HomeCompliance › CyberFundamentals

CyberFundamentals compliance software for Belgian organisations.

All four CCB levels (Small, Basic, Important, Essential) pre-loaded, mapped to NIST CSF and positioned for NIS2. Asset and supplier registers, detection use-cases, IR runbook with CERT.be path, recovery-plan tester. Built for Belgian federal entities, critical-infrastructure operators and their suppliers.

Open the portal See pricing

What is CyberFundamentals?

CyberFundamentals (CyFun) is the baseline published by the Belgian Centre for Cybersecurity (CCB / BCSC). It rides on the NIST CSF spine (Identify, Protect, Detect, Respond, Recover) and adds four assurance levels - Small, Basic, Important, Essential - that scale with your risk profile. The CCB positions Important and Essential as concrete ways to demonstrate NIS2 compliance for Belgian-supervised entities.

Who needs to comply

  • Belgian federal administrations and parastatals
  • NIS2 essential and important entities under Belgian transposition
  • Belgian critical-infrastructure operators
  • SaaS and managed-service providers selling into the above

Key CyFun capabilities in Dazr

Four levelsPick Small, Basic, Important or Essential; the control set scales.
NIST CSF spineIdentify / Protect / Detect / Respond / Recover pre-loaded.
Supplier riskTier-based intake questionnaire + annual recheck.
Detection use casesCentralised log aggregation + use-case library tied to NIS2 reporting.
IR runbookCERT.be contact wired in. Tabletop annually.
Recovery planAnnual recovery test with lessons-learned tracker.

What auditors look for

At Small/Basic the model is self-assessment. At Important and Essential an accredited verifier samples evidence per Subcategory. Particular attention to the supplier-risk register, the detection use-cases and the recovery test. Dazr keeps each control audit-ready year-round.

How Dazr helps with CyFun

  • Pre-loaded controls per CyFun level
  • Run CyFun alongside ISO 27001, GDPR and NIS2 in one workspace
  • Supplier register with CyFun / equivalent status
  • Detection use-case library tied to CERT.be / NIS2 reporting deadlines
  • Hand the verifier a read-only view or a single-PDF audit trail

Back to the full Dazr Compliance overview › | Sign up free ›

CyberFundamentals questions, answered.

What is CyberFundamentals?

The Belgian CCB / BCSC baseline. Four levels (Small / Basic / Important / Essential) mapped to NIST CSF. Used by Belgian federal administration and recommended for NIS2-in-scope entities.

How does CyFun map to NIS2?

The CCB positions CyFun Important and Essential as concrete ways to demonstrate NIS2 compliance for Belgian-supervised entities.

How is the audit performed?

Self-assessment at Small / Basic. At Important and Essential an independent verification by an accredited verifier is required.

Where is data hosted?

European Union only. AES-256-GCM at rest. EU jurisdiction.

Ready to start your CyFun programme?

Free for one user. Pro €29/mo and Enterprise €299/mo are self-serve via Mollie. Custom (from €800/mo) is the only tier on a contract.

Open the portal All frameworks