indispensable security measures within their digital world.




80 boulevard A. Reyers Laan
1030 Brussels




12:30 Welcome coffee


13:00 Introduction


Ann Guinée, Project Manager, Beltug (English)


13:15 More security, less obstruction


In this digital world, business partners require ever-greater ability to keep data secure and privacy protected. To do this, we need to integrate security and privacy into our daily business, but how do we avoid blocking the business? How do we ensure that the organisation, its technology and processes are equipped with the right tools, so that 'security by design’ is in the organisation’s DNA?  This presentation will give us practical insights on how to increase control over information security. 


Talitha Papelard, Lecturer, Antwerp Management School and author of the book ‘Critical Success Factors of effective Business Information Security' (English)


13:45 Q&A: Your questions, your experience


14:00 Security and global performance applications: it shouldn’t be a dilemma


How can your company keep its competitive edge? The application landscape is growing exponentially, with cloud increasing the complexity. But what about security risks? To limit the risks, you may need a full redesign from scratch, with an implementation phase that matches your budget and workload. A helicopter view design approach is definitely necessary: combining security, application and users.


Patrick Sichien, Director Sales Engineers, GTT (English)


14:30 Q&A: Your questions, your experience


14:45 Case: 'Security by design' at Securitas


It can be like trying to fit a square peg through a round hole: organisational priorities such as ‘time-to-market’ and ‘cost management’ are often stacked against the deferred gratification of security by design.  But regulators are slowly influencing these priorities.  Security practitioners can leverage this if they can define practical workable strategies in a brave new world of DevOps and agile methods.  We’ll have a look at best practices on doing so, in this presentation.


Wim Bartsoen, Chief Digital Security Officer, Securitas (English)


15:15 Q&A: Your questions, your experience


15:30 Coffee Break


16:00 Case: Wealth management in a secure environment


CapitalatWork is an independent wealth management company, with customers all over Belgium and Luxembourg.  As for all companies in the financial industry, security is of the utmost importance for CapitalatWork, especially as malware and phishing are a daily threat.  We’ll learn how CapitalatWork deals with the challenges, and optimally secures both clients and customers against the daily threats.


Filip Vandorpe, Head of IT, CapitalatWork Foyer Group (Dutch)


16:30 Q&A: Your questions, your experience


16:45 Case: How to marry security by design with privacy by design in the real world


A correct application of both privacy by design and security by design principles (as per the GDPR) into an operational environment will lead to specific choices in technology, compliance and business operations, architectures and governance models.  However, there is currently little guidance on these choices in practice, which leads to varying approaches. We will learn about some real-life approaches, with their challenges and benefits. And we will get insight on how security by design and privacy by design - two distinct but connected areas - need to work together from the design phase in order to achieve successful, pragmatic and above all, sustainable privacy compliance.


Willy Van Buggenhout, (retired) Chief Privacy Officer, Johnson & Johnson International & Erik Luysterborg, Partner, Deloitte (English)


17:15 Q&A: Your questions, your experience


17:30 Wrap up & Closing drink


18:30 End