Flanders is working on Cybersecurity Action Plan

Cyber security is a hot topic. Recently, the media has increasingly reported on incidents of companies falling into the hands of cybercriminals. Europe introduced the “NIS directive” (Network and Information Security) in 2016. It thus obliged every EU Member State to develop local legislation that requires a basic level of cybersecurity from all providers of essential services (hospitals, drinking water supply, electricity supply, ports, …). In 2019, this European NIS directive was converted into Belgian law (April 07, 2019). It may be only a matter of time before governments will impose minimum requirements on all companies.

The Flemish government is already taking a step in this direction with the Flemish Cybersecurity Action Plan. On February 3, 2020, the Cyber Security (CS) steering group met for the first time in the presence of Minister Crevits.

Flemish Cybersecurity Action Plan

The steering committee consists of highly placed individuals from the research and business world. This steering group must ensure that the implementation of the Flemish Cybersecurity Action Plan is on the right track.

This Flemish Cybersecurity Action Plan consists of 3 parts:

strengthen top Cyber Security research in Flanders

implementation in the Flemish business community

accompanying policy aimed at awareness raising, training and ethical framework


The first part deals with research. Strategic research that matches the demand and needs from industry will lead to new and differentiating opportunities for Flemish industry. At the same time, the international strengths of cybersecurity research in Flanders will be further expanded, which will enable our region to attract top researchers who later move on to companies in Flanders.

Implementation in the Flemish business community

The first and main intention of strengthening that research in cybersecurity is to share knowledge to companies in the most accessible way possible. To this end, a program will also be developed that will guide companies in an improvement process in the field of cybersecurity.

Accompanying policy aimed at awareness raising, training and ethical framework

Ultimately, the program should also develop and deliver cybersecurity industry training aimed at a broad and varied target audience. This training will be based on strong existing components (international, academic, and technological). The courses should be rolled out as efficiently as possible, with MOOCs (online) where possible and with a strong regional presence, close to the companies.

In addition, efforts will be made to ensure a good flow of up-to-date information on cybersecurity trends in order to maintain user awareness.


It is a good thing that governments are also becoming aware of the need for cybersecurity. It is no longer a ‘far from our bed’ event. However, we must be careful not to rush, but to use a thoughtful, solid approach. Every company is unique. Make sure your company’s cybersecurity strategy is actually made for your business.