NIS2, Are you on scope?
Belgium's new cybersecurity law will soon enter into force. Check it out now.
The Center for Cybersecurity Belgium (CCB) provides all Belgian companies with a library of cybersecurity reference documents.
These reference documents are templates of Policies, instructions, inventories, lists, etc. and conform with the CyberFundamentals Assurance Level “Basic”.
Their objective is to allow you to quickly and easily implement a cybersecurity policy in your company.
Each model can be freely adapted, completed and customized according to your needs.
An asset management policy provides a structured framework for managing an organization's assets to optimize performance, ensure compliance, and maximize value over the asset lifecycle. It outlines principles, responsibilities, and procedures to guide asset-related decision-making and resource allocation.
A vulnerability is a flaw or weakness, a design or implementation error, lack of updates in the light of existing technical knowledge, that can compromise the security of information technologies. A vulnerability can lead to an unexpected or unwanted event and be exploited by malicious third parties to violate the integrity, authenticity, confidentiality or availability of a system or to damage a system. Therefore, it is vital that we eliminate as many known vulnerabilities as possible. For this, we need a good patch management system and vulnerability monitoring.
Passwords are often used to authenticate users. This document provides a policy on the use and implementation of passwords for confidential and critical information systems.
Network security within the organisation is important because it is your first defence against outside attacks. By implementing effective technical and organisational network security measures, you can prevent cybercriminals from mapping your infrastructure, disrupting your communications, unlawfully gathering data or reaching critical applications and devices
This Cybersecurity Policy defines the minimum requirements applicable to all departments within the organisation so that we protect one's intellectual property, commercial advantage and people from the consequences of poor Information Security and possible cyber-attacks.
This document contains guidelines and examples that organisations can follow to support the development of their own Cyber Incident Response Plan (CIRP). The template is not exhaustive. Each organisation's CIRP should be tailored to its unique operating environment, priorities, resources and constraints.
Critical information and information systems must be protected against data loss and data damage. Backup and recovery procedures enable us to restore information in case of disaster scenarios. This policy provides organisations with some tools to develop a sound backup strategy.
Within an organisation, access management is an essential part of security that determines who has access to certain data, applications and other digital assets, and under what circumstances. This access management policy secures digital environments in the same way keys and guest lists secure physical spaces. It allows the organisation to verify that users are who they say they are, and that these users have been granted appropriate access, based on context such as device, location, function and more.
These 10 golden rules give a brief overview of what an organisation can consider to start communication and implementation around cyber security.
This document and its annexes have been prepared by the Centre for Cybersecurity Belgium (CCB), a federal administration created by the Royal Decree of 10 October 2014 and under the authority of the Prime Minister.
The documents on this webpage may be used and adapted for non-commercial purposes and provided the source is mentioned.
In no way may a document derived from the documents on this webpage give the impression that it is a document validated by the Centre for Cybersecurity Belgium.
The logo of the Centre for Cybersecurity Belgium may not be used in any document derived from the documents on this webpage.
The CCB accepts no responsibility for the content of this document.
The information provided: