In January 2023 the Belgian Center for CyberSecurity (CCB) published its CyberFundamentals guidance as a means to support Belgium and its constituent organisations to become more CyberSecure.
LSEC has been capitalising on a number of its innovative developments together with its partners using both
- nocode development platforms
- secure multiparty computation
- shared assessments
- automation in assessments
LSEC has developed a digital assessment platform that can be used by companies, their cybersecurity advisors and other industry participants in order to be able to quickly capture the interest of organisations and companies in taking their first assessments.
But beyond this, and based upon our experiences, we aim to facilitate the assessment in itself. Because it is a challenging activity. The guidelines are not always very practical, for people without the technical or operational background not always clear to comprehend, for employees not easy to explain in their own organisation, and for managers and executives not always easy to report.
On the basis of the three main schemes, we facilitated the capability of doing self assessments.
But more than simply a series of questionnaires, we facilitate a perspective of maturity improvement. We also encourage the insights of the group and supporting some peer pressures to support this maturity improvement.
The platform allows for partial assessments, that can be completed later.
The platform allows for more clarification, by adding questions and additional insights on the various guidance levels.
On top, since we understand from our day to day practices, that organisations are limited in resources to improve in maturity. So we offer organisations to call out for external support in improving in one or more of the specific controls and themes.
Once completed the assessments, you will be seeing a chart indicating your answers and visually presenting your potential gaps. These can be used to call out to specific technology and services providers that can provide additional help.
But don’t worry, all of your data will be secured in our virtual data lake, which is fully encrypted.
We use Secure Multiparty Computation allowing us to present parts or the complete assessments, without revealing you as a company – until the moment you accept the services.
Additionally it allows us to present in a generalised way how the overall market is developing, without again revealing your data.
Moreover, in similar lines as the CyberFundamentals, many of the controls will also help the organisation in taking the step towards ISO27k, IEC62443, CSF or other control frameworks (such as the CCM).
Finally, if you allow your assessments to be used, we can facilitate to share it in an industrial platform so your customers and other partners can consume your assessment and improve their own CyberSecurity levels.
Many other advantages will be added gradually and we definitely encourage the support from the market to help us developing and improving it further.