Valéry Vander Geeten
Legal Officer, Centre for Cybersecurity Belgium"
“Ethical hacking” or bug bounty programs are well known in the ICT security Community. Coordinated Vulnerability disclosure policy (CVDP), also called responsible disclosure policy, is a set of rules set up by an organization responsible for an information or communication technology system to enable collaboration between it and a security researcher or the general public, who wants to search or has discovered a potential security vulnerability in its systems, services or products. These rules should allow for an eventual disclosure of this security vulnerability in a responsible, coordinated and prepared manner between the security researcher (or the general public) and the responsible organization. In Belgium, the use of those policies is subject to legal issues. However, it is possible to apply such policies within the Belgian actual legal frame, subject to certain conditions and best practices.
Valéry is the Legal Officer of the Centre for Cybersecurity Belgium (as well of the federal service CERT.be which is a part of the CCB) and he is a former lawyer at the Brussels Bar. He is in charge of the legal aspect of the activities of the CCB and the CERT.be, including the implementation of the NIS directive (EU directive 2016/1148) in Belgium. Valéry is also a teacher assistant at the Law Faculty of the University of Brussels (ULB).
Speech: "Ethical Hacking"