Skip to main content
  • NL
  • FR
  • EN
Other official information and services: www.belgium.be Logo of the federal government
Home

Cyberguide - Centre for Cyber security Belgium

Basic
Advanced
  • Plan your cyber securityOpen Plan your cyber security Submenu
    • Management Commitment
    • Understand Your Enterprise Requirements
    • Compose Your CyberSecurity Team
      • Appoint an Information Security Officer
      • Describe security roles and responsibilities (for physical, personnel & ICT security)
      • Appoint a Data Protection Officer
      • Identify the key competencies and the people who have them
      • Make sure the information security officer is operating independently and not part of ICT
      • Distribute and update contact Information
    • Define Policies & Procedures
      • Develop and distribute a code of conduct for using ICT
      • Classification and marking scheme for sensitive information
      • Introduce Need to know, Least Privilege and Segregation of duties
      • Publish a corporate security policy and a code of conduct
      • Publish a Responsible Disclosure policy
      • Acceptable Use Policy
      • Backup Policy
      • Email/Communications Policy
      • Mobile Device Policy
      • Teleworking Policy
    • Training, communication and awareness
      • Train your employees in recognizing CEO fraud
      • Train your users in recognizing phishing
      • Inform users about safe web behaviour
      • Evaluate the security skills of your staff members
      • Get users to subscribe to your code of conduct & policies
      • Organise Cyber Security Awareness Campaigns
    • Incident Management
      • Incident Management Basics
      • Have an up-to-date incident register
      • All employees must know the contact point for reporting incidents
      • Have incident response procedures
      • Report all incidents to senior management (C-level)
      • Evaluate the opportunity for cyber security incident insurance coverage
    • Business Continuity
      • Create a business continuity plan to preserve business
      • Include Redundancy and Failover into your architecture
      • Install fall-back capabilities for utilities (electricity, phone, internet…)
      • Evaluate and test these plans every year
      • Business Continuity in the cloud
    • Change Management
    • Custom made or internally developed software and hardware
  • Manage Your RiskOpen Manage Your Risk Submenu
    • Select a Risk Management Methodology
    • Understand Your Risk Appetite
    • Keep a register of all your assets
      • Have an up-to-date inventory of network devices and connections
      • Have an up-to-date inventory of Workstations and Servers
      • Have an up-to-date inventory of mobile devices and tablets
      • Have an up-to-date inventory of Internet Connected Operational Devices
      • Keep Records of Partners, Vendors, Contracts, SLA's
      • Decomissioning of assets and media disposal
    • Identify the vulnerabilities and threats
    • Perform A Risk Analyses
    • Define a baseline security configuration
    • Security by Design and Security by Default
  • Take Security MeasuresOpen Take Security Measures Submenu
    • Back Up and Restore
      • Make regular back-ups of your important data
      • Store back-ups offline and in a separate place (at a distance from their source if possible)
      • Back-ups are stored in a safe or in a secure data centre
      • Select own or cloud backup solutions
      • Encrypt data stored in the cloud
      • Periodic restoration tests are carried out in order to check the quality of the back-ups
    • Email Security
      • Protect your email domain from spoofing
    • Manage Antivirus/Malware
      • Antivirus software is installed, active and up to date on all workstations and servers
      • Automate updates of antivirus products
      • Make users familiar with the antivirus software’s infection warning procedure
      • Manage antivirus protection
      • The antivirus software is regularly tested with fingerprint solutions
      • Antivirus software is installed on all mobile devices
      • All virus warnings are analyzed by an ICT expert
    • Manage your key ICT assets
      • Implement a uniform level of security across your networks
      • Use configuration management tools (or at the very least a tool such as Microsoft MMC)
    • Update all programs
      • Patch Management
      • Automate the update process and audit its effectiveness
      • Apply security related updates to all software as soon as possible
      • Update all third-party software such as browsers and plugins
      • For servers: make a full back-up before, and create emergency repair disks after, each update
      • Develop a reference and test environment for new patches
    • User Access Controls
      • Implement a user life cycle
      • New Users, Default User accounts and User departure
      • Login management
      • Passwords management
      • Single Sign-On
      • Use Multi-Factor Authentication whenever possible
      • Frequently audit the central directory (Active Directory or LDAP directory)
      • Keep a limited and updated list of system administrator accounts
      • Shared, Service and Technical Accounts
      • Role-based access control (RBAC)
    • Secure Physical Access
      • Register all visits
      • Limit employee access with a badge system and create multiple security zones
      • Any physical access to servers and network components is registered
      • Ensure office cleaning is carried out during working hours or under permanent surveillance
      • Have sensitive documents stored in locked closets
      • Have sensitive documents destroyed using a shredder
      • Limit physical access to servers and network components to a minimum number of people
