National Cyber Emergency Plan
The Council of Ministers approved the National Cyber Emergency Plan on the proposal of then Prime Minister Charles Michel in 2017.
Responding to cyber security crises and incidents
As part of its mission with regard to crisis management for cyber incidents, the Center for Cybersecurity Belgium (CCB) developed the National Cyber Emergency Plan in cooperation with the National Crisis Center (NCCN). The plan's main objective is to organize a response structure to cybersecurity crises and incidents that require coordination and management at the national level. The plan describes the missions that the various bodies and services, each within their legal and regulatory powers, should perform within the overall process for handling cybersecurity crises and incidents. This plan must be evaluated each year and adjusted if necessary. The CCB plays a coordinating role in this. Holding regular exercises is important for building resilience to incidents and to test the effectiveness of the National Cyber Emergency Plan. The lessons learned from these exercises form the basis for the annual evaluations. The new National Cybersecurity Strategy 2.0 indicates that the National Cyber Emergency Plan will be further operationalized.
By optimal collaboration between the national Computer Emergency Response Team (CERT.be) of the CCB, the Integrated Police Services and the National Crisis Center (NCCN), incidents are dealt with quickly and effectively and addressed and legal investigations are immediately integrated. Incidents with a national impact are escalated to the appropriate level and acted upon by ad hoc Rapid Reaction Teams through which other services and partners are also efficiently involved.
The role of CERT.be in the cyber emergency plan:
- After receiving an incident report, CERT.be conducts an expert evaluation and determines the seriousness of the incident.
- In a national cyber security incident, CERT.be plays a coordinating role and informs the operators of critical infrastructure or other entities. CERT.be records the incident, concludes the recording and then makes a report about it.
- A national cyber security crisis is handled by CERT.be under the coordination of the National Crisis Center (NCCN) and the CCB.
- To prepare itself for potential cyber incidents and crises, CERT.be regularly takes part in national and international cyber exercises.