Welcome to LSEC, an internationally renowned Information security cluster, a not for profit organization that has the objective to promote Information Security and the expertise in BeNeLux and Europe. Founded by the University of Leuven (K.U. Leuven), supported by European Commission FP7 and leading a unique PAN European Private partnership that interacts with Public Institutions, LSEC connects security industry experts, research institutes and universities, government agencies, end users, funding bodies and technical experts who are driving national and European research agendas. LSEC activities aim to raise cyber security awareness, support innovation and competitiveness of the European IT- Security market and promote the visibility of its members.
A day of CSA (Cloud Security Alliance) Belux and LSEC Cloud Security. From vulnerability assessements best practices (Toreon) in the cloud to secdeveops and agile (Bitsensor). From containers and kubernetes developments and their security management challenges (Trend Micro) to key management and hardware keys (ATOS), from Cloud Act to GDPR Code of Conduct (CSA) and Cloud Services Providers certification (TimeLex & LSEC). From cloud application governance (KBC) to layer seven solutions encapsulating all security risks (Symantec). The cloud is omnipresent and not caring is being plain ignorant on some of the most exciting current security developments and related opportunities. Take a look at the perspectives presented on May 14th in Brussels at the Vandervalk Hotel in Diegem.
For an overview of the day and presentation, including a way to contact the presentors and participants, take a look on the day page.
In 2019 customers and partners should be presented one single interface to all of the backend systems of their services providers. They should be able to choose between the different multifactor applications they have, whenever they want and whereever they are. Back and identity and access systems should be agnostic about this and should be ready to be distributed, decentralized, utilising OTP (one time password) and MFA (multifactor authentication) or step up authentication. Not only customers, but systems should be able to provision the complexity of devices, systems, applications and other services. Technologies, expertise and experiences exist to support this in order to reduce digital identity theft, malicious access attempts and still reducing the burden of the customer access control. Identity and Access in the 21st centurt support the digital transformation of organizations, systems and technologies in a seamless way. Financial institutions organize themselves to reduce the administrative burden for their business customers (Isabel) by facilitating KYC (know your customer) amongst themselves, and the respective mandates for financial services. Technologies (Forgerock) support the ease of the single customer accessing multiple legacy back-end services seamlessly. Decentralized and distributed authentication, identification are being made possible (Trustbuilder and KEYP) going towards Zero Knowledge Proof and reducing the burden for personal dataprotection, and providing seamless multifator possibilities. Proving compliance and controlling access throughout multiple systems and cloud environments (Brainwave) for management, audit and DPO can be made easy. Multifactor authentication and OTP increase the security levels, but technologies have lowered the barriers for customers to use them (InWebo). With developments in industry (IDSA) this won't be limited to data interactions within an organization. Walls are being teared down to access company confidential data. A short impression of a day at the races of the LSEC Digital Identities Forum 2019 held on April 25th in Brussels at the Vandervalk Hotel in Diegem.
For an overview of the day and presentation, including a way to contact the presentors and participants, take a look a the agenda at a glance.
Almost 1 year after the full activation of the GDPR, we take a look back on the past year with experiences and best practices. But more importantly we look forward together with the new Belgian DPA and their respective new members, as well as with the Vlaamse Toezichtshouder. We consider the impact both on private industry and public authorities and their related organizations. We look into things such as data subject requests, too much consent and the clickawaycookie mentality. Joined by a number of professional support organizations and dedicated technology providers, the GDPR Salon offers not only key insights and learning, but access to expertise and partners in supporting the transformation process. Join us in celebrating Willem De Beuckelaere and Minister Philippe Debacker for their respective leaderships and handovers to their successors.
Join GDPR Salon on Friday May 24th. Following the link to https://gdprsalon.be supported by LSEC, Privacysalon, VUB, VVSG and Koaach, supported by the Belgian DPA and under the pattronage of the Belgian State Secretary for Privacy.
The AI4Business Summit challenged us to present an overview on the state of play of the use of Artifial Intelligence in the Cybersecurity Industry. By positioning Cybersecurity in the context of Risk Management and Security, AI is being utilized already in many defense and security applications such as law enforcement and military robots and increasingly in our home office and business environments. The Cybersecurity sector itself has been applying AI and Machine Learning techniques already for nearly two decades now. With today's 240+ billion Security events happening on a daily basis, there is no longer any human capacity capable of handling these challenges. Next to automation, big data and data analysis, patterns are being recognised and alerted. These tools became the basis for the current Cybersecurity Industry major players such as McAfee, Black Carbon, Crowdstrike, IBM, ... Capturing data from different sensors is the basic premise, utilizing ML, AI in various mechanisms applying mathematical models to investigate security incidents and detect new forms of malwares, detecting the impact on major and smaller European enterprises and supporting the malware analysts in their daily operations. But equally intelligent were the malversaries by utilising AI techniques to detect the weakest links, assess when the time is right to strike into specific platforms or support local R&D teams finding the next vulnerabilities on the basis of automated detection. We've also indicated how AI is being used to evade detection and prevention techniques, or how criminals today use data to actually master the lack of capabilities from law enforcement in a certain region. We've also positioned developments such as Deep Fake to indicate its potential impact on both the use of NLP, and its use in phising campaigns, convincing target about their welwilligness to support. Our journey ends where we started: indicating the potential for robots, but by indicating their lacking cybersecurity postures and indicating potential impact from AI, it will be a long and windy road.
