Cyber Security Council Publishes Recommendations for Dutch Cyber Security Strategy
On 13 January, The Cyber Security Council (CSC) presented an advisory letter pertaining to the Dutch Cyber Security Strategy to the Minister of Justice and Security. The council sees the current strategy as a solid basis for the future of our digital society. The council offered further recommendations to strengthen three focus areas within the strategy, to make its implementation more impactful.
The CSC advised the cabinet to increase control of cybersecurity on all levels, and to implement additional intervention to strengthen our digital autonomy. The council also called for more attention for knowledge development, research and innovation. Especially training and attracting sufficient cybersecurity personnel and central governmental investments in several essential research themes were strong recommendations.
Increase control of cybersecurity on all levels
To achieve all the goals set out by the Dutch Cyber Security Strategy in time, the council calls for an increase of control of cybersecurity on all levels. Currently, they do not see sufficient cohesion between the strategy and other initiatives on digitalisation published by other departments. The connection to future strategic initiatives should likewise be made explicit. This could also be a reason to adjust the goals of the strategy itself to increase flexibility. The council has included a number of sidenotes in their advice for implementation as well.
Strengthening of digital autonomy
The Cyber Security Council recommends steering towards the subject of digital autonomy as a subject from a broad perspective, and to make the explicit connection with cybersecurity. Over the past few years the council has seen the Netherlands become dependent on other countries and large organisations outside of the European Union. Especially in domains where this has been observed, the demands for the development and origins of ICT solutions should be increased, for example during purchasing and public tender.
Stimulation of knowledge development, research and innovation
Training and attracting sufficiently qualified cybersecurity personnel is an important pre-condition for succesful implementation of the Dutch Cyber Security Strategy. The Netherlands should remain a competing knowledge economy, the council recommends. The current staff shortages are already leading to stagnation in several domains, and extra security risks are developing. The announced research into diverse staff shortages are therefore seen as urgent, and require strong follow-through with clear set goals under the current government, according to the council.
Lastly, the council sees the deepening of cybersecurity (and cybercrime) knowledge within the Netherlands as a necessity. This knowledge should be more available for ourselves and our partners. Fundamental and applied scientific research is indispensible in realising this, especially when it comes to domains that impact our national and economic security. Central control, coordination and government funding are essential to achieve this. The advice issued by the Cyber Security Council has been sent to the ministers of Economic Affairs and Climate Policy, as well as the minister of Education, Culture and Science and the Secretary of State of Kingdom Relations and Digitalisation.