Supporting an organisation to define their cyber risk model and integrate it within existing business risk processes. Helping to implement a Cyber Security Framework.
Supporting an organisation to design a cyber crisis response plan.
Supporting the CISO/CIO of an organisation to review their cyber security strategy/plan, to design a cyber risk reporting mechanism and KPIs.
Supporting an organisation to identify and validate new suppliers, partners or customers in the cyber security space.
Supporting the practical implementation of GDPR and NIS legislation.
Delivering awareness raising to all staff, C-Suite and/or Board Members.
Support on Tactical Level
Briefing the technical leadership team on recent developments in the threat landscape, tools, techniques and provide feedback on security policies and security infrastructure plans.
Designing and producing an in-house Cyber Security Brief, summarising relevant recent cyber incidents and developments in tools and techniques.
Participating in design and implementation projects with respect to IT security, the setting up of SOCs, CSIRTs or cyber threat intelligence fusion cells.
Supporting an organisation to identify and establish relationships with specialised skills or resources.
Supporting an organisation to understand and implement the MITRE ATT&CK Framework.
Support on Technical Level
Supervising or supporting response to large-scale cyber incidents.
Supervising Red Team exercises and vulnerability assessment activities to determine weaknesses in the resilience and propose improvements.
Providing advice on the implementation of critical preventive controls.
Partners
02
Cyber for C-Suite and Board
This training raises cyber awareness at the C-Suite and Board level and provides tools to manage the cyber risk in an integrated manner. The content is focused on the needs of Senior Executives and is conveyed in a language they understand. The training can be provided on premise and could be integrated with an in-house brainstorming on cyber risk and mitigation.
01
The Threat Landscape
An overview of the current threat landscape and insights in the expected evolution in coming years, taking into account advancements in technology, business processes and adversaries. What motivates your adversaries and which methods do they use? What do they target and what could be the impact for you?
02
Cyber Risk – Business Risk
A primer on cyber risk management and what a CEO really needs to know about it. About protection through understanding the key assets of the organisation and their risk of being compromised. How to integrate the cyber risk into the business risk? About Frameworks and critical preventive controls and managing the risks instead of hiding them.
03
Organise - Monitor
What to expect from your CISO? Do you want the cyber risks to be made visible to you or taken care of for you? Where to position the CISO in your organisation and what resources to allocate? Which are the KPIs and reporting mechanisms you should expect? How to set up intelligence, prevention, detection and response mechanisms, processes and systems? How to recruit and retain specialised cyber staff in an extremely competitive environment?
04
Leading through a cyber crisis
Have a crisis response plan before the crisis hits. Who is in the lead, who participates? How to behave during the crisis? Comply with relevant regulations (NIS, GDPR, sectorial aspects). When and how to report? Cooperation with law enforcement: opportunities and pitfalls. What and when to communicate with your staff, your clients, the press ?
05
Your Digital Footprint
Personal IT hygiene and curating your social media footprint. How to be secure while travelling? How to safeguard your devices, your data and your credentials? With practical guidance based on the actual footprint of the participants and recommendations for mitigation.
Very experienced senior security executive with a strong track record in cyber security operations, policy, technology and risk management. Extensive operational management experience, both in line and support functions. Highly successful in setting up, managing and growing new departments in a complex international organization. Strong experience in supporting private and public organisations in improving their cyber risk management at strategic level. Hands on experience with high tech, research and entrepreneurship.
Recognized thought leader in security, risk and privacy. High level of peer recognition and access to a very extensive network in the cyber security community. Sought after speaker at conferences, sharing best practices in threat intelligence, SOC operations, prevention programs, risk management, privacy.
Since June 2017
CEO of Freddy Dezeure BV
Independent advisor supporting private enterprises and governments to improve their cyber resilience and cyber risk management. Board Member and Advisory Board Member in multiple cyber security start up companies. Trusted Advisor and Mentor. Community contributor.
2011-2017
Head of CERT-EU
Setting up and managing the European Union Computer Emergency Response Team, protecting 60+ EU-level governmental entities in 28 countries with more than 100.000 users.
2007-2012
EC DG INFSO Head of External Audit
Managing a Unit of financial auditors, verifying the compliance of EU research project funding in the area of Information Society.
1996-2007
EC Joint Research Centre (3000 scientists)
Various management functions including COO, managing finance, human resources and research programme, internal audit, quality management, intellectual property management and technology transfer.
1987-1996
EC Directorate General Human Resources
Various functions in IT management and human resources management.
