Christophe Geuens, Business Manager, Beltug (English)
13:40 The role of the National CSIRT (CCB) in incident notification and security measures
In this presentation, you'll gain insights on the NIS through the notification requirements. ‘Operators of essential services’, as defined in the NIS, are required to report, without delay, all incidents that significantly impact the availability, confidentiality, integrity or authenticity of networks and information systems that are crucial to providing those essential services.
However, any organisation may voluntarily report incidents that significantly impact the continuity of their services. Furthermore, doing so will not result in additional obligations beyond those already applicable. Keep in mind, though, that the CCB may prioritise the processing of the mandatory notifications imposed by the NIS Act over voluntary notifications.
Valéry Vander Geeten, Legal Officer, DPO and Project Manager NIS, Centre for Cyber Security Belgium (English)
14:10 Case: FISP - Federal Information Security Policies: Approach, constraints and lessons learned
In this session, you'll learn how to get started with your information security policy, illustrated by the process used by the Federal Information Security Policies (FISP). More and more, public administrations exchange data and collaborate 'electronically'. They also increasingly share infrastructure to carry out different missions.
FPS BOSA contributed in the past to some of the guidelines published by the CCB and the Cyber Security Coalition. Working together, they highlighted the need to streamline and standardise the approach used throughout the various Federal Public Services. A work group was initiated, to publish guidelines (mostly based on ISO27xXX) and best practices, and to propose them freely to all FPS and anyone interested.
Daniel Letecheur, CISO - DPO, Federal Public Service Strategy and Support (FPS BOSA) (English)
14:40 Beltug NIS Questionnaire
How do you discuss NIS requirements with your ICT providers? To support our members, Beltug will make available a questionnaire with key questions to ask. In this presentation, we will explain the idea and purpose of the document, and how to use it in your discussions with providers about NIS compliance.
Jean-Pierre Bernaerts (editor of the questionnaire), External DPO & Data Protection Advisor, DPOffice
15:00 Q&A: Your questions, your experience
15:20 Wrap up & End