← About

How we write

I built CyberLearn and CyberWeekly to keep myself sharp in the flow of CCB, EU and ENISA updates. The MSPs and SMEs we serve benefit from the same system. Here's how it works.

#CyberLearn #CyberWeekly

Built for myself first

A CCB email lands in my inbox. "New implementation guidance for network device logging." Eleventh CCB publication since January. And it doesn't stop at CCB. ENISA reports. NIS2 transposition updates. The cyber-insurance questionnaire that just changed. The audit-firm note on what CABs actually check now. The r/msp thread where someone explains what tripped them last week. The LinkedIn post from a fellow IT partner sharing a fresh gotcha. Practitioner reality: I can't keep up. Neither can the MSPs I work with. The SMEs who pay them, even less so.

So last year I built CyberLearn. For me. A reference I'd actually open: plain language, primary sources, Belgian context, three languages. If a new CCB brochure dropped Monday, the relevant article was updated Wednesday. That was the brief. CyberWeekly grew out of it: same source, packaged as a Wednesday digest for MSPs. The micro-learnings came next, packaged for the SMEs those MSPs serve. A weekly two-minute read on one concrete thing they can do. One curated knowledge base, three audiences.

What surprised me: other people started reading it. MSPs were first. Then F500 security teams. Then enterprise readers from places I'd never imagined Belgian compliance writing would land. People started asking how big my content team was. The answer was less interesting than the question. The bar that filters my own attention (would I read this myself?) was also filtering theirs.

So I wrote down how the whole system works. How I pick subjects, what gets in, what stays out, where AI helps, where it doesn't. The bar for what ships is one question: would I read this myself? That bar kills a lot. Top-10-tips lists, generic NIS2 explainers, word-count chasing. The system keeps evolving: every reader question that exposes a gap, every CCB update that breaks an assumption, every angle from a real audit feeds the next article.

Our editorial style

Every #CyberLearn article follows the same rules, whether you read it in Dutch, French, or English:

  1. 1

    Plain language, no consultant jargon.

    Acronyms get spelled out on first mention. A directive is called a directive, not "a regulatory instrument." At the same time: we don't over-explain basics. Readers who land here already know them.

  2. 2

    Primary sources, in-line.

    Numbers come from CCB publications, the EU directive text, ENISA reports, or named studies. They're linked where you can click through and verify. A number without a source doesn't appear.

  3. 3

    Belgian context, not generic EU theory.

    Examples reference Belgian frameworks (CyFun, kmo-portefeuille, hub.brussels), Belgian CAB auditors, and Belgian audit reality. NIS2 is explained via the Belgian transposition, not just the EU text.

  4. 4

    Practitioner voice.

    Written by someone who builds the platform itself and works with MSPs every week, not by someone writing about it from outside. When a recommendation is hard in practice, the article says so.

  5. 5

    No fabricated numbers, no marketing theatre.

    No "10x your conversions," no "transform your security posture." A claim that can't be substantiated is removed or explicitly marked as an estimate.

How we use AI

Writing 60+ articles in three languages, keeping them current as regulation evolves, and holding a consistent voice: that's hard. Without help, it just doesn't happen. The interesting question is what "help" actually means here.

Same pattern I use to build the platform itself: I set the architecture, write the specs, run the audits, then let AI fill in the details. The architecture here is the editorial rules, the source list, the practitioner test. Concretely: Claude (Anthropic) drafts long-form structure off that spec; our own Cloudflare models check coverage and consistency; I write what matters, fact-check against primary sources, decide what stays out. AI is the lever; the bar is mine.

What that unlocks: when the CCB publishes new guidance Monday, the relevant article is updated by Wednesday, in three languages, instead of six months later. When an SME asks a question we hadn't covered, it can have its own page within a day. When a regulator pivots, the entire library shifts in a week. That's the multiplier the same architecture buys, applied to content instead of code.

→ How we work: AI skills
Tom Janssens

Who's behind it

Tom Janssens. 20+ years across IT and innovation management: Eurocontrol (the organisation behind European air traffic) and Belgian SMEs. Builder of the ECP platform itself. That's the practitioner test: the person writing about CyFun is the same one turning CyFun into product specs every day.

How I curate the sources

The source list isn't static. It's curated and updated based on what I actually read each month, plus what fellow IT partners and SMEs surface in conversations.

Always in the mix:

  • CCB publications, the framework spreadsheet, implementation guides.
  • EU NIS2 directive text + Belgian transposition law.
  • ENISA reports + threat-landscape updates.
  • Named industry sources (Ahrefs and SE Ranking for SEO methodology; audit-firm notes and trade press for compliance).

Plus signal from interactions:

  • MSP partners asking the same question twice (probable gap in CyberLearn).
  • r/msp threads and LinkedIn discussions where audit reality surfaces.
  • Conferences (Cybersec Europe, MSP events) and what circulates in the hallways.
  • Sector trends that keep recurring in search data or client conversations.

If a source consistently produces signal, it stays. If it stops, it gets dropped. External claims are linked in-line. Click through and verify.

When "last reviewed" actually changes

The date at the top of every article only updates when a human has actually re-read and edited it. Not on rebuilds. Not on translation passes. Not "because it's been a while." Substantive changes are summarised on the updates log.

See the updates log →

What we don't do

  • No fabricated numbers. A number without a primary source isn't there, or it's explicitly marked as an estimate.
  • No topics where Tom has neither experience nor source access.
  • No copy-paste from competing sites dressed as original.
  • No clickbait headlines that don't match the content underneath.
  • No passthrough without review. AI output without Tom's hand on it doesn't ship, in any language.

If you've been quietly drowning in this too…

Same curated knowledge base, three doors. Pick what fits your role. All in NL/FR/EN, updated when CCB or the EU publishes anything new. CyberLearn and CyberWeekly are public and free; the micro-learning ships through our MSP partners to their end clients.

CyberLearn

The reference library. CyFun, NIS2, audit-prep. For whoever needs to dive in.

Open CyberLearn →

CyberWeekly

The Wednesday digest for MSPs and IT partners. What changed and why it matters for your clients.

CyberWeekly archive →

Micro-learning

Delivered to the SME end clients of our MSP partners, as part of their ECP offering. One concrete thing per week, two minutes to read. No jargon.

See a microlearning example →

Spotted a factual error? An interpretation you'd push back on? A topic we should cover?

Email Tom directly →

→ How we work: AI skills

TARS AI