Digital trust requires a common language

January 29, 2024
Egide Nzabonimana
Est. Reading: 3 minutes

The multitude of technologies that reinforce each other, the speed of technological innovation, and the constant presence of cyber threats are all contributing to third-party risk management becoming a central theme in cybersecurity. A malicious code injected in a single software application can have a huge impact on other users and systems. Thus, more than ever, digital trust is the keyword. “In practice, this level of trust can only be achieved when there is a common language,” Egide Nzabonimana of ISACA Belgium suggests.

Companies are being driven to adopt technology at an unprecedented pace. In the past years, both remote working and the transition towards Industry 4.0 have accelerated the introduction of new technologies and digital tools. While such technology has been of great assistance, it has also brought about an increase in malicious cyber activity.  

“Cyber threats introduce risk to business operations and to systems,” says Egide Nzabonimana, president of the Belgium chapter of ISACA, an international non-profit organisation for IT professionals. “Not only are the systems used by the company itself at risk, but so are those outsourced to their third-party suppliers. This is particularly concerning for organisations whose operations rely heavily on third-party support and capabilities.” 

The back-end has become a complex web 

The result is that the back-end of a company’s digital systems has become a complex web involving many different players. Their software and systems must be compatible with each other in order to function correctly. But in the light of continuous cyber attacks, this web must fit together as tightly as possible, with no security gaps. “You can compare the situation to a newly formed family. Third-party risk management is the new form of marriage that enables our current way of operating a business,” according to Nzabonimana. 

Companies must thus not only assess their own security environments, but also understand the security environments of their third-party suppliers. “You need to treat the third-party supplier’s environment as an extension of your own IT systems. Third parties must demonstrate that their state of governance and their cybersecurity are in harmony with those of the organisations they work for, supporting systems without introducing weaknesses that can be exploited by cyber criminals. These are two major challenges for any enterprise infrastructure and accompanying third-party supplier, as the objectives of each may not align as smoothly as one would expect.” 

Keeping up with technological changes 

For successful third-party risk management, there is first a need for digital trust. “In practice, that level of trust can only be achieved when there is a common language. And this is ISACA’s aim. By offering training, audits and certificates to IT trust professionals, we enable dialogue,” Egide Nzabonimana explains. “Our certificates are a globally recognised quality label that is also linked to an ethical code of conduct. They demonstrate that someone is able to contribute to a specific theme within cybersecurity. Moreover – and this is essential – you can only renew the certificates if you can demonstrate that you are keeping up with technological changes.” 

One of the most important technological breakthroughs of 2023 was generative AI, which can also become a game changer for cybersecurity. “If we want to keep up, it is crucial that we learn to have the right focus. That is why we must continue to build a framework that can deal with these impactful trends. We further contribute to this through the ISACA certificate we have now introduced for new technology.”

Collaboration and knowledge-sharing among cyber professionals therefore remains very important. “Thanks to organisations such as the Cyber Security Coalition, a well-developed ecosystem has emerged in Belgium, with the same mission as ISACA. This ensures that we do not have to keep reinventing the wheel. Especially considering the ongoing labour shortage in our sector, we must continue to look for ways to allow business-minded people to collaborate optimally with IT professionals,” the president of the Belgium chapter of ISACA concludes.


Written by:

Egide Nzabonimana CISM, CDPSE, COBIT

Egide Nzabonimana is the current President of the Belgian chapter of ISACA. Having over a decade of experience as well […]
View profile



January 6, 2023

Why get certified with ISACA Belgium?

Our upcoming Workshops and Bootcamps ISACA Belgium with its experienced and skilled trainers organizes monthly a series of trainings and […]
September 29, 2022

Digitaal vertrouwen zal ervoor zorgen dat bedrijven veerkrachtig zijn

Een open gesprek over de impact van AI en IoT, de mogelijkheden van 5G en de uitdagingen rond cyberveiligheid in […]
January 28, 2022

ISACA Belgium joins the Cyber Security Coalition

We are very proud to be part of the Cybersecurity Coalition. Considering we have more than 850 IT professionals engaged […]
February 26, 2021

ISACA sur tous les terrains!

Pour acquérir les bonnes connaissances, les meilleurs contacts et les certificats les plus pertinents dans le cadre de la gouvernance […]

Subscribe to our newsletter

Please complete the information below to get added to our Newsletter and Events or update your information.
Newsletter Inline