In 2025, the CCB recorded 556 reports of cybersecurity incidents, among which 8 carried national impact, and the trend continues to rise. Public administration and the healthcare sector are the most frequently targeted, yet no sector remains entirely spared. To ensure a swift and effective response to cyber incidents and crises at national level, the 2017 cyber emergency plan has been comprehensively updated.
No network or information system is immune to failure or attack. Belgium has long acknowledged this reality: organisations of all kinds face cybersecurity incidents of varying origin and nature, whether deliberate malicious acts or failures with unforeseen consequences. To address these threats in a coherent and effective manner, Belgium adopted a national cyber crisis response plan as early as 2017. That framework has now been fully revised and updated in 2026.
This revision goes well beyond a formal update. It reflects a clear ambition: to align the national framework with today's threat landscape, integrate developments in European regulation, and consolidate the collaborative approach that now defines how public and private sector stakeholders respond to digital incidents and crises.
A plan adopted by Royal Decree
The national plan for responding to cyber crises and cybersecurity incidents has been formally adopted by Royal Decree. It is grounded in two foundational pieces of legislation: the Law of 26 April 2024 establishing a framework for the cybersecurity of networks and information systems of public interest, transposing the European NIS2 Directive into Belgian law, and the Law of 25 May 2007 on civil security.
This legislative foundation ensures that the plan functions not merely as a reference document, but as a genuine operational instrument in real crisis situations.
What the plan organises
The plan establishes a structured response framework for events requiring management, coordination or support at national level. It defines the role of each party without encroaching on the specific remit of individual actors, and provides all concerned stakeholders with a common framework for concerted action.
The plan covers the following:
- the objectives of national preparedness measures and activities;
- the tasks and responsibilities of cyber crisis management authorities;
- crisis management procedures, integrated into the general national emergency management framework;
- channels for information exchange between stakeholders;
- national preparedness measures, including exercises and training;
- the relevant public and private sector stakeholders;
- national arrangements ensuring Belgium's effective participation in coordinated crisis management at European level.
The plan prioritises the protection of the country's critical sectors. In the event of a crisis, it enables the various competent bodies (each acting within the limits of its legal mandate) to work together seamlessly, with a clear understanding of respective responsibilities and information flows.
A strong European dimension
The 2026 revision is fully aligned with the European drive to strengthen digital resilience. The plan incorporates explicit mechanisms to ensure that Belgium can participate effectively in coordinated cyber crisis management at EU level, in accordance with the requirements of the NIS2 Directive.
Confidentiality note: For security reasons, the detailed operational content of the national cyber crisis response plan is not publicly available. The framework presented on this page represents the full extent of information subject to public disclosure.
