ICT Security

The security of communication and information systems that handle, store or transfer classified information is determined by the protective measures that were taken to ensure the availability, integrity and confidentiality of these systems. The measures are applied on the basis of a risk assessment. There are various types of measures such as the installation of encryption products or shielding security systems from unwanted electromagnetic radiation. It goes without saying that the persons who digitally process classified information must also be holder of a security clearance.

ICT protection and encryption products

Organizations with secured communication and information systems must use protection products that have been approved by the competent National Security Authority or international organizations. More information can be found in the relevant regulations and in the safety instructions of classified contracts.

The National Distribution Authority (NDA) manages the material for cryptographic protection of classified information in Belgium.

For the protection of national classified information and provided prior consent, the NSA also allows the use of ICT security products that were approved by the Council of the European Union or NATO.

 

TEMPEST measures (protection against technical surveillance, eavesdropping and espionage)

Classified information of the level ‘confidential’ must also be protected against the abuse of unwanted electromagnetic radiation. This is done via security measures that protect against electronic systems including eavesdropping and technical surveillance. Here also, the Council of the European Union and NATO work with products from certified companies. With prior permission, the NSA can allow the use of these products.