Dirk Marichal

First conference of the year for me at the CIO Technology Outlook 2026 in Antwerp. Ironically, the local hospital had been hit by a ransomware attack in the morning, I talked about how to prepare for the day +1 after the attack. Training your team to recover critical applications will keep your business running, this should be a top priority project on your bucket list, don't push it to next quarter, it could be too late. 🟣 Commvault can help with the technology, but you need to define your recovery plan based on your own requirements.

55

4 Comments

We're live at https://lnkd.in/ekQDSAGN! Today we're proud to announce the launch of OpenSource-Enterprise, a joint service of Linux Belgium and Mind. For over two decades, Linux Belgium has been delivering Linux training, consultancy, and 24/7 support. Mind has spent 24+ years building deep expertise in embedded OpenSource consultancy and development. Now, we're combining forces under one banner to help enterprise organizations design and run modern infrastructure with the reliability large environments demand. Why now? The enterprise landscape is shifting. Organizations are rethinking their infrastructure stacks, moving away from proprietary lock-in toward open standards. That shift needs a partner who's been in the OpenSource trenches since day one. What we do:  - VMware-to-Proxmox migrations: assessment, PoC, staged cut-over, rollback - Kubernetes, platform hardening, observability, lifecycle management - OpenSource AI infrastructure: LLM hosting, GPU scheduling, RAG pipelines - OSE Academy: hands-on training for Proxmox, Kubernetes, AI infra, and more Security by default. Open standards always. Whether you're planning your first migration or scaling a full OpenSource platform, we're here to make it happen. https://lnkd.in/ekQDSAGN #OpenSource #Enterprise #Linux #Proxmox #Kubernetes #VMware #Infrastructure #CloudNative #AI #OpenSourceEnterprise #LinuxBe

18

1 Comment

This week, I was contacted by several media outlets, including VRT NWS and De Tijd, to provide context on the cyberattack on AZ Monica. To be clear: Secutec is not involved in this incident. Following the attack, our team at Secutec investigated how the breach could have occurred and what it means for other hospitals in Flanders. We found that an external service provider, which is also used by three other Flemish hospitals for patient registration, had access to the hospital’s network - a situation that carries inherent risk. Through a security vulnerability, our cyber experts were able to access the data of more than 70,000 patients across those three hospitals. The exposed data included names, addresses and national registration numbers - the same information found on an identity card. While the data was not stolen by criminals, testing showed that attackers could in fact have obtained it. The vulnerabilities have since been closed. This case demonstrates how even well-protected organisations can be vulnerable when external partners are granted access to sensitive systems. That is why continuous monitoring and a robust backup strategy remain essential, especially in critical environments such as healthcare. 📰 Following the initial interview, VRT NWS has published an update with further insights 👉 https://lnkd.in/esAHayfR video: ©VRT #VRTNWS #CyberSecurity #Ransomware #CrisisManagement #CyberAwareness #SecureSIGHT #oneplatform

418

10 Comments

Citymesh partners with Inetum for Stad Brugge LAN infrastructure upgrade Citymesh is proud to partner with Inetum on the new LAN network infrastructure framework for Stad Brugge, a project worth up to €50M over six years. We provide enterprise-grade LAN hardware, installation, monitoring & management software, embedded tools, and consultancy, helping local authorities build reliable, scalable, and secure networks. “Strong networks are the backbone of modern digital services. Together with Inetum, we help public organizations strengthen their digital capabilities,” says Petra Vandamme, Team Leader Public & Education at Citymesh. 📰 Read the full article: https://lnkd.in/eWYejCEB #Citymesh #Inetum #LANInfrastructure #DigitalTransformation #PublicSector #Networking

49

Today is Anti-Ransomware Day. A moment to pause and reflect on one of the most persistent and damaging cyber threats facing organizations all over the world. Our Dark Web monitoring reveals that in 2024 alone, data from at least 45 Belgian companies has been published on leak sites. The vast majority of these victims are SMEs. At least 1.35 terabytes of data was stolen, and these numbers only reflect the known cases. The real impact is likely much greater. We released these findings today to raise awareness of the growing risk of ransomware attacks. A sincere thank you to Data News, Het Laatste Nieuws, Solutions Magazine and other media for publishing these stats and helping raise awareness. Because awareness is the first step toward resilience. Also a special thanks to Simen V., our Strategic Advisor, for leading this research and analysis. Read the articles here: 🔸https://ow.ly/5tfI50VQYVW 🔸https://ow.ly/lngg50VQZu0 🔸https://ow.ly/7n6h50VQZvL 🔸https://ow.ly/npAh50VQZz0

44

Attending #BeCyber today, organized by Belgian Cyber Security Coalition, I had the chance to join an interesting panel — “Cloud sovereignty: can Europe rise to the challenge?” — moderated by Ulrich Seldeslachts (LSEC - Leaders In Security). What struck me most was how sovereignty is no longer a purely technical or compliance debate. It’s about geopolitics, strategic autonomy, resilience, and trust — the foundation for innovation in Europe. The panelists — our colleague Florence Steenackers, Jelle van den Wijngaard, Pascal ROGIEST, and Pascal Steichen — shared thoughtful, pragmatic perspectives: • An "full vertical" European alternative cloud does not exist yet • Sovereignty means protecting both confidentiality and availability of Cloud services and data • Migration to European Cloud is a trade-off: sometimes accepting fewer features for greater independence. • True progress comes from risk-based, step-by-step approaches — hybrid models, consider migrating sensitive services first. • Fully sovereign, disconnected infrastructures have their place for critical data (defense, health, and other critical sectors). Florence Steenackers to add: "At Approach Cyber, we see this every day — our clients want to protect and innovate at the same time. The key is staying pragmatic while keeping sovereignty at the core of resilience."

