Belgium at a Turning Point: Leadership, Liability and the Rise of AI-Driven Cyber Threats**
Brussels, Belgium — At the SANS CISO Network Forum in Brussels, with the Belgian Centre for Cybersecurity (CCB) hosting and SANS’ own Ciaran Martin moderating, Europe’s cyber resilience landscape was placed under a sharp spotlight.
The message was unambiguous: Belgium has made a strong start in cybersecurity uplift, but unclear leadership, weak enforcement, and rising AI-enabled threats are creating a widening resilience gap.
The CCB: 10 Years Young, but Carrying a Heavy Load
The CCB — Belgium’s national cybersecurity authority — marked its 10th anniversary this year. As a governmental institute, its responsibilities have grown rapidly, from incident response to public awareness to national-level coordination.
Today the CCB hosts or supports:
• Cyfun – Belgium’s cybersecurity capability framework
• CSIRT.be – National Computer Security Incident Response Team
• NCCA / NCC – National Cybersecurity Coordination Centers
• ACP – Anti-Phishing Center, receiving 25,000 suspicious emails every single day
Belgium also operates in a wider anti-fraud ecosystem:
• FSMA – financial fraud
• FOD Economie – business fraud & malicious webshops
• Police – scams & impersonation
• FAVV – fake medication operations
It is, as one panelist put it, “a crowded house of cybersecurity guardians.”
“Cyberexperts don’t believe current efforts will make the difference” — Miguel De Bruyckere
One of the most striking statements came from Miguel De Bruyckere, who voiced what many practitioners quietly admit:
“Cyberexperts do not believe that all current efforts will make any difference. The reason? Unclear leadership. Our societal control mechanisms — laws, law enforcement, criminal courts — rarely convict cybercriminals.”
He warned that NIS2 threats are no longer abstract. They are concrete, daily occurrences driven by two fuel sources:
• Nation-state hacktivism
• Organized cybercrime
Monitoring shows:
• 31% of cyberattacks are now stimulated by AI
• 80% of phishing attempts use AI in some form
The Rise of “Bad AI”
Miguel clearly outlined the dangers:
• Lowered skills barrier
• Zero-day discovery acceleration
• Malware engineering & mutation
• Deepfakes and convincing impersonation
• Automated attacks at scale
• Automated victim selection and exploitation
But there is also “Good AI”
• AI-empowered detection
• Intelligent information sharing
• Faster adoption of defense innovation
As De Bruyckere framed it:
“AI is a double-edged sword. Whether it cuts us or protects us depends on how fast we adapt.”
🔎 Panel: Europe – sovereignty and security in the age of AI and cyber contests
Featuring:
Johan Klykens – CCB
As digital threats continue to intensify, Belgium’s national resilience relies on more than technology—it demands clarity, structure, and trust. Few embody this mission more strongly than Johan Klykens of the Cybersecurity Centre Belgium (CCB). Known for his pragmatic approach and ability to translate complex challenges into accessible, actionable guidance, Johan plays a pivotal role in elevating cybersecurity awareness across the country.
Beyond awareness, Johan has been instrumental in shaping Belgium’s NIS2 certification framework, helping define the structures, processes, and criteria that organizations will rely on to demonstrate compliance. His leadership ensures that the certification model is not only aligned with European expectations but also practical, transparent, and supportive of Belgium’s diverse sectors. By bridging regulatory intent with operational reality, Johan creates a pathway that helps organizations move from uncertainty to readiness—strengthening national cyber resilience in a measurable way.
Through his work at the CCB, Johan continues to advocate for a culture where cybersecurity is understood, adopted, and embedded across society. His contributions to awareness, regulation, and certification reinforce Belgium’s position as a proactive leader in European cybersecurity.
Mario Beccia – NATO
In today’s hyper-connected world, NATO’s cybersecurity resilience depends not only on advanced technical capabilities but also on the people who safeguard them. Few embody this human-centric mission more clearly than Mario Beccia, a dedicated cybersecurity advocate within NATO. Through his ability to translate complex cyber-threat landscapes into accessible, engaging, and actionable knowledge, Mario plays a pivotal role in raising awareness across diverse NATO communities.
