Belgium transformed from a cybersecurity laggard in 2015 to implementing NIS2 with centralized leadership through the Centre for Cybersecurity Belgium (CCB). The shift from sectoral to entity-oriented regulation demanded unified governance positioning CCB as the single coordination point. The CyberFundamentals Framework emerged as a practical, tiered model validated against MITRE ATT&CK kill chains, addressing the reality that basic hygiene failures like missing MFA and poor patching still dominate breaches despite advanced threat discussions.

Effective national cyber resilience requires consolidating competencies, establishing clear leadership mandates and treating entities as partners against a single adversary rather than compliance targets.

In this session, CCB's Johan Klykens will share insights on:

• Active cyber protection preventing millions of malicious clicks through coordinated vulnerability disclosure and DNS filtering;
• High supervision models reviewing reviewers rather than auditing thousands of entities directly;
• Harmonizing vulnerability processes across NIS2 to eliminate duplicative reporting burdens.