Annual report 2025
Telecommunications networks are critical infrastructures requiring a high level of security. The BIPT plays a key role in this context.
In 2025, the BIPT carried out inspections of critical entities to assess their security management, including business continuity, crisis management and network resilience measures. The findings were shared with the operators to draw up improvement plans, which the BIPT then monitors as part of a continuous improvement process.
Operators notify the BIPT of major security incidents, which the BIPT handles via a duty service available 24/7 and in collaboration with the NCCN and the CCB. For significant incidents, the BIPT requests further information to verify that corrective measures have been taken, and since the entry into force of NIS2, notifications have been centralised via the CCB form.
The fight against fraud intensified in 2025, with the BIPT coordinating the anti-fraud working group and the widespread use of AI algorithms to detect and block millions of fraudulent text messages. The BIPT has strengthened inspections on spoofed CLI, launched a consultation on a draft block list (which was ultimately abandoned), launched a study on network APIs and participated in several national and international initiatives.
Since 2025, the BIPT has been responsible for issuing authorisations to operators’ staff members requiring access to critical infrastructures, based on a security assessment by the federal police. More than 1,300 access requests have been processed this year. This procedure ensures the security of critical infrastructures and the protection of the essential interests of the State.
Regarding the security of digital infrastructure in Belgium, the BIPT has continued its work on the regulation and governance of artificial intelligence, in particular by actively participating in interfederal and European working groups and by organising, in collaboration with UNESCO, a training course on the monitoring of the AI market.
At the same time, the BIPT has strengthened its monitoring of the transition to post-quantum cryptography: an overview of the current situation was carried out among the main operators, a sectoral roadmap was developed, and a draft proposal laying down requirements applicable to the telecommunications sector was subject to a public consultation at the end of 2025.