Freddy Dezeure

Freddy Dezeure

Don't hide the risk, 
manage it.

01

Consultancy Services

Support on Strategic Level

  • Supporting an organisation to design their own cyber risk model and integrate it within existing business risk processes. Helping to implement a Cyber Security Framework.
  • Supporting an organisation to design a cyber crisis response plan.
  • Supporting the CISO/CIO of an organisation to review their cyber security strategy/plan, to design a cyber risk reporting mechanism and KPIs.
  • Supporting an organisation to identify and validate new suppliers, partners or customers in the cyber security space.
  • Supporting the practical implementation of GDPR and NIS legislation.
  • Delivering on site training and awareness raising to C-Suite and/or Board Members, including an interactive table-top exercise using a bespoke scenario.
  • Training the trainers, providing training material for end-users and administrators.

Support on Tactical Level

  • Briefing the technical leadership team on recent developments in the threat landscape, tools, techniques and provide feedback on security policies and security infrastructure plans.
  • Designing and producing an in-house Cyber Security Brief, summarising relevant recent cyber incidents and developments in tools and techniques.
  • Participating in design and implementation projects with respect to IT security, the setting up of SOCs, CSIRTs or cyber threat intelligence fusion cells.
  • Supporting an organisation to identify and establish relationships with specialised skills or resources.
  • Supporting an organisation to understand and implement the MITRE ATT&CK Framework.

Support on Technical Level

  • Supervising or supporting response to large-scale cyber incidents.
  • Supervising Red Team exercises and vulnerability assessment activities to determine weaknesses in the resilience and propose improvements.
  • Providing advice on the implementation of critical preventive controls.
02

Cyber for C-Suite

This training raises cyber awareness at the C-Suite and Board level and provides tools to manage the cyber risk in an integrated manner. The content is focused on the needs of Senior Executives and is conveyed in a language they understand. It is delivered in a session of half a day and it can be combined with a bespoke, interactive, table-top exercise. The training can be provided on premise and could be integrated with an in-house brainstorming on cyber risk and mitigation.

01

The Threat Landscape

An overview of the current threat landscape and insights in the expected evolution in coming years, based on advancements in technology, business processes and adversaries. What motivates your adversaries and which methods do they use? Assume breach and prepare well for the moment it happens.

02

Cyber Risk – Business Risk

A primer on cyber risk management and what a CEO really needs to know about it. About protection through understanding the key assets of the organisation and their risk of being compromised. How to integrate the cyber risk into the business risk? About Frameworks and critical preventive controls and managing the risks instead of hiding them.

03

Organise - Monitor

What to expect from your CISO? Do you want the cyber risks to be made visible to you or taken care of for you? Where to position the CISO in your organisation and what resources to allocate? Which are the KPIs and reporting mechanisms you should expect? How to set up intelligence, prevention, detection and response mechanisms, processes and systems? How to recruit and retain specialised cyber staff in an extremely competitive environment?

04

Leading through a cyber crisis

Have a crisis response plan before the crisis hits. Who is in the lead, who participates? How to behave during the crisis? Comply with relevant regulations (NIS, GDPR, sectorial aspects). When and how to report? Cooperation with law enforcement: opportunities and pitfalls. What and when to communicate with your staff, your clients, the press ?

05

Your Digital Footprint – Why Does It Matter?

A session on personal IT hygiene and managing your (and your executives’) social media footprint. How to be secure while travelling? How to safeguard your devices, your data and your credentials? With practical guidance based on the actual footprint of the participants and recommendations for mitigation.

03

About

Very experienced senior security executive with a strong track record in cyber security operations, policy, technology and risk management. Extensive operational management experience, both in line and support functions. Highly successful in setting up, managing and growing new departments in a complex international organization. Strong experience in supporting private and public organisations in improving their cyber risk management at strategic level. Hands on experience with high tech, research and entrepreneurship.

Recognized thought leader in security, risk and privacy. High level of peer recognition and access to a very extensive network in the cyber security community. Sought after speaker at conferences, sharing best practices in threat intelligence, SOC operations, prevention programs, risk management, privacy.

