Reference

Cybersecurity & Compliance Glossary

Plain-English definitions of the terms Belgian and EU regulated organizations encounter in NIS2, GDPR, ransomware, and forensics contexts.

NIS2 · NIS2 Directive

EU Directive 2022/2555 on a high common level of cybersecurity across the Union. Replaces NIS1, expands scope to many mid-market and critical-service organizations, and sets risk-management, incident-reporting, and governance obligations.

GDPR · General Data Protection Regulation

EU Regulation 2016/679. Sets the rules for processing personal data, requires 72-hour supervisory-authority notification of breaches likely to result in risk to individuals, and underpins most European privacy obligations.

CCB · Centre for Cybersecurity Belgium

Belgium's national authority for cybersecurity. Acts as supervisory authority for NIS2 in Belgium and publishes the CyberFundamentals framework.

CyFun · CyberFundamentals

CCB tiered cybersecurity framework (Small, Basic, Important, Essential). Maps to ISO 27001:2022 Annex A and to the NIST Cybersecurity Framework; used by Belgian organizations to evidence baseline controls.

DPA · Data Protection Authority

The supervisory authority responsible for enforcing GDPR in a Member State. In Belgium: the Gegevensbeschermingsautoriteit / Autorité de protection des données (APD/GBA).

Personal Data Breach

Under GDPR Article 4(12), a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to personal data.

72-Hour Rule

GDPR Article 33 requirement to notify the competent supervisory authority of a personal-data breach within 72 hours of becoming aware, unless the breach is unlikely to result in risk to individuals.

DFIR · Digital Forensics and Incident Response

The combined discipline of preserving and analysing digital evidence (forensics) and containing, eradicating, and recovering from a cyber incident (incident response).

Chain of Custody

The documented, unbroken record of who collected, handled, and stored a piece of evidence — a prerequisite for admissibility in legal or regulatory proceedings.

Double Extortion

A ransomware tactic where the attacker both encrypts the victim's data and threatens to publish exfiltrated copies, pressuring payment through operational disruption and reputational risk.

Air-Gap

Physical or logical isolation of a system or backup store from a production network, used to ensure evidence and recovery data cannot be reached by ransomware or an insider from the compromised environment.

RPO · Recovery Point Objective

The maximum acceptable amount of data loss measured in time — e.g. a 1-hour RPO means the organization can tolerate losing the last hour's data after an incident.

RTO · Recovery Time Objective

The maximum acceptable duration between an incident and full service restoration.

ISO 27001

International standard for information security management systems (ISMS). ISO 27001:2022 aligns closely with CyberFundamentals and with the NIST Cybersecurity Framework.

MDR · Managed Detection and Response

An outsourced service that provides 24x7 monitoring, investigation, and guided response to cyber incidents — typically focused on detection rather than forensics-grade evidence handling.

SOC · Security Operations Center

A team (internal or outsourced) responsible for continuous monitoring, detection, and response across an organization's IT estate.

Post-Mortem

A structured post-incident review documenting timeline, decisions, gaps, regulatory exposure, and actionable fixes. A defensible post-mortem is both an improvement tool and an evidentiary artefact.

Need context on how these apply in practice? Start with our NIS2 Compliance Checklist or the Ransomware Incident Response Playbook.