SECaaS2 with FOD FIN — Belgium’s next generation federal cybersecurity blueprint

In 2025, Proximus NXT and the Federal Public Service Finance (FOD FIN) launched SECaaS2, a next generation, cloud centric cybersecurity program that delivers a catalogue of 75 managed security services and aligns federal operations with NIS2/CyFun®. SECaaS2 replaces fragmented, on premise tooling with a unified, scalable architecture operated from a sovereign Belgian SOC and supported by an ecosystem of leading vendors. With an expected value exceeding €100 million over seven years, it is the largest public sector cybersecurity contract ever awarded in Belgium. FOD FIN is the first and most complex onboarding and serves as the blueprint for subsequent federal rollouts. The result is stronger cyber resilience, streamlined compliance, predictable budgeting, and reinforced reliability of citizen facing services such as tax platforms. SECaaS2 sets a new national standard for how government secures mission critical digital services today and for the decade ahead.

The complexity of SECaaS2 stems directly from the strategic importance of FOD FIN within the Belgian state and the sensitivity of the systems under its responsibility. FOD FIN operates some of the country’s most mission critical digital platforms such as tax applications, authentication environments and treasury operations, all of which handle highly confidential information and must remain continuously available. Transforming such an environment required a full migration from an outdated, fragmented on premise security stack to a cloud first, fully integrated defence architecture, executed under strict zero downtime conditions to avoid disruption of essential public services.
This transition demanded the convergence of multiple technological domains, including endpoint protection, identity governance, cloud workload defence, network controls and XDR based threat detection. These domains span several leading vendors, such as Microsoft, Palo Alto Networks and F5, whose technologies needed to be orchestrated seamlessly into one cohesive operational model. Additional layers of complexity arose from the requirement to comply with Belgium’s NIS2 legislation and the CyFun® framework from day one, necessitating real time auditing, uplifted governance processes and secure, fully traceable migration patterns.

To mitigate the substantial risks involved, Proximus NXT established a dedicated delivery and governance organisation with deep federal expertise. A phased ten month transition plan was designed to manage system interdependencies, ensure continuity of financial operations and de risk each step of the cut over. The successful onboarding of FOD FIN, fully interruption free, demonstrates not only the precision and maturity required for a transformation of this magnitude, but also the operational excellence needed to modernise the cybersecurity backbone of one of Belgium’s most critical public institutions.

SECaaS2 delivers significant operational, strategic and societal value for FOD FIN, fundamentally strengthening the security and reliability of one of Belgium’s most critical public institutions. Operationally, the programme transforms a fragmented and outdated security landscape into a harmonised, cloud first defence model supported by a sovereign, highly certified Belgian SOC. This ensures continuous monitoring, real time detection of threats and rapid incident response, providing FOD FIN with the cyber resilience required to safeguard highly sensitive financial platforms. By replacing legacy tools with an integrated set of 75 managed security services, FOD FIN gains greater visibility, faster remediation cycles and a consistent security posture across its entire environment.

Strategically, SECaaS2 embeds full alignment with the NIS2 legislation and the CyFun® framework from the start, allowing FOD FIN to streamline governance processes, simplify audits and automate compliance reporting. The purchasing model, first introduced under SECaaS1 and enhanced in SECaaS2, adds further value by offering transparent and predictable budgeting through scalable, usage based parameters such as number of users and network volume. This creates long term financial stability while ensuring access to advanced security capabilities.

The societal impact of SECaaS2 is equally significant. By strengthening the cybersecurity foundation of FOD FIN, the programme directly protects millions of citizens and businesses that rely on uninterrupted access to essential digital public services, including tax platforms and financial systems. This is not a point upgrade but a structural modernisation of the digital infrastructure that underpins Belgium’s fiscal stability. SECaaS2 enhances trust in government digital services, reduces systemic cyber risk and contributes to a more resilient digital society, making its added value both far reaching and sustainable.

SECaaS2 delivers unprecedented innovation to Belgium's public sector. It is the first large scale, cloud native federal cybersecurity architecture in Belgium, replacing fragmented, infrastructure heavy security with a modern, service driven and outcome based model. Its catalogue of 75 modular managed security services is unparalleled in breadth and design, covering identity, endpoint, edge security, cloud workload protection, XDR, AI assisted analytics and an entirely new set of governance focused offerings such as Third Party Risk Management as a Service and GRC as a Service. This combination dramatically elevates the maturity of federal cybersecurity far beyond traditional tool based models.
A key innovation lies in the FOD FIN blueprint, the first end to end implementation in one of Belgium’s most complex and mission critical federal environments. This blueprint not only validates the operational model but creates a repeatable, lower risk onboarding pattern for all other Federal Public Services. It packages migration workflows, governance structures, audit mappings and operational baselines into a reproducible federal standard , extending innovation beyond technology into methodology, governance and large scale federal delivery.
The cloud native foundation of SECaaS2 marks another major milestone. By eliminating reliance on legacy on premise infrastructure, the programme empowers FOD FIN and, by extension, all other FODs to respond faster to emerging threats, embrace automated NIS2/CyFun® compliance, and continuously evolve security controls without complex reinvestments.

This architecture is reinforced by an orchestrated ecosystem of leading security technologies (Microsoft, Palo Alto Networks, F5), integrated into one coherent security fabric and operated through a sovereign, highly certified Belgian SOC. The result is a future proof security model combining sovereignty, automation, modularity and scalability.
In essence, SECaaS2 does not simply modernise federal security , it redefines it, setting a new benchmark for adaptability, compliance automation and delivery speed in the Belgian public sector. It establishes a forward looking cybersecurity architecture capable of supporting the federal government’s digital ambitions for the next decade, making it a true standout innovation for the Computable-Cybersecurity Awards.

The strength of Proximus NXT as the prime contractor lies in its unique combination of federal sector heritage, sovereign operational capability and multi vendor integration expertise, an execution power unmatched in the Belgian public sector. Building on more than seven years of proven delivery under SECaaS1, Proximus NXT brings deep institutional knowledge of federal environments, having supported ten federal institutions with managed security services. This legacy ensures credibility, stability and continuity. The same core experts who shaped the SECaaS2 bid remained engaged throughout design, migration and operationalisation, guaranteeing consistent leadership, accountability and an unbroken chain of expertise across all project phases.

Operationally, SECaaS2 is anchored in a highly certified, Belgium based Security Operations Center, ensuring full sovereignty, rapid response and trusted handling of sensitive federal data. This sovereign SOC forms the backbone of 24/7 monitoring, incident response and governance, offering assurance that security operations remain fully within national jurisdiction, an essential factor for a programme of this criticality.

Another defining strength is Proximus NXT’s ability to orchestrate a curated ecosystem of global market leaders, including Microsoft, Palo Alto Networks, F5 and others, into one coherent, end to end security fabric. Instead of delivering isolated tools, Proximus NXT integrates these technologies into a unified operational model, ensuring consistency, interoperability and streamlined governance across the entire security landscape.
What truly differentiates the supplier, however, is its mature governance model and local presence. With a long standing footprint in the Belgian public sector, Proximus NXT provides strong programme governance, transparent reporting, federal grade change management and close collaboration with stakeholders. This combination of federal experience, sovereign operations, multi vendor mastery and disciplined execution makes Proximus NXT uniquely positioned to deliver a cybersecurity transformation of this national scale and critical importance.