Skip to main content
NL
FR
EN
Other official information and services:
www.belgium.be
Cyberguide - Centre for Cyber security Belgium
Search
Basic
Advanced
Toggle navigation
Plan your cyber security
Open Plan your cyber security Submenu
Incident Management
Have an up-to-date incident register
Report all incidents to senior management (C-level)
All employees must know the contact point for reporting incidents
Evaluate the opportunity for cyber security incident insurance coverage
Have incident response procedures
Management Commitment
Understand Your Enterprise Requirements
Compose Your CyberSecurity Team
Appoint an Information Security Officer
Describe security roles and responsibilities (for physical, personnel & ICT security)
Appoint a Data Protection Officer
Identify the key competencies and the people who have them
Make sure the information security officer is operating independently and not part of ICT
Distribute and update contact Information
Define Policies & Procedures
Develop and distribute a code of conduct for using ICT
Classification and marking scheme for sensitive information
Introduce Need to know, Least Privilege and Segregation of duties
Publish a corporate security policy and a code of conduct
Publish a Responsible Disclosure policy
Acceptable Use Policy
Backup Policy
Email/Communications Policy
Mobile Device Policy
Teleworking Policy
Training, communication and awareness
Train your employees in recognizing CEO fraud
Train your users in recognizing phishing
Inform users about safe web behaviour
Evaluate the security skills of your staff members
Get users to subscribe to your code of conduct & policies
Organise Cyber Security Awareness Campaigns
Business Continuity
Create a business continuity plan to preserve business
Include Redundancy and Failover into your architecture
Install fall-back capabilities for utilities (electricity, phone, internet…)
Evaluate and test these plans every year
Business Continuity in the cloud
Change Management
Custom made or internally developed software and hardware
Manage Your Risk
Open Manage Your Risk Submenu
Select a Risk Management Methodology
Understand Your Risk Appetite
Keep a register of all your assets
Have an up-to-date inventory of network devices and connections
Have an up-to-date inventory of Workstations and Servers
Have an up-to-date inventory of mobile devices and tablets
Have an up-to-date inventory of Internet Connected Operational Devices
Keep Records of Partners, Vendors, Contracts, SLA's
Decomissioning of assets and media disposal
Identify the vulnerabilities and threats
Perform A Risk Analyses
Define a baseline security configuration
Security by Design and Security by Default
Take Security Measures
Open Take Security Measures Submenu
Back Up and Restore
Make regular back-ups of your important data
Store back-ups offline and in a separate place (at a distance from their source if possible)
Back-ups are stored in a safe or in a secure data centre
Select own or cloud backup solutions
Encrypt data stored in the cloud
Periodic restoration tests are carried out in order to check the quality of the back-ups
Email Security
Protect your email domain from spoofing
Protect email with a secure protocol
Create your a SPF record
Create your DKIM record
Implement DMARC
Keep monitoring
Manage your key ICT assets
Manage Antivirus/Malware
Antivirus software is installed, active and up to date on all workstations and servers
Automate updates of antivirus products
Make users familiar with the antivirus software’s infection warning procedure
Manage antivirus protection
The antivirus software is regularly tested with fingerprint solutions
Antivirus software is installed on all mobile devices
All virus warnings are analyzed by an ICT expert
Implement a uniform level of security across your networks
Use configuration management tools (or at the very least a tool such as Microsoft MMC)
Secure your Website
Secure your Website using HTTPS
Further harden your website
Keep all your web server components up-to-date
Keep your CMS secure
Most Critical Web Application Security Risks
Secure your Cloud
Storing Sensitive Information
Passwords and Multi Factor Authentication
Keep a backup outside of the cloud
Data Breaches are real
Data Loss
Encrypt your Data
Hijacking of Accounts is still a possibility
Abuse of Cloud Services
Shared Vulnerabilities
Insufficient Due Diligence
The guarantees offered by the cloud provider correspond to the stored information’s level of criticality
Secure Your Databases
Avoid Shared Servers for Critical Databases
Enable Security Controls
Encrypt Stored/Configuration Files
Separate the Database and Web/Application Servers
Use Web Application Firewalls to protect your Databases
Logging and Log Analyses
Security logs on servers and firewalls are kept for a period of at least 6 months
An analysis and warning system (SIEM) uses the logs in order to detect any malicious behaviour
Evaluate all server, firewall and network component events/alerts
Implement LAPS
Update all programs
Patch Management
Automate the update process and audit its effectiveness
Apply security related updates to all software as soon as possible
Update all third-party software such as browsers and plugins
For servers: make a full back-up before, and create emergency repair disks after, each update
Develop a reference and test environment for new patches
User Access Controls
Implement a user life cycle
New Users, Default User accounts and User departure
Login management
Passwords management
Single Sign-On
Use Multi-Factor Authentication whenever possible
Frequently audit the central directory (Active Directory or LDAP directory)
Keep a limited and updated list of system administrator accounts
Shared, Service and Technical Accounts
Role-based access control (RBAC)
Secure Your Endpoints
Secure Server Access
Strengthen all systems according to vendor recommendations
Avoid direct remote connections to servers
Enforce authentication and password rules
Secure Desktops and Laptops
Enable automatic screen lock to computers and mobile devices
Technical measures are applied to prevent the connection of unregistered portable media
Scan external media
Encrypt hard disks and external media
Store or copy all data on a storage solution
The data stored in the cloud is encrypted (e.g. BoxCryptor)
Decommissioned hard drives, media and printer storage are physically destroyed
Allow programs to run only in certain folders
Secure Mobile Devices and Tablets
Enforce VPN on public networks
Update your device automatically
Use strong passwords/biometrics
Encrypt your Device
Remote Lock and Remote Data Wipe
Use Mobile Device Management
Secure UnManaged Devices and IOT
Map and monitor all connected devices
Change all default usernames and passwords
Disable unneeded services
Update the devices regularly
Apply Network Segmentation and Network Isolation
Secure your new technologies
Evaluate Your Actions
Open Evaluate Your Actions Submenu
Define and evaluate Key Performance Indicators
Plan and execute security audits
Continuously Review Your Asset Register
Continuously evaluate your Risk Register
Communicate to and request feedback from Senior Management
Perform penetration tests and vulnerability scans
Perform a Business Continuity Exercise
Perform a restore periodically
Periodically evaluate users’ awareness and responsiveness
Periodically remind users of the importance of their secure behaviour
Periodically remind users that information should be treated as sensitive and with respect for privacy
Audit all configurations regularly (including servers, firewalls and network components)
Evaluate your actions
Search
Basic level
Advanced Level
Manage risks for your most important assets
Select a Risk Management Methodology
Risk appetite
Keep a register of all your assets
Identify the vulnerabilities and threats
Perform a Risk Analyses
Define a baseline security configuration
Security by Design and Security by Default