Home Events
Data Migration & Information Obfuscation + Beyond Encryption & Data Masking (22/04/14) PDF Print E-mail
Friday, 28 March 2014 00:00

We are pleased to announce our next event, which takes place on April, 22: "Data Migration & Information Obfuscation + Beyond Encryption & Data Masking", the venue is kindly provided by Deloitte Berkenlaan 8A, 1831 Diegem, Belgium
Meeting room “Grand Place”, located in building 8A (red one); Wifi available
Parking will be booked.


18.00 – 18.30 Registration
18.30 – 18.40 Welcome
18.40 – 19.15 Enhanced Data Migration & Information Obfuscation: Trends & Techniques; PowerPoint Demo & Discussion – Bob Gardner
19.15 – 19.30 Networking break
19.30 – 20.30 Advanced Technologies: Beyond Encryption & Data Masking; WebEx Presentation DataVantage Global – DCR US Staff & Bob & Ed
20.30 – 21.30 Networking Drink

With special thanks to Deloitte for hosting this event and providing the catering.

Registration is mandatory. Please make sure to register by Friday 18 April COB. Parking will be available.

Register here:


Trends – International APT attacks; Emerging Legal & Reputation Consequences; Enterprise Transition Vulnerabilities (i.e. New Cloud, M&A Implementations).
Techniques – Protecting the DNA; Mitigating Legal and Reputation Consequences (iCloud, SAFETY Act and FedRAMP).
Technology – Measuring Real Enterprise Exposure.




Edward L. Stull (Ed): As DCR’s Chief Architect for enterprise-level Data Privacy software products since 1997, Ed is among the leaders of the company’s efforts related to data privacy. He served as the principal investigator and co-author of several DataVantage Global® international patents that relate to the management and protection of information as well as for an artificially intelligent system to explore and protect data in an enterprise.


Ed has chaired multiple committees for more than 35 years in national and international standards and has received awards, including:

  • Eighth, three-year term as Chair of the US national committee on Open Systems for INCITS from whom he received the prestigious Gene Milligan Award for Effective Committee Management in 2009;
  • Chair of the US Technical Advisory Group (US TAG) on telecommunications and information exchange between systems (JTC1/SC 6) for the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC);
  • Chair of the international study group on Security Best Practices for the financial services and insurances industries which resulted in the development of an ISO standard;
  • Co-Chair of subcommittee related to an ongoing initiative concerning Protected Healthcare Information (PHI) led by ANSI, the Santa Fe Group (SFG) and the Internet Security Alliance (ISA).

In his four-plus decades of professional experience, Ed has managed and participated in all phases of implementation of small to very large (5000+ users) software systems, specializing in command and control challenges for both industry and military. He has been a team leader on corporate financing, start-ups, mergers and acquisitions and private placement and investment banking activities. Representing investor interests, he has served as a distinguished Director on corporate boards and has been a management and technical consultant to many large accounting and defense firms. He also has held C-level and key positions in corporations and government roles and has been a featured speaker at leading international conferences and other events.


Ed has served both as a civilian and in uniform as an officer in the US Air Force where he led or commanded advanced tactical deployment systems, and later, large analytical information systems for strategic studies.


Ed is married to Carmen with three grownup children and one grandson. They share a seat on the Kennedy Center Circles Board and each is a director in the Washington International Piano Arts Council. They reside in Maryland.


Robert Gardner (Bob): Bob has been serving as Direct Computer Resources’ (DCR) Subject Matter Expert on Risk Management for cyber security for banking and financial organizations as well as for critical infrastructures since 2007 and has attended and represented DCR at many trade shows and similar events including the June 2012 Deloitte 7th European IT Audit in Financial Services Forum where DCR was an invited guest.


Bob spends much of this time mentoring enterprise executives and public officials and the CIOs and Risk Officers that report to them on how to quantify the financial impact, stakeholder (client, public and shareholder) sentiment and confidence and the legal exposure of high-impact cyber risk, so they may allocate resources commensurate with share value risk.  And from which they may isolate and protect their enterprise’s most impactful information assets – their core DNA.


Bob is the founding partner of New World Technology Partners (NWTP), which incubates intellectual property endeavors at the intersection of technology, business and public policy. At NWTP, he participated in the launch of several high-tech startups, including August Systems, Verdix, Meiko Scientific, Cryptek, Phoenix Numeric and Probity Labs.   Through NWTP, he created the intellectual property incubator which introduced Trusted TeamWorks™ and recently led the development of iRISK™ executive cyber risk management methodology for a Fortune 500 service provider.  Prior to forming NWTP, he held senior engineering and marketing positions for Burroughs Corporation’s Supercomputer activities, including ILLIAC IV, PEPE, LDSP and NASF.


Bob’s educational background includes undergraduate Electrical/Systems Engineering; Graduate Business and Graduate Engineering Science from Rensselaer Polytechnic Institute, University of Santa Clara and Penn State, respectively.


