Skip to main content
  • NL
  • FR
  • EN
Other official information and services: www.belgium.be Logo of the federal government
Home

Cyberguide - Centre for Cyber security Belgium

Basic
Advanced
  • Plan your cyber securityOpen Plan your cyber security Submenu
    • Management Commitment
    • Understand Your Enterprise Requirements
    • Compose Your CyberSecurity Team
      • Appoint an Information Security Officer
      • Describe security roles and responsibilities (for physical, personnel & ICT security)
      • Appoint a Data Protection Officer
      • Identify the key competencies and the people who have them
      • Make sure the information security officer is operating independently and not part of ICT
      • Distribute and update contact Information
    • Define Policies & Procedures
      • Develop and distribute a code of conduct for using ICT
      • Classification and marking scheme for sensitive information
      • Introduce Need to know, Least Privilege and Segregation of duties
      • Publish a corporate security policy and a code of conduct
      • Publish a Responsible Disclosure policy
      • Acceptable Use Policy
      • Backup Policy
      • Email/Communications Policy
      • Mobile Device Policy
      • Teleworking Policy
    • Training, communication and awareness
      • Train your employees in recognizing CEO fraud
      • Train your users in recognizing phishing
      • Inform users about safe web behaviour
      • Evaluate the security skills of your staff members
      • Get users to subscribe to your code of conduct & policies
      • Organise Cyber Security Awareness Campaigns
    • Incident Management
      • Incident Management Basics
      • Have an up-to-date incident register
      • All employees must know the contact point for reporting incidents
      • Have incident response procedures
      • Report all incidents to senior management (C-level)
      • Evaluate the opportunity for cyber security incident insurance coverage
    • Business Continuity
      • Create a business continuity plan to preserve business
      • Include Redundancy and Failover into your architecture
      • Install fall-back capabilities for utilities (electricity, phone, internet…)
      • Evaluate and test these plans every year
      • Business Continuity in the cloud
    • Change Management
    • Custom made or internally developed software and hardware
  • Manage Your RiskOpen Manage Your Risk Submenu
    • Select a Risk Management Methodology
    • Understand Your Risk Appetite
    • Keep a register of all your assets
      • Have an up-to-date inventory of network devices and connections
      • Have an up-to-date inventory of Workstations and Servers
      • Have an up-to-date inventory of mobile devices and tablets
      • Have an up-to-date inventory of Internet Connected Operational Devices
      • Keep Records of Partners, Vendors, Contracts, SLA's
      • Decomissioning of assets and media disposal
    • Identify the vulnerabilities and threats
    • Perform A Risk Analyses
    • Define a baseline security configuration
    • Security by Design and Security by Default
  • Take Security MeasuresOpen Take Security Measures Submenu
    • Back Up and Restore
      • Make regular back-ups of your important data
      • Store back-ups offline and in a separate place (at a distance from their source if possible)
      • Back-ups are stored in a safe or in a secure data centre
      • Select own or cloud backup solutions
      • Encrypt data stored in the cloud
      • Periodic restoration tests are carried out in order to check the quality of the back-ups
    • Email Security
      • Protect your email domain from spoofing
        • Create your DKIM record
        • Create your a SPF record
        • Implement DMARC
        • Keep monitoring
        • Protect email with TLS
    • Manage Antivirus/Malware
      • Antivirus software is installed, active and up to date on all workstations and servers
      • Automate updates of antivirus products
      • Make users familiar with the antivirus software’s infection warning procedure
      • Manage antivirus protection
      • The antivirus software is regularly tested with fingerprint solutions
      • Antivirus software is installed on all mobile devices
      • All virus warnings are analyzed by an ICT expert
    • Manage your key ICT assets
      • Implement a uniform level of security across your networks
      • Use configuration management tools (or at the very least a tool such as Microsoft MMC)
    • Update all programs
      • Patch Management
      • Automate the update process and audit its effectiveness
      • Apply security related updates to all software as soon as possible
      • Update all third-party software such as browsers and plugins
      • For servers: make a full back-up before, and create emergency repair disks after, each update
      • Develop a reference and test environment for new patches
    • User Access Controls
      • Implement a user life cycle
      • New Users, Default User accounts and User departure
      • Login management
      • Passwords management
      • Single Sign-On
      • Use Multi-Factor Authentication whenever possible
      • Frequently audit the central directory (Active Directory or LDAP directory)
      • Keep a limited and updated list of system administrator accounts
      • Shared, Service and Technical Accounts
      • Role-based access control (RBAC)
    • Secure Physical Access
      • Register all visits
      • Limit employee access with a badge system and create multiple security zones
      • Any physical access to servers and network components is registered
      • Ensure office cleaning is carried out during working hours or under permanent surveillance
      • Have sensitive documents stored in locked closets
      • Have sensitive documents destroyed using a shredder
      • Limit physical access to servers and network components to a minimum number of people