76

2 Comments

A 2026 report from Aikido Security a Belgian cybersec startup founded in 2022 (AppSec / DevSecOps space), called "State of AI in Security & Development 2026" ( 🛜 https://shorturl.at/ezg7M), ran by Sapio Research on their behalf and focused on 450 full-time professionals across Europe and the US (150 developers, 150 security leaders / CISOs, 150 AppSec engineers) has pointed out in my opinion several aspects systematically underestimated, ignored or "postponed": ➡️ No staff to understand the risk surface, a massive asymmetry of expertise; ➡️ Risk "gets reframed" because the benefit is immediate and measurable (the ROI Messiah...). The less you look, the safer you feel. ➡️ "It happens to others" bias, as part of human nature, but should not happen to an organization think they are average-to-good until an incident proves otherwise (same logic that makes people skip insurance makes teams skip governance); ➡️ Accountability is intentionally blurry but if the "shared responsibility" sounds mature, it often means "no one owns the last mile" (e.g. CISOs believe developers own the code quality. Developers believe the CISO owns the risk); ➡️ Tool theatre replaces control = it moves the governance from far away and collapses up close; ➡️ Metrics reward throughput, not resilience; ➡️ False positives train bad behaviour. Security debt is invisible until it is not, vulnerabilities are latent liabilities and I have a few more points for a whole episode of Two Humans in The Loop (https://shorturl.at/rGVxm) with Valerio Porcu but let's be now focused on the major takeways of this 52-page report: 🔺 69% of organizations have "uncovered vulnerabilities introduced by AI-generated code" ad 1 / 5 suffered a serious incident directly tied to it; 🔺 53% blame security teams for missing issues, while 45% blame the developer who has written the code; 🔺 Half of respondents (developers) believe they’d be blamed if AI-generated code they used introduced a vulnerability; 🔺 96% believe AI will one day write secure code but only 21% think it will do so without human oversight; 🔺 73% still rely on manual reviews for AI-generated code. 🔺 Europe reports fewer incidents (20% vs. 43% in the U.S.) but more near-misses (53% vs. 40%); 🔺 U.S. teams use more AI-generated code (77% vs. 35%) and track it more rigorously. "Al-generated code shouldn't be fully trusted, since it can cause serious damage. This is a reminder to carefully double-check its outputs" Natalia Konstantinova, Global Architecture Lead in AI, BP Ethics and governance must become first-order concerns in AI-driven security programs, not afterthoughts because without them, organizations risk not only breaches but also loss of trust, compliance failures, ethical erosion in their engineering cultures as pointed out with the P.A.L.O.'s approach: https://lnkd.in/eXJ_XCvx #ArtificialIntelligence #AI #AIRisk #Development #CISO #CyberSecurity #CyberSec #PALOFramework #AIGovernance #AIEthics

29

5 Comments

On 12 September 2025 the #DataAct entered into force. Beltug hopes there will be a serious improvement on porting and switching cloud providers. Claude Rapoport, our President was a very active member of the Expert Group from the European Commission, preparing Standard Contractual Clauses which can be used to benefit from the possibilities the Data Act offers. You find the SCCs and the programme of the information session we organise on 16 October on our website: https://lnkd.in/eJs_xYk8

36

When Pieter Klijs, CVO ICT Manager, needed stronger threat detection, he and partner Tredion turned to Barracuda. The result? A cloud account takeover detected and resolved within days of deploying Barracuda Managed XDR. Read the full case study. http://cuda.co/ccscvot #BarracudaONE #ManagedXDR #Cybersecurity

18

Standing still is moving backwards; that’s why we continuously innovate with emerging technologies to help our customers stay ahead of cyber threats. I’m proud to share that Inetum Belgium is partnering with Delinea to enhance our cybersecurity offering. Our business unit is integrating Delinea’s cloud-native Privileged Access Management (PAM) platform into our portfolio to support Belgian organizations in securing privileged access with simplicity and scale. 🔐 Why it matters: * Centralized control over admin credentials and API tokens * Automated password rotation and full audit trails * Secure remote access without the need for a VPN * Tailored for sectors like healthcare and businesses with external or hybrid teams This partnership is a perfect example of our strategy to combine usability and scalability, while making cybersecurity more accessible to Belgian businesses. 📖 Full article via ITdaily: https://lnkd.in/epKiqk-X #Cybersecurity #PAM #Delinea #Inetum #IdentitySecurity #ZeroTrust #DigitalSecurity #CyberResilience #EmergingTech #BusinessUnitCybersecurity

32