Stefan Van Gansbeke

Director Risk.Security.Legal - CISO at CM/MC

Brussels Metropolitan Area

About

Protecting the health data of 4.7 million Belgians is not just a technical challenge. It is a business responsibility. As CISO and Director Risk, Security and Legal at CM/MC, Belgium's largest mutual health insurer, I ensure that security is not a brake on innovation, but the foundation that enables it. My approach is built on three pillars: business relevance, risk driven prioritization, and strong governance. Security only works when it speaks the language of the business. Security that is not measurable does not get funded. Security that is not embedded in culture does not last, regardless of how strong the technology is. At CM/MC, with 8,000 employees, a complex multi entity structure, and a rapidly digitizing environment, I lead multidisciplinary teams addressing some of the most pressing enterprise security challenges today. These include governing AI and agentic systems, adopting zero trust, strengthening identity governance, embedding security into CI/CD pipelines, and developing sovereign sensitive cloud strategies. Security reporting goes to management and the executive board, ensuring cyber risk remains aligned with business strategy. Beyond cyber security, I am also responsible for the enterprise risk and corporate legal teams at CM/MC. These highly specialized teams play a critical role in navigating an evolving legal and regulatory landscape, including NIS2 and DORA, where close alignment between risk, legal, and security is essential to deliver resilient and compliant outcomes. I hold a Master's degree in Computer Science from the University of Brussels and am CISM certified. I regularly engage as a board advisor, conference panelist, and public speaker. I believe the security community becomes stronger when practitioners share openly. If you are working on cyber resilience, security strategy, or the intersection of AI and risk, I welcome connecting.

Experience

  • Christelijke Mutualiteit (CM) / Mutualité chrétienne (MC) (22 yrs 6 mos)
    • Director Risk.Security.Legal
      Jun 2017 - Present · 9 yrs 1 mo

    • CISO - Chief Information Security Officer
      Dec 2008 - Present · 17 yrs 7 mos

    • Director Internal Audit (ai)
      Oct 2016 - May 2017 · 8 mos

  • Guest Lecturer at Solvay Brussels School of Economics and Management
    Mar 2025 - Mar 2025 · 1 mo

    Guest lecture on Risk and compliance & AI in cybersecurity

  • Guest Speaker at The Network Group
    Mar 2025 - Mar 2025 · 1 mo

    Keynote speaker - The AI high five for cybersecurity

  • Guest Speaker at TechEx Events
    Feb 2025 - Feb 2025 · 1 mo

    Keynote - The AI high five for cybersecurity

  • Speaker at Intelligent insurtech / Contributor to white paper on Intelligent automation at Newton Media
    Apr 2018 - Apr 2018 · 1 mo

    http://bit.ly/InsurtechWP