Cybersecurity Leadership Meets Digital Sovereignty on the Banks of the Leie
Organised by Pointury, BE-CEC has rapidly established itself as one of Belgium’s most exclusive gatherings for CIOs, CISOs, infrastructure leaders, cyber program managers, and senior cybersecurity experts. The conference continues to deliver on its mission: inspiring and connecting the leaders responsible for securing Belgium’s digital future.
This Q2 edition could hardly have taken place under more extraordinary circumstances. Belgium experienced one of the hottest June days in its recorded history, with temperatures reaching exceptional levels across the country. Yet despite the heat, the atmosphere remained energetic and focused throughout the day. And by evening, the weather turned into an unexpected asset: under large sunscreens along the banks of the river Leie, participants enjoyed a remarkably pleasant BBQ and networking reception in one of the most picturesque venues in Flanders.
Cybersecurity in 2026: No Longer Just About Protection
A recurring theme throughout BE-CEC 2026 Q2 was clear: cybersecurity has evolved far beyond traditional defense. The conversations repeatedly returned to resilience, sovereignty, and trust.
In 2026, CISOs are no longer merely technical guardians. They are strategic business leaders operating at the intersection of geopolitics, regulation, AI transformation, and operational resilience. The agenda reflected exactly that shift.
Opening Keynote: The Strategic Shift to European Cloud
The afternoon opened with a compelling keynote by Kristof Tuyteleers, CISO at DNS Belgium.
Kristof challenged the audience to rethink the role of DNS. Too often treated as invisible infrastructure, DNS is in fact one of the most critical foundations of digital sovereignty. Weaknesses at this layer can escalate rapidly into systemic risks affecting entire organisations and even national ecosystems.
His message resonated strongly in the Belgian context, especially as European concerns about dependency on non-European cloud and infrastructure providers continue to grow. Discussions around sovereignty are no longer theoretical; they have become board-level priorities. That concern mirrors broader debates in Belgium around Europe’s dependence on foreign digital infrastructure.
Embedded Systems: The Attack Surface Nobody Sees
Next, Jorn Lapon from KU Leuven delivered a highly relevant session on embedded security.
His keynote highlighted a rapidly growing blind spot for enterprises: the explosion of embedded devices, IoT systems, industrial controllers, and connected infrastructure.
These devices increasingly operate outside traditional security controls. They are often unmanaged, difficult to patch, and highly attractive to attackers.
Jorn translated what might seem like highly technical research into clear executive implications:
Operational disruption
Exposure to ransomware and lateral movement
Intellectual property theft
Regulatory and compliance risk
His core message was unmistakable: embedded security must become part of enterprise governance, not remain an engineering afterthought.
Sovereignty Is the New Perimeter
One of the strongest strategic messages of the day came from Renaud Larsen of F5.
Renaud connected multiple regulatory and geopolitical developments into one coherent narrative: the EU AI Act, NIS2, DORA, GDPR, the US CLOUD Act, and post-Schrems data governance realities are no longer separate compliance topics.
They form a single strategic challenge.
His keynote argued that organisations should stop treating regulations as isolated checklists. Instead, leaders must build unified architectures combining:
Cryptographic control
Federated governance
Operational resilience
AI oversight
Data sovereignty
The phrase that stayed with many participants was simple yet powerful:
“Sovereignty is the new perimeter.”
This captures a defining challenge for 2026: security boundaries are no longer limited to networks or endpoints. They now include control over data, infrastructure, AI models, and decision-making systems.
From Packets to Prompts: The AI Security Challenge
The final keynote by Robin Johns addressed perhaps the most disruptive shift facing security leaders today: AI.
In a very entertaining way Robin described the evolution of enterprise security in three phases:
Packets → Context → Intent
Traditional security focused on network-level controls. Modern zero-trust architectures introduced context: identity, device posture, behavior, and access conditions.
AI changes the equation again.
When organisations deploy copilots, assistants, and autonomous agents, systems can interpret requests, access sensitive data, invoke tools, and execute actions independently.
That introduces a new security question:
It is no longer enough to ask who initiated an action or from where.
Security teams must ask:
What is the AI trying to do?
That shift from context to intent sparked lively discussion among participants, especially around governance, policy enforcement, and action control for AI-powered workflows.
For many attendees, this session confirmed a growing reality: AI security is rapidly becoming one of the defining board-level risks of the next decade.
Partner Spotlight
The conference also featured brief partner presentations from sponsors that help Belgian organisations strengthen cyber resilience:
Their contributions reinforced how the vendor ecosystem continues evolving from product suppliers into strategic resilience partners.
Networking Where Real Value Happens
As with every BE-CEC edition, the formal presentations were only part of the story.
Some of the most valuable conversations happened during breaks, the reception, and especially during the evening BBQ.
Under protective sunscreens overlooking the calm waters of the Leie, attendees exchanged ideas, compared challenges, and built relationships that will continue beyond the conference.
The combination of executive-level content and informal peer interaction remains one of BE-CEC’s greatest strengths.
Cybersecurity leaders often operate in isolation within their organisations. Events like BE-CEC create opportunities to openly discuss common struggles with peers facing similar challenges.
Final Reflection
BE-CEC 2026 Q2 confirmed something important about the Belgian cybersecurity community.
Despite increasingly complex threats, growing regulatory pressure, and the disruptive force of AI, Belgium’s cyber leaders are not reacting passively. They are actively redefining what resilience means.
Three major themes emerged from the day:
Digital sovereignty is now strategic
AI changes the security model fundamentally
Resilience requires collective leadership
The heat outside may have been historic, but so was the quality of the networking.
From digital sovereignty to embedded risk and AI governance, BE-CEC 2026 Q2 delivered exactly what the conference promises: a trusted environment where Belgium’s cybersecurity executives can think beyond day-to-day operations and focus on what truly matters next.
We thank all speakers, sponsors, and participants for making this fourth edition another success.
We look forward to the next BE-CEC.