EY advised FEops to follow a cybersecurity improvement program that it offers through its partnership with Flanders Innovation & Entrepreneurship (VLAIO). “It’s a fact that cybersecurity is a process that must be continuously monitored and refined. At the kick-off, EY collected information about the existing cyber situation through a series of interviews. After an interim report, EY conducted penetration tests with specialists (ethical hackers) who attempted to penetrate the FEops network. EY then produced a report with a detailed list of the aspects that could be improved”, says Peter Mortier. And he continues: “It was quite refreshing and instructive for us to receive an overview of our cybersecurity maturity from an external partner.”
After this, EY advised on the implementation and follow-up of the actions in the report, to further integrate cybersecurity into business operations. This involved creating a risk register with associated ISMS manual and control measures based on ISO 27002:2022, further clarifying the technical shortcomings to help mitigate, and optimizing incident management whereby a procedure was drawn up to ensure the continuity of activities.