Skip to main content
  • NL
  • FR
  • EN
Other official information and services: www.belgium.be Logo of the federal government
Home

Cyberguide - Centre for Cyber security Belgium

Basic
Advanced
  • Plan your cyber securityOpen Plan your cyber security Submenu
    • Incident Management
      • Have an up-to-date incident register
      • Report all incidents to senior management (C-level)
      • All employees must know the contact point for reporting incidents
      • Evaluate the opportunity for cyber security incident insurance coverage
      • Have incident response procedures
    • Management Commitment
    • Understand Your Enterprise Requirements
    • Compose Your CyberSecurity Team
      • Appoint an Information Security Officer
      • Describe security roles and responsibilities (for physical, personnel & ICT security)
      • Appoint a Data Protection Officer
      • Identify the key competencies and the people who have them
      • Make sure the information security officer is operating independently and not part of ICT
      • Distribute and update contact Information
    • Define Policies & Procedures
      • Develop and distribute a code of conduct for using ICT
      • Classification and marking scheme for sensitive information
      • Introduce Need to know, Least Privilege and Segregation of duties
      • Publish a corporate security policy and a code of conduct
      • Publish a Responsible Disclosure policy
      • Acceptable Use Policy
      • Backup Policy
      • Email/Communications Policy
      • Mobile Device Policy
      • Teleworking Policy
    • Training, communication and awareness
      • Train your employees in recognizing CEO fraud
      • Train your users in recognizing phishing
      • Inform users about safe web behaviour
      • Evaluate the security skills of your staff members
      • Get users to subscribe to your code of conduct & policies
      • Organise Cyber Security Awareness Campaigns
    • Business Continuity
      • Create a business continuity plan to preserve business
      • Include Redundancy and Failover into your architecture
      • Install fall-back capabilities for utilities (electricity, phone, internet…)
      • Evaluate and test these plans every year
      • Business Continuity in the cloud
    • Change Management
    • Custom made or internally developed software and hardware
  • Manage Your RiskOpen Manage Your Risk Submenu
    • Select a Risk Management Methodology
    • Understand Your Risk Appetite
    • Keep a register of all your assets
      • Have an up-to-date inventory of network devices and connections
      • Have an up-to-date inventory of Workstations and Servers
      • Have an up-to-date inventory of mobile devices and tablets
      • Have an up-to-date inventory of Internet Connected Operational Devices
      • Keep Records of Partners, Vendors, Contracts, SLA's
      • Decomissioning of assets and media disposal
    • Identify the vulnerabilities and threats
    • Perform A Risk Analyses
    • Define a baseline security configuration
    • Security by Design and Security by Default
  • Take Security MeasuresOpen Take Security Measures Submenu
    • Back Up and Restore
      • Make regular back-ups of your important data
      • Store back-ups offline and in a separate place (at a distance from their source if possible)
      • Back-ups are stored in a safe or in a secure data centre
      • Select own or cloud backup solutions
      • Encrypt data stored in the cloud
      • Periodic restoration tests are carried out in order to check the quality of the back-ups
    • Email Security
      • Protect your email domain from spoofing
        • Protect email with a secure protocol
        • Create your a SPF record
        • Create your DKIM record
        • Implement DMARC
        • Keep monitoring
    • Manage your key ICT assets
      • Manage Antivirus/Malware
        • Antivirus software is installed, active and up to date on all workstations and servers
        • Automate updates of antivirus products
        • Make users familiar with the antivirus software’s infection warning procedure
        • Manage antivirus protection
        • The antivirus software is regularly tested with fingerprint solutions
        • Antivirus software is installed on all mobile devices
        • All virus warnings are analyzed by an ICT expert
      • Implement a uniform level of security across your networks
      • Use configuration management tools (or at the very least a tool such as Microsoft MMC)
      • Secure your Website
        • Secure your Website using HTTPS
        • Further harden your website
        • Keep all your web server components up-to-date
        • Keep your CMS secure
        • Most Critical Web Application Security Risks
      • Secure your Cloud
        • Storing Sensitive Information
