The ISSA-BE.org site
GDPR (16-10-2017) PDF Print E-mail
Friday, 06 October 2017 00:00

We are delighted to invite you to the GDPR event, with two presentations

- GDPR: The Morning After: Bavo Van den Heuvel
- Compliance to Enablement: Enterprise Security Architecture & GDPR: Maurice Smit

The venue is kindly provided by Proximus (Marconi Room (P01P128) Proximus Tower Koning Albert II-laan 27 B / Bld du Roi Albert II 27 B, 1030 Brussels).

Theme of the evening: GDPR with a Twist

With the date of GDPR coming into force rapidly approaching, we have lined up a couple of presentations by two leading thinkers on the premise:
- Waking up on the 26 May 2018: What will the world really look like?
- What you will have wished you had done to prepare?
- What should you be doing now (and how) to avoid a major headache in that new world?

The Schedule:

18.30 – 19.00  Welcome reception with light refreshements
19.00 – 19:45  GDPR: The Morning After – Bavo Van den Heuvel
19:45 – 20.00  Break
20.00 – 20.45  Compliance to Enablement: Enterprise Security Architecture & GDPR – Maurice Smit
20:45 – 21:15  Networking and discussion

With special thanks to Proximus for hosting this event.


GDPR: The Morning After

I hope you all already did you GDPR homework and started at least working on that register, mapped all your personal data (flows) and updated all the data processing agreements… May 25 th 2018 is no end and 100 % compliancy does not exist and is not feasible. So what to do to sustain your compliancy level, what actions are needed on a regular basis.
•      The register needs maintenance: new software, new processing operations.
•      New DPIA’s will be needed, major upgrades in software trigger DPIA update.
•      Yearly all privacy measures taken have to be evaluated.
•      New processors have to be assessed.
•      First set of privacy metrics can be put in place
•      Your competitors change things, the market ask new things, the government comes up with new things, maybe you have to comply with a code of conduct or your clients ask for a GDPR certification
•      Employees’ awareness needs yearly updates
•      Data subjects will start exercising their rights
•      Data breaches have to be handled, communicated and used as input for prevention and improvement.

In this session Bavo will guide you with practical advise on how to cope this, after all you do not want a hangover the day after 

Bavo Van den Heuvel is commercial engineer, FIP, CIPP/E, CIPM, CIPP/IT certified and obtained the certification as ISO27001 Lead Auditor and Forensic Computer Auditor. He is Faculty Member at the IAPP. He is recognised as a true specialist in applied privacy and IT-security. He is founder and Director of Product Innovation at Cranium Applied Privacy NV. Since 2004 Bavo is Data Protection Officer.
Translating the data protection needs between legal/business and IT-(security) people is his daily challenge!


Compliance to Enablement: Enterprise Security Architecture & GDPR

With GDPR looming on the horizon for next year, many European enterprises are focusing on the very real challenges of compliance. In this session, we will show how the SABSA Enterprise Security Architecture Methodology’s focus on enabling the business delivers legal and regulatory compliance in ways that enable the business through improved effectiveness, efficiency and competitive advantage.

We will demonstrate business enablement throughout the SABSA lifecycle: from understanding enterprise goals and objectives; identifying the opportunities and threats related to new regulatory requirements to define enablement and control objectives into using these objectives to drive design, implementation, and operations. The SABSA approach provides the means to deliver business-driven compliance that enables a business to achieve its goals, rather than a compliance-driven business tied-up in regulatory knots

Maurice Smit Instructor and Principal Consultant, David Lynas Consulting
Maurice R.P Smit is an Information Risk & Security Management specialist with over 15 years of IT experience including development, operational maintenance and management. He is a founding member of the SABSA Institute Board of Trustees and was one of the first people in Europe to achieve SABSA Practitioner Certification.
Maurice has contributed significantly to the development of the SABSA methodology, including co-authoring the “SABSA for Enterprise Risk Management” training course and leads the volunteer effort “SABSA World” with the aim of establishing regional SABSA communities of interest.