He writes and speaks often on the Enterprise Impact of Cyber Risk and has prepared briefings and testimony for the U.S. House of Representatives, Senate committees and Financial and Energy Industry forums.


Regarding his cultural interests, he aided in the formation of several New York arts enterprises, including The Brick Theater and In the Pocket New York, and teaches the “Business for Poets” workshops for artists in Brooklyn, NY.


Bob resides in Annapolis, Maryland with his wife and has 3 “starving artist” children residing in Brooklyn N.Y.


Annual General Meeting + Facing a major IT incident (18/03/14) PDF Print E-mail
Tuesday, 04 March 2014 00:00

We are delighted to invite you to the Annual General Meeting event, which takes place on 18 March 2014 and will host a presentation on Facing a major IT incident, given by Erik de Jong responsible for FoxCERT. The venue is kindly provided by Trasys (Terhulpsesteenweg 6c, 1560 Hoeilaart).

The Schedule:

18h00-18h15: Welcome at Trasys for ISSA-BE members
18h15-19h15: ISSA-BE Annual General Meeting (ISSA-BE members only)
19h15-19h30: Break / welcome to non-members
19h30-21h00: Facing a major IT incident, given by Erik de Jong
21h00-21h30: Networking drink & closure

With special thanks to Trasys for hosting this event and providing the catering.

Registration is mandatory, both for the AGM and for the following event. Please make sure to register by Tuesday 14 March COB. Parking will be available.

Register here:





Erik de Jong is responsible for FoxCERT, the computer emergence response team of Dutch security firm Fox-IT. FoxCERT helps organizations that have fallen victim to cybercrime, cyber espionage, with the aim getting them back to regular business as usual in a quick and responsible manner. Prior to working for Fox-IT, Erik held a variety of positions at the Dutch National Cyber Security Center and security firm McAfee.



In his talk, Erik will discuss what happens when organizations are faced with major incidents. A major incident is different from regular incidents in that they can easily escalate into crises and that technical aspects are still important but usually overshadowed by communication and legal aspects. So what happens when you let a third party investigate, what happens when you find out that you’re facing a major incident? You’ll find that the feeling of not being in control, having to manage a variety of sometimes conflicting interests can distract you from your focus: managing the incident and returning to business as usual in a responsible manner. It helps to consider these issues beforehand in order to save time and headache later.



Annual General Meeting:

ISSA-BE members are also warmly invited to attend the AGM taking place just before the above presentation.

If you're an ISSA-BE member 'in good standing' and would like to participate in the board's activities, please send a mail to This e-mail address is being protected from spambots. You need JavaScript enabled to view it This e-mail address is being protected from spambots. You need JavaScript enabled to view it for more information or to become a candidate. Also, if you are unable to attend the AGM, you can give a voting mandate to another ISSA-BE member; please send a mail to This e-mail address is being protected from spambots. You need JavaScript enabled to view it This e-mail address is being protected from spambots. You need JavaScript enabled to view it with both your name and the name of your proxy.

The agenda for the AGM is as follows:
- Welcome
- Financials
- Membership
- Elections, including presentation of the functions and the candidates

The state of IPv6 (23/01/14) PDF Print E-mail
Saturday, 11 January 2014 00:00

We are pleased to announce our next event, which takes place on January, 23: "The state of IPv6", at Cisco Belgium, Pegasus Park, De Kleetlaan, 6A, 1831 Diegem.

Topic: The next generation Internet with IPv6: deployment status and security considerations

After a slow start and now pushed by the IPv4-address exhaustion hitting several Internet service providers, IPv6 is being actively deployed on the Internet in parallel with IPv4 address sharing (a highly insecure option).

The session will describe the current IPv6 deployment worldwide and in Belgium (our country is the 8th largest IPv6 deployment worldwide as VOO, Belgacom and soon Telenet deploy IPv6). As a security practionner, we all need to understand the security issues related to this new protocol both over the Internet but also in the Data Centers (Windows, Linux, ... all have IPv6 used by default everywhere).

The session will introduce the main concerns and how to mitigate them: from reconnaissance, to extension headers (and the fragmented attacks) as well as firewalls and IPS.

The Schedule:

18.00 – 18.30  Welcome
18.30 – 19.15  •  IPv6 deployment status           Eric Vyncke
19.15 – 19.30  Networking break  
19.30 – 20.30  •  IPv6 security considerations    Eric Vyncke
20.30 – 21.30  Networking drink

Register here:

Speaker: Eric Vyncke

Eric Vyncke is a Distinguished Engineer based in the Brussels office of Cisco Systems. His main current technical focus is about security and IPv6. He has designed several secured large IPsec networks and other security related designs.

In his work for the IETF, he co-authored RFC 3585 and 5514 and is active in V6OPS, 6MAN and OPSEC working groups. His recent works are related to IPv6 including co-authoring a book on IPv6 Security; he also authored a book on layer-2 security.

Eric is the current co-chair of the Belgian IPv6 Council. www.vyncke.org/ipv6status is well-known for several years to collect statistics about IPv6 deployment.

