What is CyberFundamentals ?

The CyberFundamentals Framework offers a clear, step-by-step approach that helps organisations to protect their data, significantly reduce their risk of the most common cyber-attacks, and their cyber resilience. 

The requirements and guidance are complemented with the relevant insights included in the NIST/CSF framework, ISO 27001/ISO 27002, IEC 62443 and the CIS Critical Security Controls (ETSI TR 103 305-1). 

Built around three maturity levels – Basic, Important, and Essential – CyFun® guides you in growing your digital resilience. Whether you're a small business or a large enterprise, CyFun® provides an accessible roadmap to a safer digital future. 

The CyberFundamentals Framework is originally a Belgian framework, developed by the Centre for Cybersecurity Belgium (CCB). At the moment the framework has been formally adopted by Romania, Malta and Ireland. 

Diagram of the "CyberFundamentals Framework 2025" showing four maturity levels (Small, Basic, Important, Essential) with corresponding numbers of controls. The framework aligns with standards such as NIST CSF, CIS Controls, ISO 27001/27002, and IEC 62443. A summary indicates effectiveness against attacks (82% for Basic, 94% for Important, 100% for Essential), supported by CERT attack profiles from the Centre for Cybersecurity Belgium.

National implementation

Please note: Implementation of the CyberFundamentals Framework may vary slightly from country to country, depending on national policies and context. For detailed information on how the framework is applied in your country, please refer to the national About page.