      • Enforce the locked print option when available
      • At the end of the working day have any documents left on the printer shredded
    • Secure Server Access
      • Strengthen all systems according to vendor recommendations
      • Shut down unused services and ports
      • Avoid direct remote connections to servers
      • Change all default passwords and disable unused accounts
      • For the administration of servers, use a network that is (logically) separated from the user network
      • Enforce authentication and password rules
      • Use only individual accounts and never share passwords
      • Search for abnormal access to information and systems (timeframes, applications, data…)
      • No one works with administrator privileges for daily office tasks
    • Secure Desktops and Laptops
      • Disable autorun functions from external media
      • Enable automatic screen lock to computers and mobile devices
      • Prohibit the connection of personal devices to the organization’s information system
      • Technical measures are applied to prevent the connection of unregistered portable media
      • Maintain a 'whitelist' of allowed programs
      • Laptops, smartphones or tablets are never left unattended
      • External media such as USB drives are checked for viruses before they are connected to a computer
      • Encrypt hard disks and external media
      • Store or copy all data on a storage solution
      • Sensitive or confidential data must be encrypted for transmission
      • The data stored in the cloud is encrypted (e.g. BoxCryptor)
      • Decommissioned hard drives, media and printer storage are physically destroyed
      • Allow programs to run only in certain folders
    • Secure Network Access
      • Use secure applications and protocols
      • Firewalls
      • The guest Wi-Fi network is separated from the corporate network
      • The Wi-Fi network is protected by WPA2 encryption
      • Enforce Network Authentication
      • An IDS/IPS (Intrusion Detection/Prevention System) monitors all communications
    • Secure Internet Access
      • Prevent any direct access to the internet, but force traffic through a proxy and IDS
      • Block Access to Sites deemed unsafe
      • Evaluate the risk of file sharing sites
    • Secure Mobile Devices and Tablets
      • Enforce VPN on public networks
      • Update your device automatically
      • Use strong passwords/biometrics
      • Encrypt your Device
      • Remote Lock and Remote Data Wipe
      • Use Mobile Device Management
    • Secure Remote Access
      • All connections to the corporate network must be secured and encrypted
      • Allow only Virtual Private Network (VPN) connections for end points
      • Limit remote access to what is strictly necessary
      • Remote access must be disconnected automatically when inactive for a certain amount of time
      • Strong authentication is required when connecting from external public networks
    • Secure your Website
      • Secure your Website using HTTPS
      • Most Critical Web Application Security Risks
    • Secure your Cloud
      • Storing Sensitive Information
      • Passwords and Multi Factor Authentication
      • Keep a backup outside of the cloud
      • Data Breaches are real
      • Data Loss
      • Encrypt your Data
      • Hijacking of Accounts is still a possibility
      • Abuse of Cloud Services
      • Shared Vulnerabilities
      • Insufficient Due Diligence
      • The guarantees offered by the cloud provider correspond to the stored information’s level of criticality
    • Secure UnManaged Devices and IOT
      • Map and monitor all connected devices
      • Change all default usernames and passwords
      • Disable unneeded services
      • Update the devices regularly
      • Apply Network Segmentation and Network Isolation
    • Secure Your Databases
      • Avoid Shared Servers for Critical Databases
      • Enable Security Controls
      • Encrypt Stored/Configuration Files
      • Separate the Database and Web/Application Servers
      • Use Web Application Firewalls to protect your Databases
    • Logging and Log Analyses
      • Security logs on servers and firewalls are kept for a period of at least 6 months
      • An analysis and warning system (SIEM) uses the logs in order to detect any malicious behaviour
      • Evaluate all server, firewall and network component events/alerts
    • Secure Your Endpoints
    • Secure your new technologies
  • Evaluate Your ActionsOpen Evaluate Your Actions Submenu
    • Define and evaluate Key Performance Indicators
    • Plan and execute security audits
    • Continuously Review Your Asset Register
    • Continuously evaluate your Risk Register
    • Communicate to and request feedback from Senior Management
    • Perform penetration tests and vulnerability scans
    • Perform a Business Continuity Exercise
    • Perform a restore periodically
    • Periodically evaluate users’ awareness and responsiveness
      • Periodically remind users of the importance of their secure behaviour
      • Periodically remind users that information should be treated as sensitive and with respect for privacy
    • Audit all configurations regularly (including servers, firewalls and network components)
    • Evaluate your actions
Basic level
Advanced Level
  1. Take Security Measures
  2. Back-up and Restore

Back-up and Restore

Data loss can result in a loss of productivity of your business, but the consequences can be more serious if you also lose your current orders or personal data.

Make regular back-ups of your important data
Store back-ups offline and in a separate place
Backups are stored in a safe or in a secure data centre
Select own or cloud back-up solutions
Encrypt data stored in the cloud
Periodic restoration tests are carried out in order to check the quality of the backups
  1. Take Security Measures
  2. Back-up and Restore

Contact

Contact us if you have suggestions.

Partners

© 2021 - FPS Chancellery of the Prime Minister - Privacy