        • Passwords and Multi Factor Authentication
        • Keep a backup outside of the cloud
        • Data Breaches are real
        • Data Loss
        • Encrypt your Data
        • Hijacking of Accounts is still a possibility
        • Abuse of Cloud Services
        • Shared Vulnerabilities
        • Insufficient Due Diligence
        • The guarantees offered by the cloud provider correspond to the stored information’s level of criticality
      • Secure Your Databases
        • Avoid Shared Servers for Critical Databases
        • Enable Security Controls
        • Encrypt Stored/Configuration Files
        • Separate the Database and Web/Application Servers
        • Use Web Application Firewalls to protect your Databases
      • Logging and Log Analyses
        • Security logs on servers and firewalls are kept for a period of at least 6 months
        • An analysis and warning system (SIEM) uses the logs in order to detect any malicious behaviour
        • Evaluate all server, firewall and network component events/alerts
      • Implement LAPS
    • Update all programs
      • Patch Management
      • Automate the update process and audit its effectiveness
      • Apply security related updates to all software as soon as possible
      • Update all third-party software such as browsers and plugins
      • For servers: make a full back-up before, and create emergency repair disks after, each update
      • Develop a reference and test environment for new patches
    • User Access Controls
      • Implement a user life cycle
      • New Users, Default User accounts and User departure
      • Login management
      • Passwords management
      • Single Sign-On
      • Use Multi-Factor Authentication whenever possible
      • Frequently audit the central directory (Active Directory or LDAP directory)
      • Keep a limited and updated list of system administrator accounts
      • Shared, Service and Technical Accounts
      • Role-based access control (RBAC)
    • Secure Your Endpoints
      • Secure Server Access
        • Strengthen all systems according to vendor recommendations
        • Avoid direct remote connections to servers
        • Enforce authentication and password rules
      • Secure Desktops and Laptops
        • Enable automatic screen lock to computers and mobile devices
        • Technical measures are applied to prevent the connection of unregistered portable media
        • Scan external media
        • Encrypt hard disks and external media
        • Store or copy all data on a storage solution
        • The data stored in the cloud is encrypted (e.g. BoxCryptor)
        • Decommissioned hard drives, media and printer storage are physically destroyed
        • Allow programs to run only in certain folders
      • Secure Mobile Devices and Tablets
        • Enforce VPN on public networks
        • Update your device automatically
        • Use strong passwords/biometrics
        • Encrypt your Device
        • Remote Lock and Remote Data Wipe
        • Use Mobile Device Management
      • Secure UnManaged Devices and IOT
        • Map and monitor all connected devices
        • Change all default usernames and passwords
        • Disable unneeded services
        • Update the devices regularly
        • Apply Network Segmentation and Network Isolation
    • Secure your new technologies
  • Evaluate Your ActionsOpen Evaluate Your Actions Submenu
    • Define and evaluate Key Performance Indicators
    • Plan and execute security audits
    • Continuously Review Your Asset Register
    • Continuously evaluate your Risk Register
    • Communicate to and request feedback from Senior Management
    • Perform penetration tests and vulnerability scans
    • Perform a Business Continuity Exercise
    • Perform a restore periodically
    • Periodically evaluate users’ awareness and responsiveness
      • Periodically remind users of the importance of their secure behaviour
      • Periodically remind users that information should be treated as sensitive and with respect for privacy
    • Audit all configurations regularly (including servers, firewalls and network components)
    • Evaluate your actions
Basic level
Advanced Level
  1. Plan your cyber security
  2. Define Policies and Procedures

Define Policies and Procedures

Develop and distribute a code of conduct for using ICT
Classification and marking scheme for sensitive information
Introduce Need to know, Least Privilege and Segregation of duties
Publish a corporate security policy and a code of conduct
Publish a Responsible Disclosure policy
Acceptible Use Policy
Backup Policy
Email/Communications Policy
Mobile Device Policy
Teleworking Policy
  1. Plan your cyber security
  2. Define Policies and Procedures

Contact

Contact us if you have suggestions.

Partners

© 2023 - FPS Chancellery of the Prime Minister - Privacy