KMO CyberSecurity Ambitie The « KMO Cybersecurity Ambition » project aims to increase the maturity of the Flemish SME in terms of CyberSecurity, by building a "Human Firewall" based all SME staff profiles.


This project in the framework of the ESF 2014-2020 program addresses Priority 2 : preventivecareer planning, within the call CS 2020. The duration of the project is from November 1, 2020 to April 30, 2022.

  • ESF approved upon application: €53 324,00
  • VCF approved upon application: €0.00
  • Other funding approved upon application: €103 513,00
  • TSK approved upon application: €156 838,00

Maturity measurement

KMO CyberSecurity Ambitie maturiteitThree maturity levels are retained from "basic" to "proactive", in addition to a "non-existent" level.
The goal is to bring the CS maturity within the SME to level 3 "proactive" through training tailored to the different staff profiles.
After a baseline measurement, a new maturity measurement is carried out after the trainings in order to determine an possible maturity improvement.

Project team

The project is managed by the Internal Audit Academy, the training subsidiary of IIA Belgium. For more info.

Under the leadership of Katleen Seeuws, IIA Organizational Manager, and Patrick Soenen, as project manager and the following partners:

  • Grant Thornton: Full service business advisory, Business Risk Services division focused on mitigating risk at SMEs and others
  • Figurad: Independent audit firm, expertise on risk and cybersecurity at SMEs
  • With the cooperation of a number of independent trainers.


Cybersecurity training programme

N KMO CyberSecurity Opleidingen4 courses supported with a practical case study :

  • Transversal: A. Pass along basic principles of cybersecurity and why it is important? Basic training directed to all profiles
  • Business leaders: B. Demystify CS - What is cybersecurity, cybersecurity in line with the organization's strategy, dealing with external cybersecurity service providers, monitoring and follow-up
  • Executives: C. CS Risk Management - Developing policies in practice (identifying and classifying information assets, risk analysis (information risk with CIA - Confidentiality, Integrity, Availability - impact and operational risks) and control measures, incident management and response
  • Employees: D. CS DOs & DON'Ts -Recognizing threats and how to respond appropriately


Back to overview