Community expert member call out - 01/2025

Dear Shield members,

During our Q4-event of 2024 we provided an update on how the Shield community framework will be built, which platforms it contains and most importantly the community profiles we defined within our framework. A detailed overview of the community organisation, framework, community profiles (+ effort estimation) can be found here: Shield vzw – Organisation and Community Operations

This article contains an overview of all the active tracks and the call out for expert community members who are willing to actively participate in contributing/reviewing/building the community initiatives.

1. Closed tenders (4)* :
  • GRC: Framework agreement for governance, risk and compliance services
    • Two GRC partners (Toreon/Nviso) were already selected in 2024. Together with these partners, the Shield architects and our community we want to start building the reference architecture for this domain.
    • Call-out :  we’re looking for 3 to 5 Community Contributors with expertise in the GRC domain to start building the reference architecture, templates, policies, …
    • Timing: asap
  • EEQ: Framework agreement for the delivery of IT end-user equipment:
    • This consists of 6 lots:
      • Lot 1 - PC's all-in-one's and workstations
      • Lot 2 - Laptops
      • Lot 3 - Mobile devices
      • Lot 4 - Displays & projectors
      • Lot 5 - Conference
      • Lot 6 - Printing
    • For Lot 1-6, 2 partners were selected, which we will communicate shortly (estimated timing: mid February).
    • For Lot 1-4 a workgroup is already in place to define and propose a sectorial standard hardware catalog. This allows us to organise regular bulk purchases at the best possible conditions.
  • XDR: Framework agreement for XDR-SOAR and MDR platform & services
    • The outcome of this tender will be communicated shortly (estimated timing: mid February) In the meantime, we already want to start building the related workgroups.
    • Call-out : We’re looking for 4 to 6 Community Contributors with expertise in the XDR-SOAR-SOC domain to start building the reference architecture, best practice configuration and policies, define playbooks, building a sectorial soc, etc…
    • Timing: asap
  • Firewall: Framework agreement for NextGen/Network firewall
    • The outcome of this tender will be communicated to our members (estimated timing: mid February).
    • Call-out : We’re looking for 3 to 5 Community Contributors with expertise in the firewall domain to start building the reference architecture, best practices, etc
    • Timing: asap

  * : Please keep in mind that making use of these frame agreements requires an additional fee for our PoC members. If you have any questions, please reach out to Wouter De Muynck - wouter.demuynck@shield-vzw.be - +32 477 17 40 37.

 2. Ongoing tenders (3):

 Currently there are 3 tenders in progress, the selected candidates are currently preparing the answers to the tenders so we can start evaluating the proposals together with the community:

  • Awareness: Framework agreement for user awareness, automated phishing & cyber e-Learning services
  • CSIRT: Framework agreement for CSIRT/Rapid Response Services
  • Pentest: Framework agreement for agile pentest & ethical hacking platform

Call out : for each of these tenders we’re looking for 4 to 6 Community reviewers with expertise/interest in these domains to evaluate & assess the answers of the candidates.

Timing:

  • 4/2 - 10/2: reading time to go through and score the technical answer of the different candidates.
  • 14/2 - 19/2: Evaluation workshops:
    • Awareness
    • CSIRT
    • Pentest
 3. Initiatives 2025:

During our event we asked the participants to list their top 3 priorities for Shield to focus on in the next few months. The result of the poll are the following:


We took the time to analyse the feedback and have decided to initiate an RFI phase (Request for Information) for following initiatives:

  • Focus Area Network security: Campus/DC networking & (micro) segmentation
  • Focus Area (Private) Cloud & datacenter:
    • Datacenter hardware & storage
    • Backup & recovery
  • Focus Area Endpoint security: Asset & vulnerability management

Call out :

  • For each of these domains we’re looking for 4 to 6 Community contributors with expertise/interest in these domains to participate during the RFI phase, attend demo’s, decide on requirements …
  • As part of the RfI-phase, we went to organise demo’s which will be the basics for the tender we will built together with the community. If you have any suggestions on vendors/partners/solutions we should include, please send them to wouter.demuynck@shield-vzw.be

Apart from the call out’s mentioned above we’re still looking for a Community president & vice-president to become part of the community chair to supervise and participate in the overall Shield cybersecurity reference architecture, roadmap, tender decisions, …

If you or one of your colleagues/team members are interested to be involved as community contributor/reviewer in one or more of the domains listed above or if you have any questions, please reach out to Wouter De Muynck - wouter.demuynck@shield-vzw.be - +32 477 17 40 37

If you want to be kept up-to-date about the ongoing tenders or the progress of the new initiatives, feel free to let us know via the same channels.

4. Partner events/webinars:

Our GRC partners have some initiatives planned for 2025:

  • Toreon – Cyber café: 4 times per year Toreon organises Cyber Cafés as a commitment to foster a strong cybersecurity. The audience for these events are CISO/DPO profiles. Toreon is providing access to this event for our members (40 in total). More information on the first Cyber Café (05/02/2025) can be found here: Cyber café | Toreon - Business driven cyber consulting. If you are interested in attending this event, send an email to wouter.demuynck@shield-vzw.be.
  • Nviso Insight Session: 4 times a year Nviso will organise a virtual session about GRC or other cybersecurity-related topics. Nviso is open to suggestions for the content of these sessions. If there are topics you would like to be covered during these sessions, please send them to wouter.demuynck@shield-vzw.be

Thanks for going through the extensive call out list, we look forward to your feedback!

Warm regards,

Team Shield vzw