Registration is mandatory.

Register here:

How to optimally integrate Privacy Controls into your Risk Controls Matrix? (17-05-2016) PDF Print E-mail
Monday, 02 May 2016 00:00

The European parliament, commission and counsel have reached an agreement on the General Data Protection Regulation (GDPR) text. This will replace the Data Protection Directive from 1995 and aims at protecting the EU citizen’s personal data in the current digital world whilst harmonizing the legislation for the processing of personal data across the whole EU. The challenges in the area of risk management and internal control are thus becoming more important. On the one hand there is the increasing regulation, on the other hand, risks are also becoming much more complex.

In this session, the following topics will be addressed:
- Accountability of data owners to demonstrate compliance
- Rationalization and integration of GDPR controls into existing RCM’s
- The importance of a corporate culture

Benny Bogaerts is a Director of KPMG Technology in Belgium and is heading the KPMG Information Protection Team.  He is specialized in Information Risk management, IT GRC, IAM, Data Privacy and Security Transformations.
18.00 – 18.30  Welcome reception with coffee & sandwiches
18.30 – 20.00 Integrate Privacy Controls into your RCM Benny Bogaerts
20.00 – 20.15 Questions and answers    All
20.15 – 21.15  Networking and cocktail bistro   All

Register here:

The venue is kindly provided by KPMG:
KPMG Advisory
Bourgetlaan 40
1130 Brussels

2016 - New Board! PDF Print E-mail
Saturday, 05 March 2016 00:00

Dear ISSA-BE Member,
Dear Security Professional,

We would like to inform you about our board election results.

At our last annual General Members Meeting, we elected a new board.
Our new board composition is as follows:

President: Thomas Herlea

Treasurer: Steven Bradley
Secretary: Koen Burms
Membership Officer: Tomas Vanhoof

Vice President: Syed Naqvi

Communications Officer: Steven Bradley
Education & General Events Officer: Ms. Jean Daka

Website Officer: Jean-Louis Van Mollekot
External & Public Relations: Syed Naqvi


Advisors (not elected)

Clément Herssens
Bart Thijssen
Stefan Van Gansbeke


Annual General Meeting + Presentation by Vito Rallo (01-03-2016) PDF Print E-mail
Sunday, 31 January 2016 00:00

We are delighted to invite you to the Annual General Meeting event, which takes place on 1 March 2016 and will host a presentation on IoT trends and issues, given by Vito Rallo Senior Manager at PwC Belgium. The venue is kindly provided by PwC (Woluwegarden - Woluwedal 18, 1932 Zaventem (Brussels)).

The Schedule:

18h00-18h30: Welcome at PwC for ISSA-BE members
18h30-19h00: ISSA-BE Annual General Meeting (ISSA-BE members only)
19h00-19h30: Break / welcome to non-members
19h30-21h00: IoT trends and issues by Vito Rallo
21h00-21h30: Networking drink & closure

With special thanks to PwC for hosting this event and providing the catering.

Registration is mandatory, both for the AGM and for the following event. Please make sure to register by Friday 26 February COB. Parking will be available.

Register here:




Vito has worked in IT for more than 15 years. He brings a value of 9 years’ Security experience with a background of Intrusion Prevention, System Hardening, Software Security, Mobile Security and excellence in Ethical Hacking. Vito had the opportunity to sharp his skills by leading projects for a global cyber security assessment team (with international exposure) and facing technical edge projects providing consultancy for corporate and financial institutions, steering the team, ensuring quality results and customer satisfaction.



In this presentation, Vito will introduce a simplified view of threats, discuss the attack vectors from practical hacking practice perspective. The speaker will address a number of typical vulnerabilities related to the OWASP IoT Top 10 trying to map them against a real-life use cases in Belgium.



