EN 
NL 
DE 
FR Must I demonstrate my cybersecurity maturity by law?
Under the EU NIS2 Directive, certain organizations classified as essential and important are legally required to taking cybersecurity risk-management measures. Essential entities shall demonstrate cybersecurity maturity. This includes sectors such as energy, transport, health, finance, digital infrastructure, and public administration.Failure to comply can result in audits, corrective measures, and administrative fines. The centre for cybersecurity […]
Where can I find the CyFun® framework?
The official CyFun® framework is published by the Centre for Cybersecurity Belgium (CCB) and available on their website atwork.safeonweb.
What is the difference between CyFun® and ISO/IEC 27001?
Aspect CyFun® ISO/IEC 27001 Scope NIS2 compliance, practical controls Comprehensive ISMS, global standard Levels Basic, Important, Essential No levels; one standard Certification National/EU recognition, CCB-driven International, ISO-accredited bodies Target All organizations mature organization Approach Include OT, IT and other standard as well (NIST, CIS…) ISO CyFun® and ISO/IEC 27001 are interconnected through reference matrices, enabling […]
Where is the CyFun® Label and verification recognized?
The CyFun® Label is recognized nationally in Belgium as a trusted proof of cybersecurity maturity. It is accepted by authorities, partners, and customers as evidence of compliance. Today, more and more EU countries are recognizing CyFun®, including France, Romania, and Ireland, with others expected to follow soon. For organizations, CyFun® means easier access to new […]
How is the information sent to Trust Check protected?
What can I do if I don’t want a specific verifier assigned to my mission?
What can I do if I don’t accept the verification result?
How many controls are evaluated at each level?
These controls align with the CCB CyberFundamentals framework.
How long does a verification take?
The duration depends on the scope and complexity of your IT environment. Typically:
Can verification statement be shared with partners or regulators?
Yes, the verification report can be shared to demonstrate compliance and provide evidence during audits or contractual evaluations