Cyberattacks are no longer just targeting large companies. They affect the entire economic fabric. In Belgium, East Flanders Building Materials learned this the hard way when its IT systems were paralysed. But thanks to a government aid package and support from Axians, it was able to transform this incident into a fully strategic cybersecurity project.

With cyberattacks proliferating, cybersecurity is becoming a clear strategic focus for businesses. In Belgium, the experience of East Flanders Building Materials (OVB Group), a small Ghent-based company active in the distribution of construction materials, perfectly illustrates this reality: digital security is more than technical tools and regular interventions – it requires a structured long-term approach.
A cyberattack like an electric shock
Founded in Ghent in 1936, East Flanders Building Materials is a typical firm in the economic fabric of Flemish Belgium. With a dozen employees and an operation heavily dependent on its IT systems, it could not afford the slightest interruption. However, like many SMEs, the company became aware of its vulnerability only in the aftermath of a cyberattack.
In 2020, “the business sustained an attack that exploited a vulnerability in its firewall, which was managed by the telecoms operator,” says Marc Brouckaert, Account Manager at Axians Belgium, the ICT provider for East Flanders Building Materials. Fortunately, thanks to an off-network backup, the worst was avoided: “We were able to reinstall the entire system, but one or two weeks of data were lost.” The company was thus able to resume operations after a weekend of restoration work without paying a ransom.
Government aid package
To prevent such an incident happening again, the company decided to adopt a more structured approach to cybersecurity. This was based on a cybersecurity enhancement programme from Vlaams Agentschap Innoveren en Ondernemen (VLAIO), a government scheme designed to help Flemish companies beef up their digital security.
“The cost of prevention is always less than the cost of a cyberattack”
The programme combines subsidies and strategic support. “That the VLAIO programme was able to finance 50% of the cost of a cybersecurity project was key, as was the selection of Axians as an approved ICT provider for this government programme for four years following a call for tenders in 2024,” explains Marc Brouckaert. “This financial support makes it easier for businesses like East Flanders Building Materials to invest in their digital security in a structured way.”
Analysis, technical measures and governance
The first stage of the support package is to perform a vulnerability analysis and establish a roadmap. “With the Belgian Cybersecurity Centre (CCB), we conducted an initial analysis phase to assess the vulnerabilities that had accumulated over the years,” says Marc Brouckaert. “The second phase involved implementing technical measures, such as replacing the firewall and migrating the email system to the cloud.”
The project also included an organisational dimension, which SMEs often tend to neglect. “We are now working on cybersecurity governance procedures, for when employees join or leave, for instance.”
This comprehensive approach is the response to a reality that is already familiar in the context of small organisations. “In SMEs, IT systems often evolve organically,” notes Marc Brouckaert. “One year, they install a server; the following year, it’s a new Wi‑Fi network, and so on. But it is rare to find an overarching IT policy.”
Protection and operational efficiency
For East Flanders Building Materials, the benefits are already clear. It now has a global overview of its cybersecurity and more robust management of its critical infrastructure. The aim is still to find the right balance between protection and operational efficiency. “Security should not hinder the core business,” says Marc Brouckaert. “The secret is to find the right balance.”
Beyond the experience of East Flanders Building Materials, this experience sends a clear message to the managers of SMEs. Cybersecurity can no longer be considered a cost or a constraint; it is an essential investment in the continuity of their business activities. “The cost of prevention is always less than the cost of a cyberattack,” says Marc Brouckaert.
07/13/2026