Since June 2017

CEO of Freddy Dezeure BVBA

Independent consultant, advising private enterprises and governments to improve their cyber resilience and cyber risk management. Trusted Advisor. Board Member and Advisory Board Member in cyber security start up companies (Eclectic IQ, Phantom Cyber, SpyCloud, Intel471, Cmd).

2011-2017

Head of CERT-EU

Setting up and managing the European Union Computer Emergency Response Team, protecting 60+ EU-level governmental entities in 28 countries with more than 100.000 users.

2007-2012

EC DG INFSO Head of External Audit

Managing a Unit of financial auditors, verifying the compliance of EU research project funding in the area of Information Society.

1996-2007

EC Joint Research Centre (3000 scientists)

Various management functions including COO and CRO, managing finance, human resources and research programme, internal audit, quality management, intellectual property management and technology transfer.

1987-1996

EC Directorate General Human Resources

Various functions in IT management and human resources management.

1982-1987

ETAP NV

CIO in private industry.

04

Events and Talks

FUTURE EVENTS

20 September 2019 | Luxembourg | European Convention Center Luxembourg

Auditing cyber security risk: from nuisance to impact

About this event Save the date
05 November 2019 | Brussels | Private event

CERT-EU Conference: The threats are changing, so are we.

14 May 2020 | Zurich | SIGS Technology Summit

Frameworks, Mappings, Metrics

PAST EVENTS

13 June 2019 | Zurich | SIGS Technology Summit

ATT&CK in practice - a primer to improve your cyber defence

13 May 2019 | Lausanne | Private event.

Ethical dilemmas during technical reaction

09 May 2019 | Brussels | Eurocontrol

EU MITRE ATT&CK User Group: Organiser and Chair

07 May 2019 | Munich | Information Security Hub - Munich Airport

ISH Conference: How to set up your defence?

05 March 2019 | San Francisco | Moscone Conference Centre

ATT&CK in practice - a primer to improve your cyber defence

31 October 2018 | Zurich | Private event

UBS Cyber Risk Conference: Keynote speaker

19 October 2018 | Luxembourg | Alvisse Parc Hotel - 120 Route d’Echternach, 1453 Luxembourg

EU ATT&CK User Group: Organiser and Chair

12 October 2018 | Torino | Private event

Magneti Marelli General Affairs Symposium: Keynote speaker

02 October 2018 | Vancouver |

Ready Room Briefing

24 May 2018 | Luxembourg | Private event

ATT&CK in practice workshop: Organizer and Chair

16 April 2018 | San Francisco |

RSA Conference - 10 pitfalls to avoid in GDPR

15 March 2018 | Munich | Private event

Siemens CERT Anniversary Conference - Keynote

21 February 2018 | Lint | AED Studios

Infradata Summit - What makes 'Threat Intelligence" intelligent?

05 February 2018 | Hamburg |

TFCSIRT - GDPR and your SIEM

07 December 2017 | Zurich | Private event

UBS Cybersecurity Conference - Keynote

29 November 2017 | Roosendaal |

VNDELTA - Cyber Security in Ports , Business as Usual? - With Lokke Moerel

24 November 2017 | Dublin |

IDC CISO Summit - Gain and Maintain the Attention of your C-Suite

23 November 2017 | Zurich |

SIGS SOC Forum - Keynote

18 October 2017 | London | Private event

Amazon ZonCon - Keynote

26 September 2017 | Washington |

Splunk .Conf - A day in the life of a GDPR breach

21 September 2017 | Washington |

Phantom Cyber User Conference - Keynote

05 September 2017 | Brussels | Private event

CERT-EU Conference - Keynote

10 July 2017 | Tallinn |

Cyber Security Summer School - Keynote

01 July 2017 | Private event |

Stichting Don fundraising event - Keynote

21 March 2017 | Lake Constance |

DFRWS/IMF - Keynote

05

Contact

Freddy Dezeure

contact@freddydezeure.eu

+32 472 12 57 52

linkedin