Intigriti & Shield partner to boost healthcare cyber security

Intigriti has entered into a partnership with non-profit Shield to provide vulnerability disclosure support for Belgian healthcare organisations within the Federal Public Service (FPS) Health framework agreement, focusing on compliance with NIS2 requirements.

The agreement is intended to assist critical national infrastructure organisations, such as hospitals, in Belgium as they address mandatory obligations arising from the updated Network and Information Security Directive (NIS2), which places an increased emphasis on transparent vulnerability management and disclosure procedures.

Shield's mission

Shield was launched in 2024 to increase the level of security maturity within the healthcare and education sectors. By fostering a collaborative community and securing partnerships with security solution providers, Shield seeks to help these sectors confront wide-ranging security challenges.

Explaining the rationale for the partnership, Wendy Roodhooft, Security Architect for Shield, commented on the growing complexity of regulatory requirements and the operational impact on hospitals and healthcare members. She stated:

"The partnership with Intigriti provides a vital cornerstone to our members' security posture. Aside from being recognised best practice, vulnerability disclosure is also now mandatory for NIS2. Intigriti can now work closely with our members to alleviate the increased burden of NIS2 compliance paperwork while allowing members to focus on addressing the most important, verified vulnerabilities quickly."

Regulatory change

The introduction of NIS2 has led to a stricter regulatory landscape for European critical infrastructure, with a particular focus on healthcare, in which hospitals are handling increased amounts of sensitive data and facing a rising volume of targeted cybercrime. This regulatory framework now obliges organisations to implement structured vulnerability disclosure processes, underlining the need for efficient solutions that support compliance while remaining operationally manageable for institutions with limited cybersecurity resources.

Healthcare institutions are increasingly reliant on agile software development and continuous deployment, which can bring security trade-offs. The rapidly evolving digital landscape has driven greater investment into proactive security processes such as crowdsourced security, vulnerability disclosure, and bug bounty programmes as part of a broad effort to protect patient data and institutional trust.

Intigriti's approach

Intigriti operates a global platform connecting ethical hackers with organisations, simulating real-world attack techniques to uncover previously unknown vulnerabilities. Through this approach, healthcare security teams, developers and IT professionals can accelerate the identification and resolution of security issues.

Speaking about Intigriti's involvement in the new partnership, Stijn Jans, CEO of Intigriti, said:

"Intigriti is a committed partner in the Shield community, actively supporting its growth, collaboration, and continuous security improvement. Beyond providing a scalable crowdsourced security platform, we work closely with Shield members to foster engagement, knowledge sharing, and operational excellence. We believe that strong partnerships are the foundation of a mature security journey that will support the Shield community and associated healthcare and education organizations to deliver continuous, proactive security testing in order to identify and address vulnerabilities before they can be exploited."

Guus van Delft, Senior Sales Director at Intigriti, added:

"Together with The Security Factory, we're combining forces to offer Shield unparalleled access to agile penetration testing, ethical hacking services, and on-prem expertise. We're looking forward to this collaboration and the value it will bring to the Shield community. Let's make security smarter, stronger, and more collaborative!"

Core benefits

The partnership delivers a secure and managed bug bounty platform for continuous system evaluation, with vetted ethical hackers conducting crowdsourced testing. Intigriti and Shield have also committed to classifying assets by criticality, enabling the prioritisation of bounty programmes and more targeted allocation of resources. Secure mechanisms for reporting, validating, and communicating about vulnerabilities are designed to facilitate efficient collaboration between researchers and member organisations.

Broader sector engagement is supported while maintaining the autonomy of individual Shield members, as the programme is designed to provide guidance on interpretation and operationalisation of NIS2 and other regulatory compliance requirements.

Impact for the Shield community

For Shield members, Intigriti delivers a strategic partnership aligning security testing plans with community needs. Operational support is also provided, with Intigriti's team assisting members in the setup, maintenance and optimisation of vulnerability disclosure and bug bounty programmes. The agreement gives members access to Intigriti's global network of security researchers, offering regular knowledge sharing and the latest trends in crowd security.

By supporting responsible vulnerability reporting and empowering healthcare IT teams to focus on timely remediation, the partnership aligns with the growing demands for transparency, verifiable protection, and compliance under updated European regulations.