Understand how AI can be supported in your concept case, and become inspired by the key learnings on algorithms, collecting data,
For more information visit the
LSEC offers Cybersecurity companies targeting to start and grow their business in Europe a soft landing platform. LSEC is a European cybersecurity cluster, based in Flanders – Belgium, a central European hub to easily reach all major cities in Europe. The cluster brings together expertise from supply and buy side, from research and policy. Active since 2002, LSEC has matured over 200 companies in the region over the last decades. As a spinoff of the KU Leuven university, it is closely linked to world class research in application security, crypto, embedded and industrial security and legal practice.
LSEC has supported companies like Guardsquare, Palo Alto Networks, Intrinsic-ID, Silensec, ... and over 300 other companies over the last decade getting spotted, supported and migrating from their inception sExpertisees through the valley of death, becoming unicorns and cybersecurity leaders. LSEC connects people, searches for solutions amongst technologies and supports entrepeneurs and companies in realizing their vision.
For more information visit the Global EPIC Soft Landing program and get in touch for your first steps in Europe.
LSEC and 3IF.be are Digital Innovation Hubs and Centres of Excellence in Cybersecurity and Digital Transformation for Manufacturing in Europe and have started expanding their expertise into the highly impactfull domain of robotics. Robots are widely used in industrial production environments and increasingly in logistics, healthcare and home appliances. Most of the traditional robot systems are being operated by a PLC and / or a specific robot controller. But even while being isolated in industrial networks, these machines are not free from harm. Both human safety and product quality are at stake. But more increasingly flexible, autonomous and versatile robots have entered in to the industrial domain. Collaborative robots are being released from their cages and put in close cooperation with humans. That positive trend also sees a significant decline in cost for robotics. Partially thanks to the availability of standard technologies and the interconnectivity of the robotic systems. But most of the robotic systems lack a fundamentel cybersecurity posture. LSEC and 3IF.be have joined TRINITY as part of the Digital Transformation program of the European Commission, bringing together Cybersecurity experts and robotics experts and improving the overall cybersecurity gesture of robotic implementations. For more information please visit the 3IF.be website. Part of this program is an open call that will open 2nd half of 2019 for innovative robotic projects to take place. The activity will be widely discussed at the upcoming European Robotics Forum (ERF) 2019 in Bucharest. More information and presentations can be found on the Cybersecurity for Robotics page.
The annual Cyber Threat Intelligence (CTI) event is organzed by LSEC for a selected group of Cyber Security officers and intelligence experts. This year again it took place at the IBM Executive Briefing Center in Brussels with experts from the Royal Military Academy, ENISA, CERT.BE, EclecticIQ, SPLUNK, IBM, FIREEYE and the AI Lab of the Free Brussels University (VUB). There is a continuous growth in incidents and cyberattacks taking place, for which organizations will increasingly have to ensure to strenghten their cyber intelligence and resilience in order to cope with incidents. The management of incidents requires advanced skills and a strong network of peers and partners. Presentations have been made available for download from the program page, on the LSEC website.
On June 12th, 5G World was organized in London in the Excel. Developed as KNECT365, LSEC presented a perspective on developments of IoT vs 5G having in mind various developments.
Afterwards LSEC hosted and moderated the panel discussion with O2 (Telefonica UK), Mavenir and King's College London.
The presentation can be downloaded, upon registration to the LSEC website.
May 25th, a historical day we've celebrated considering GDPR as a piece of cake. LSEC kicked off the official starting date of the GDPR (General Data Protection Regulation) offering its constuency experiences, technology and birthday cake. ForgeRock presented some considerations on using the core identity as the main architecture also for data protection. During the cases by FireEye, Excellium Services and BNP Paribas Fortis various views and perspectives were presented on how the transition has taken place, what the current actions and activities were and what the next steps are beyond the transition.
GDPR is a process that started years ago by many, and where adoption will continue over the years to come. Companies and organizations facing multiple challenges and developments. IBM and Symantec presented their ideas on identity, monitoring and data leakage prevention. Bitsensor presented a perspective on managing GDPR with DevOpps and agile in mind. CSI Tools presented a user management perspective from their experience in governance control for ERP-environments. Debates were held around ethics with Cathrin Sondergraard, future challenges, the state and development of the regulator. Ulrich Seldeslachts pointed to the challenging messages presented by the different DPA and the speed of ttransforming into national laws.
If you missed it, presentation materials are now available for download from GDPR Birthday Event page or look for the 2018-05-25 event on the activities.
April 26th, LSEC - and the Belgian Cyber Security Coalition (CSC) organised the an Experience Sharing day at the VBO / FEB in Brussels. Main topic was NIS and its developments. Especially for Belgian companies, the development of the NIS Directive which was published in June 2016, being transposed into Belgian law required an update. Thanks to the CCB (Center for Cybersecurity in Belgium), an update was presented on its current "under development" status, as this is the authority of the Belgian regulator. Many ingredients are taken from the Critical Infrastructure Protection (CIP)-legislation. The Operators of Essential Services (OES) have not yet been defined, but the list will be in line with the other Member States. Some indications were in any case presented during the day, some experiences from previous legislations shared amongst the attendees. FireEye opened the day with an overview of the relevance of NIS and Critical Infrastructure Protection from an adversary perspective, still (and increasingly) today. Forgerock presented some of its experiences and best practices from a GDPR perspective. Other talks were focused on the developments of GDPR (Jan Leonard of Orange Belgium and Willem De Beuckelaere of the developing Belgian DPA). Some a somewhat more practical challenging and concerns perspective, the other a somewhat more at ease point of view.
If you missed it, presentation materials are now available for download from NIS, GDPR and PSD2 in Practice, LSEC & the Cyber Security Coalition page or look for the 2018-04-26 event on the activities.