At DNS Belgium we are not only working for a reliable and safe Internet infrastructure. We want as many people as possible to be internet-literate and, for example, to be able to distinguish reliable from false information. To achieve this, it is necessary to make people aware of cyber security. We think this is important and therefore work together with the Cyber Security Coalition (CSC), among others. Arnaud Recko will be answering our questions, he is the sustainability coordinator at DNS Belgium and an active member of the cyber security awareness focus group within the CSC.
Why is our collaboration with the Cyber Security Coalition (CSC) important?
It is nice to work with a number of partners and stakeholders towards a common goal: making the Belgian Internet more secure and continuously reducing the impact of cybercrime. Together with its members, the Cyber Security Coalition makes the Belgian Internet user even more resilient.
The connection between people within our community makes more things possible. As a stand-alone organisation, that is often harder. The impact of our actions depends on the support of our members. DNS Belgium is one of our most active members and therefore of great added value.
How does this cooperation with an organisation like the CSC contribute to our sustainability policy?
It is our job to provide a stable and secure .be zone. Put more simply: we make the Belgian Internet (including .be websites) accessible. Unfortunately, cybercriminals abuse this service. We feel it is our duty to protect as many Internet users as possible from this by disseminating knowledge and information campaigns. This also fits in with our sustainability strategy.
Our sustainability policy is based on a number of principles and standards. We look at the UN's sustainable development goals, among others. One of the main goals within our sustainability strategy is to be a leader in the field of security. With SDG 17 in mind, we enter into various partnerships to achieve this CSR objective. By working together we achieve more, that is also my experience within the Cyber Security Coalition. We learn from each other and exchange experiences. All with the same goal: making the Belgian part of the Internet more secure.
Do I understand correctly that the partnership with the CSC is not limited strictly to cybersecurity?
The cooperation covers several areas. Kristof Tuyteleers already told us more about the technical aspect of cybersecurity within the CSC. I myself am a member of the 'cyber security awareness focus group': we raise awareness within the business world about the importance of cyber security. Especially in SMEs there is still a lack of knowledge about this, according to our data. The tools or campaigns that we develop always focus on the human factor and prevention. Preventing employees (and therefore companies) from becoming victims of online abuse by providing them with sufficient information. You can take all possible technical and legal measures to combat cybercrime, but that is not enough. It's always about people. Your colleague, your boss, your partner, your child: human actions determine how safe your online environment is. Think of double-used passwords, clicking on phishing mails, programming errors, not installed software updates, etc.
Within the working group, we do not only exchange experiences. At the moment, for example, we are working with a number of parties on gamification and cybersecurity. We are looking into whether we can brush up people's knowledge of cyber security fundamentals in an alternative way via serious games and gaming methods.
What other awareness-raising activities is the Cyber Security Coalition undertaking?
The CSC has already realised great things in the field of cyber security awareness: an interactive e-learning tool (or quiz) that tests your knowledge on phishing, strong passwords, social engineering or GDPR, a security scan for SMEs, a free basic course on cyber security, etc.
The Cyber Security Coalition is also a permanent partner for the annual cyber security campaign of CERT/Safe On Web. The CSC contributes to this campaign both financially and in terms of content. From DNS Belgium, we also provide structural support for this campaign and we help to increase its impact. After all, the topics closely match our focus on the safe internet and domain names. Our support for the campaign is also one of the sustainability actions within the Voka Charter for Sustainable Enterprise. Topics of the previous campaigns included Two-Factor Authentication and Phishing.
What have you learned from working with the Cyber Security Coalition so far?
It is a good forum to get to know the players within the cyber security landscape in Belgium. We have already benefited from this. Within the CSC we proposed our own campaign on cyber security, which was picked up and shared by a number of other organisations. We have a network we can build on and we are increasing our reach through them.
When we presented registrar verification plans, banks alerted us to the possibility of 'domain name mules': people who lend their identity data to criminals in order to register domain names. In the financial world, there have long been cases of people lending their bank accounts to criminals in order to move money around. Naturally, we gladly take such feedback.
For the CSC itself, it was very interesting to find out what security measures we take to remove malicious domain names from our .be zone.
The CSC also offers training courses. Personally, I found the 'Cyber security awareness & culture management' course very useful. That is quite a mouthful, but it is an enlightening course about the threat landscape, who the main actors are, what you can do in terms of communication and prevention and how you can influence people's behaviour so that next time they don't click on that suspicious e-mail. A course for everyone who wants to make his/her company more cyber-secure.