Annual General Meeting:

ISSA-BE members are also warmly invited to attend the AGM taking place just before the above presentation.

If you're an ISSA-BE member 'in good standing' and would like to participate in the board's activities, please send a mail to This e-mail address is being protected from spambots. You need JavaScript enabled to view it This e-mail address is being protected from spambots. You need JavaScript enabled to view it for more information or to become a candidate. Also, if you are unable to attend the AGM, you can give a voting mandate to another ISSA-BE member; please send a mail to This e-mail address is being protected from spambots. You need JavaScript enabled to view it This e-mail address is being protected from spambots. You need JavaScript enabled to view it with both your name and the name of your proxy.

The agenda for the AGM is as follows:
- Welcome
- Financials
- Membership
- Elections, including presentation of the functions and the candidates

Cyber Security in Belgium (21/10/15) PDF Print E-mail
Saturday, 26 September 2015 00:00

We are pleased to announce that our next event will take place on Wednesday 21th October:

Cyber Security in Belgium: Are firms prepared to meet today’s cyber threats?

The venue is kindly provided by KPMG (Avenue du Bourgetlaan 40, 1130 Brussels)

Cyber security is a persistent business risk with an impact that can now extend from the executive board to the organization’s bottom line. The risk is constant and serious, but are Belgian firms prepared to defend against, and detect modern cyber threats?

Concern over cyber threats has reached a high as more and more firms are discovering breaches and vulnerabilities within their internal networks. Businesses have been discovering previously unknown threats within their network and consequently suffering from reputational damage and direct business losses.
In order to better understand the threats companies are currently facing, KPMG in Belgium organized a study to analyze network traffic inside 10 different enterprises operating in varying sectors in Belgium. The goal of the study was to determine whether unknown threats were hiding within organizations’ infrastructure and if current information security practices and technology were effectively preventing and detecting these threats.

In this session, we will discuss:
• The current cyber threat landscape in Belgium and globally with real world examples
• The results of KPMG’s Cyber Security Study in Belgium
• A look at the cloud and what it means from a risk perspective

The Schedule:

18.00 – 18.30 : Welcome Reception with coffee & sandwiches
18.30 – 18.35 : Introduction
18.35 – 19.00 : The Cyber Security Threat Landscape (Simon Mullis)
19.00 – 19.25 : ISACA Cyber Security Nexus (CSX) approach (Marc Vael)
19.25 – 20.00 : KPMG Cyber Security Study: Unknown Threat in Belgium (Jordan Barth)
20.00 – 20.15 : Cloud Risk & Attestation (Dirk Timmerman)
20.15 – 21.00 : Networking & Cocktail Reception


Jordan Barth, CISSP, GCFA - KPMG Belgium
Jordan is a Senior Cyber Security Expert within KPMG Belgium’s Information Protection Services. Jordan joined KPMG Belgium in 2014 and now leads KPMG services related to detection and incident response for cyber incidents. From 2009 to 2014, Jordan worked in the United States within the defense sector focusing on large system integrations, security control assessments and security architectures.

Dirk Timmerman, CPA - KPMG Belgium
Dirk is a Belgian Certified Public Auditor and an Executive Director with KPMG IT Advisory. He has more than 30 years of experience in financial audit and over 15 years in IT Audit, and is the service leader for IT Audit (including IT in External Audit, IT in Internal Audit and IT Attestation) at KPMG IT Advisory in Belgium.

Simon Mullis - FireEye
Simon joined FireEye in mid-2012. In his role as Global Technical Lead for Alliances, his focus is on supporting and enabling FireEye's key partners. He is a regular public speaker, a recognised subject matter expert in Cyber Security and has been working in IT security since the late 1990s.

With special thanks to KPMG for hosting this event.

Places are limited so registration is mandatory. Please help us plan by registering by Tuesday 20 October COB.

Register here:





Page 1 of 4

Upcoming Events

There are no upcoming events.