He is also a visiting professor for security topics at the University of Mons. He is an adjunct professor at HEC, the business school of University of Liège, Belgium.

He holds a CISSP certification, member of ISSA and speaks frequently at international conférences.


eHealth Security (19/11/13) PDF Print E-mail
Monday, 21 October 2013 00:00

We are pleased to announce our next event in collaboration with ISACA, which takes place on 19 November "eHealth Security", at SMALS vzw/asbl Avenue Fonsnylaan 20 1060 Sint-Gillis (Brussel) (next to Brussel-Midi train station) - Parking: Q-Park Brussel Zuid, Rue de France/Frankrijkstraat 40, 1060 Saint-Gilles (Bruxelles).


eHealth involves promoting standards and processes that will enable patient information to be shared in a more efficient and timely manner, while ensuring the data is kept private and secure. Privacy and security of patient information is just one part of eHealth, but it is arguably one of the most important components. 
In this ISACA ISSA event, you will be able to learn how the privacy and security is established in detail for the Belgian eHealth platform.


The Schedule:

18.00 – 18.30 Welcome reception with coffee & cookies
18.30 – 18.45  Introduction                                       Marc Vael
18.45 – 19.30  •  eHealth Security                            Frank Robben 
19.30 – 19.50  Networking & Coffee break  
19.50 – 20.20  •  eHealth Security (continued)         Frank Robben
20.20 – 20.30 Questions and answers                     All
20.30 – 20.40  •  ISACA 2013 agenda and events    Marc Vael

Register here:


Mr. Frank Robben, general manager of the Belgian e-Health platform. 


Mr. Marc Vael, Chief Audit Executive at Smals vzw, President at ISACA Belgium vzw,  International Vice-President ISACA


Defence in Depth: Protection, Detection & Response (21/10/2013) PDF Print E-mail
Monday, 14 October 2013 00:00

We are pleased to announce our next event with Vince Gallo and Kris Boulez, which takes place on 21 October on the theme "Defence in Depth: Protection, Detection & Response". The venue is kindly provided by PwC Woluwegarden - Woluwedal 18 - 1932 BRUSSELS.

The Schedule:

18h00-18h15: Welcome at PwC Woluwegarden
18h15-19h15: Protection: 
                       Security Architecture - Changing the Landscape: by Vince Gallo, Residual Data
19h15-19h30: Networking break
19h30-20h30: Detection & Response:
                       Cybercrime: Readiness & Response: by Kris Boulez, PwC
20h30-....h....: Networking & closure

With special thanks to PwC for hosting the event.


Register here:


Security Architecture - Changing the Landscape
In this presentation Vince Gallo will introduce SABSA - the world's most successful free-use and open-source security architecture framework.
SABSA is adopted as a formal and de facto standard throughout the world with more than 3000 formally certified Security Architects in 42 countries and is officially recommended by The Open Group (amongst others) as the best method for securing Enterprise Architecture. 
It is a disciplined, business-driven approach to the development of an enterprise security architecture which will deliver a security capability properly focused on meeting the evolving needs of the business in a way that leverages your existing strengths, models and investments.
Through a proactive framework to provide business assurance and enable new business opportunities, SABSA provides an organisation with full traceability of how its investment in security supports its business goals, targets, critical success factors and capabilities.
Cybercrime: Readiness & Response
Recent news coverage on security incidents (Belgacom, prime ministers)  has shown that cyber crime is very much real in Belgium.
Cyber crimes are committed by a multitude of offenders with various motives: insiders behaving badly, competitors seeking an advantage, transnational criminal enterprises stealing for profit, foreign governments seeking an economic or military advantage, and terrorist organizations disrupting services. Organizations must be prepared to forensically investigate cyber intrusions, data theft, and insider malfeasance.
An overview of Incident Response processes and tools will be given, with specific emphasis on how an organisation can be prepared for an incident.
The analysis methods for suspected malware will be described in detail with examples using freely available tools.
The event will be kindly hosted by PwC at their Brussels office.
Speaker Biographies
Vince Gallo is an internationally respected authority on the design and implementation of security and cryptographic software.  He has developed security products for more than 25 years, including hardware, tamper-resistant devices, and high assurance software.
He is the author of more than thirty papers on security issues, and has spoken at international conferences on security for over ten years.
Kris Boulez has extensive experience in Technology Consulting in general and Information Security in more depth. In the beginning of his career Kris was active in System- and Network Administration, which gives him a strong technical background. When he moved into Information Security his work has been in the design and implementation of (enterprise) security architectures and incident response.
Kris joined Ascure in May 2007 (Ascure was acquired by PwC in 2011) and has since then worked on Incident Response, PKI and (Web) Application Security.
He has worked for organisations in different sectors (finance, government, utilities, media) and on multiple continents..
In addition, he is known for performing security advisory services for critical infrastructures on topics concerning incident response processes and investigations


Page 2 of 4

Upcoming Events

There are no upcoming events.