      • Enforce the locked print option when available
      • At the end of the working day have any documents left on the printer shredded
    • Secure Server Access
      • Strengthen all systems according to vendor recommendations
      • Shut down unused services and ports
      • Avoid direct remote connections to servers
      • Change all default passwords and disable unused accounts
      • For the administration of servers, use a network that is (logically) separated from the user network
      • Enforce authentication and password rules
      • Use only individual accounts and never share passwords
      • Search for abnormal access to information and systems (timeframes, applications, data…)
      • No one works with administrator privileges for daily office tasks
    • Secure Desktops and Laptops
      • Disable autorun functions from external media
      • Enable automatic screen lock to computers and mobile devices
      • Prohibit the connection of personal devices to the organization’s information system
      • Technical measures are applied to prevent the connection of unregistered portable media
      • Maintain a 'whitelist' of allowed programs
      • Laptops, smartphones or tablets are never left unattended
      • External media such as USB drives are checked for viruses before they are connected to a computer
      • Encrypt hard disks and external media
      • Store or copy all data on a storage solution
      • Sensitive or confidential data must be encrypted for transmission
      • The data stored in the cloud is encrypted (e.g. BoxCryptor)
      • Decommissioned hard drives, media and printer storage are physically destroyed
      • Allow programs to run only in certain folders
    • Secure Network Access
      • Use secure applications and protocols
      • Firewalls
      • The guest Wi-Fi network is separated from the corporate network
      • The Wi-Fi network is protected by WPA2 encryption
      • Enforce Network Authentication
      • An IDS/IPS (Intrusion Detection/Prevention System) monitors all communications
    • Secure Internet Access
      • Prevent any direct access to the internet, but force traffic through a proxy and IDS
      • Block Access to Sites deemed unsafe
      • Evaluate the risk of file sharing sites
    • Secure Mobile Devices and Tablets
      • Enforce VPN on public networks
      • Update your device automatically
      • Use strong passwords/biometrics
      • Encrypt your Device
      • Remote Lock and Remote Data Wipe
      • Use Mobile Device Management
    • Secure Remote Access
      • All connections to the corporate network must be secured and encrypted
      • Allow only Virtual Private Network (VPN) connections for end points
      • Limit remote access to what is strictly necessary
      • Remote access must be disconnected automatically when inactive for a certain amount of time
      • Strong authentication is required when connecting from external public networks
    • Secure your Website
      • Secure your Website using HTTPS
      • Most Critical Web Application Security Risks
    • Secure your Cloud
      • Storing Sensitive Information
      • Passwords and Multi Factor Authentication
      • Keep a backup outside of the cloud
      • Data Breaches are real
      • Data Loss
      • Encrypt your Data
      • Hijacking of Accounts is still a possibility
      • Abuse of Cloud Services
      • Shared Vulnerabilities
      • Insufficient Due Diligence
      • The guarantees offered by the cloud provider correspond to the stored information’s level of criticality
    • Secure UnManaged Devices and IOT
      • Map and monitor all connected devices
      • Change all default usernames and passwords
      • Disable unneeded services
      • Update the devices regularly
      • Apply Network Segmentation and Network Isolation
    • Secure Your Databases
      • Avoid Shared Servers for Critical Databases
      • Enable Security Controls
      • Encrypt Stored/Configuration Files
      • Separate the Database and Web/Application Servers
      • Use Web Application Firewalls to protect your Databases
    • Logging and Log Analyses
      • Security logs on servers and firewalls are kept for a period of at least 6 months
      • An analysis and warning system (SIEM) uses the logs in order to detect any malicious behaviour
      • Evaluate all server, firewall and network component events/alerts
    • Secure Your Endpoints
    • Secure your new technologies
  • Evaluate Your ActionsOpen Evaluate Your Actions Submenu
    • Define and evaluate Key Performance Indicators
    • Plan and execute security audits
    • Continuously Review Your Asset Register
    • Continuously evaluate your Risk Register
    • Communicate to and request feedback from Senior Management
    • Perform penetration tests and vulnerability scans
    • Perform a Business Continuity Exercise
    • Perform a restore periodically
    • Periodically evaluate users’ awareness and responsiveness
      • Periodically remind users of the importance of their secure behaviour
      • Periodically remind users that information should be treated as sensitive and with respect for privacy
    • Audit all configurations regularly (including servers, firewalls and network components)
    • Evaluate your actions
Basic level
Advanced Level

Plan Your Cybersecurity

Understand Your Enterprise Requirements
Management Commitment
Compose your cybersecurity team
Define Policies and Procedures
Raise staff awareness of cyber risks
Incident Management
Business Continuity Plan
Change Management
Custom made or internally developed software and hardware

Contact

Contact us if you have suggestions.

Partners

© 2021 - FPS Chancellery of the Prime Minister - Privacy