Whether speaking to military personnel, civilian staff, or partner organizations, Mario bridges the gap between strategic cybersecurity priorities and everyday behaviour. His storytelling, practical examples, and clear guidance empower individuals to recognize risks early, adopt secure habits, and understand how their actions contribute to collective defence. By fostering a culture of cyber vigilance, Mario Beccia strengthens NATO’s broader mission: ensuring that every member—from frontline operators to administrative teams—understands their critical role in protecting the digital frontlines.
Freddy Dezeure – Microsoft
Few leaders have shaped Europe’s cybersecurity landscape as profoundly as Freddy Dezeure, a highly experienced senior security executive known for his exceptional track record in cyber operations, policy, technology, and strategic risk management. With decades of leadership in complex international environments, Freddy has repeatedly demonstrated his ability to build, scale, and guide high-performance cybersecurity functions—both within major public institutions and the private sector.
Recognized globally as a thought leader in security, risk, and privacy, Freddy combines deep technical insight with strategic clarity. His expertise, amplified by a vast international network, makes him a sought-after speaker and board trainer, frequently sharing best practices on threat intelligence, SOC operations, prevention strategies, privacy, and executive cyber risk governance.
Today, as Microsoft Deputy CISO for Europe (since August 2025), he plays a pivotal role in shaping Microsoft’s cybersecurity and resilience strategy for the European market. He supports the CISO in designing and implementing security-by-default principles across products and services, directly contributing to safer digital ecosystems across Europe.
Freddy’s influence extends far beyond corporate leadership. Since 2017, as CEO of Freddy Dezeure BV, he has supported numerous cybersecurity startups as a strategic advisor, mentor, and board trainer—guiding C-suite teams on strategy, product-market fit, partnerships, communication, and long-term cyber resilience. He is also the founder of the EU MITRE ATT&CK User Community, the CISO Metrics Working Group, and co-founder of the Cloud Security by Default initiative, all of which drive knowledge exchange and innovation across Europe.
Johan Klykens (CCB): “Ground control for resilience requires cost-effective measures and honest risk acceptance”
Klykens started with a powerful analogy:
“We accept no loss of life in autonomous vehicles. Yet in cybersecurity, some try to hide behind a smoke curtain of compliance.”
He criticized two recurring issues:
1. Bad risk acceptance
2. Compliance theater (ticking boxes without building real resilience)
Klykens also highlighted Belgium’s data breach investigation approach, where private companies assist the CCB in handling incidents more effectively.
He urged companies to rethink data handling entirely:
“We need creative data strategies. The question is: how do we mitigate the impact of a data breach, not just how do we report it?”
Freddy Dezeure (Microsoft): “Cybersecurity liability is coming — whether organisations are ready or not”
Freddy Dezeure, formerly at CERT-EU and now at Microsoft, emphasized a shift happening behind the scenes:
“Management must adopt liability for cybersecurity. This is no longer optional.”
He noted that:
• Microsoft teams work daily to harden M365 and Azure
• Cloud services are continuously improving cyber defense
• Prevention must be stimulated, incentivized and measured
His call to action:
“Our efforts will only succeed if we work together.”
Mario Beccia (NATO): “Resilience is survival — not uptime”
Beccia brought a strategic, almost existential tone:
“Resilience means: will the company survive? Can a CEO accept 20 days of downtime?”
His view mirrors NATO’s defense mindset: focus on survivability, continuity, and minimal viable operations.
Beccia also called for more targeted defensive efforts to protect critical European infrastructure.
AI’s Impact? Another Technology Wave — According to Klykens
When asked directly about AI’s effect on cybersecurity, Johan Klykens offered a pragmatic, demystifying view:
“AI is just another part of new technology. We’ve seen many.”
But the room understood the implication:
New technology demands new discipline.
Conclusion: Belgium Started Early — and That’s Now Paying Off
The forum ended on a hopeful note.
As Freddy Dezeure put it:
“The future is bright because Belgium started early. Adoption has followed.”
Despite leadership gaps, enforcement challenges, and the rise of AI-powered threats, Belgium has positioned itself as one of Europe’s more proactive and structured cyber nations.
The challenge for NIS2 is clear:
• Turn early adoption into mature resilience
• Replace compliance smoke-screens with real risk management
• Build cross-sector cooperation as threats scale beyond borders
Belgium has momentum.
Europe is watching.
And AI is changing the rules faster than anyone expected.
