The Centre for Cyber Security has launched a number of initiatives to enhance the cybersecurity of Belgium’s critical infrastructure. ‘Critical infrastructure’ is the infrastructure that is absolutely necessary for the safety and security of the Belgian population – namely facilities for energy, transportation, telecommunications, financial services, drinking water, public health and government services.
Cyber Emergency Response Plan
The CCB began drafting a National Cyber Emergency Response Plan in December 2015. In the event of major cyber incidents and crises, the various Belgian services with cyber activities need to work together efficiently to bring the situation under control as quickly as possible.
The primary aim of the Belgian National Cyber Emergency Response Plan is to set up a response structure for handling cybersecurity crises and incidents that require national-level coordination and/or management. The plan makes provision for escalating the response based on the impact of the cyber event.
The plan identifies national cybersecurity crises and national cybersecurity incidents. It sets out a basic system of coordination to enable the various services with cyber activities to harmonise the actions they take to manage national cyber incidents, and places considerable emphasis on rapid, accurate sharing of information between services.
The National Cyber Emergency Response Plan is intended to provide guidance on the procedures to follow and protective measures to apply in the event of a national cybersecurity crisis or incident. It describes the tasks that the relevant bodies and services must perform, within their legal and regulatory remit, as part of the overarching cybersecurity incident/crisis management process.
The plan is part of a wider approach. Each of the relevant services can use it as a basis for the operational aspects of crisis and incident management within its remit. The CCB appreciated being able to draw on the knowledge and expertise of the National Crisis Centre when drafting the plan. Besides, the various services with cyber activities are working together to form an accurate picture of Belgium’s current capacity to handle cyber incidents.
The CCB hopes to have the first draft of the plan ready by April 2016. Drills will then be organised with a view to testing out this initial version and making any adjustments that may be needed.
Early Warning System for Critical Infrastructure
The CCB is creating an Early Warning System to provide critical infrastructure sectors with rapid, standardised alerts about new cyber threats and attacks.
A shared platform will enable these sectors to access filtered alerts informing them of intrusions and other cyber threats. That way, they will be informed quickly by a reliable source and will be able to act without delay.
The Early Warning System is expected to be up and running by this autumn. The CCB is issuing e-mail alerts in the meantime.