www.belgium.be Logo of the federal government

Cyberfundamentals Framework

The Cyberfundamentals Framework is a set of concrete measures to:

  • protect data,
  • significantly reduce the risk of the most common cyber-attacks,

  • increase an organisation's cyber resilience. 

The Levels

To respond to the severity of the threat an organisation is exposed to, in addition to the starting level Small, 3 assurance levels are provided: Basic, Important and Essential



The starting level Small  (coming soon) allows an organisation to make an initial assessment. It is intended for micro-organisations or organisations with limited technical knowledge. 




The assurance level Basic contains the standard information security measures for all enterprises. These provide an effective security value with technology and processes that are generally already available. Where justified, the measures are tailored and refined.



The assurance level Important is designed to minimise the risks of targeted cyber-attacks by actors with common skills and resources in addition to known cyber security risks. 



The assurance level Essential goes one step further and is designed to address the risk of advanced cyber-attacks by actors with extensive skills and resources.