Masterclass NIS2: broader picture

This masterclass provides an objective, scientifically grounded view of the NIS2 directive and the broader cybersecurity regulatory framework, while also addressing practical implications. By doing so, it equips you to navigate the complexities of the NIS2 directive effectively, ensuring that your organization meets legal obligations and enhances its overall cybersecurity resilience.

The programme is designed for individuals involved in cybersecurity across various sectors, including industry, financial institutions, insurance companies, and government agencies.

It is relevant to those seeking a comprehensive understanding of the cybersecurity landscape, such as:

• Legal and compliance officers
• IT and network managers
• C-level executives (e.g. COOs) who want to understand the broader context
• Cybersecurity professionals, such as security analysts, chief information security officers (CISOs), …

1) The European framework

Lecturer: Eyup Kun, researcher at KU Leuven Centre for IT & IP Law

• Basics
  • Objectives
    • Comparison with NIS1 Directive
    • Key updates in NIS2
    • ...
  • Scope: understanding the legal obligations under NIS2 for different types of organizations
    • Essential vs important entities
    • Third party impact
    • Non-EU based organisations
    • ...
  • Critical evaluation/review (e.g. overlap? holistic?)
• The broader legal framework
  • GDPR
  • Sector-specific acts (lex specialis principle), e.g. Digital Operational Resilience Act (DORA)
  • ...
• What is next?
  • Delegated and Implementing Act
  • Future initiatives
  • ...

2) The national/Belgian regulations

Lecturer: Dirk De Paepe, certification expert at CCB

• Role of national authorities and Computer Security Incident Response Teams (CSIRTs)
• The Belgian interpretation and implementation of NIS2: the Belgian policy and cyber strategy
• The available guidance from the CCB, our Belgian CSIRT:
  • Platform and tools e.g. Safeonweb@work, quick-start guide,…
  • The CyberFundamentals framework
• Reporting obligations, preparing for audits and assessments, compliance deadlines, penalties for non-compliance, possible control measures, ...

3) The actual practice

Lecturers: Steven Godfroid, Senior Security Consultant Cegeka, and Werner Vanhorenbeeck, IT manager Meco Group NV  [Dutch] 

• Recent (best) practices for implementing cybersecurity - and specifically NIS2 - measures
• Incident response planning and management in practice
• Sector-specific considerations: real-world case studies and testimonials from different sectors (e.g., finance, healthcare, energy)

This programme is organised by PUC - KU Leuven Continue and the IT working group.

Date and location

Thursday 14 November 2024; 14:00-17:30.

KU Leuven, Campus Rabot (Gebroeders de Smetstraat 1, 9000 Ghent).

Registration and payment

The registration fee is 250 euro. For the second participant of the same organisation, a discount of 20% is applied. The same holds for alumni of our cybersecurity excellence series.

The deadline to register online is 5 working days before the session.

Pay by bank transfer to account number IBAN BE31 2850 2133 2955 of PUC - KU Leuven Continue, stating '400/0026/56122 + name of participant(s) and do not receive an invoice. 
If you would like an invoice, please indicate this when registering. 

NEW: SME-wallet: Increased support for energy transition and cybersecurity

Starting April 1, 2023, small and medium-sized enterprises (SMEs) can receive a higher percentage of support for training or advice within the theme of 'cybersecurity'. Small enterprises will receive 45% support, while medium-sized enterprises will receive 35%.