With digital technology now penetrating into the core of our businesses, production processes and public institutions, it becomes increasingly important that the technology is secure and trustworthy and complies with legal and ethical standards. More security is necessary, especially since the technology is highly complex, changes quickly and its risks are at the expense of the user. That is why confidence in technological expertise, compliance with agreements, standards and laws, and the focus on your interest of the supplier or implementation partner, is good but not always sufficient.
It is time for a next step towards:
- Ensuring compliance of digital technology with laws and regulation (i.a. GDPR) and providing assurance that products/services/processes do what they are suppose to (and nothing more). We will aim for more standardisation and certification, both in the Netherlands via initiatives at he Centre for Crime Prevention and Safety and the Online Trust Coalition, and in Europe via the European Commission.
- Sharing information about cyber vulnerabilities and incidents between government and businesses, and among businesses. Some important steps have been taken towards a ‘National covered system’, but there is more to be done. Securely sharing information between NCSC, DTC and other certs, and with cybersecurity partnerships, has to improve soon. Information that can help businesses guard themselves against concrete forms of ill intentions and damage cannot only reside at the government. Additionally, business should have the possibility to share information about incidents and threats that they experience themselves with others, so that they can be better prepared.
- Besides secure products and services, and information about current threats and vulnerabilities, it is also vital to practice how to act during an incident, including a situation in which some employees are working from home and others from the office. Therefore, we will once again draw attention to our exercise scenario and update it where necessary.
The new digital world offers many opportunities. This also increases dependence and vulnerability. By working together and sharing information and knowledge, we are all getting better and safer and we are creating new opportunities for these threats. We are working on this, both within the CIO Platform Nederland, and with the government and other parties outside.
Information Security news
Reaction CIO Platform Nederland to legislative proposal to enable sharing of cybersecurity information
Advisory report NL Cyber Security Council advises an integrated approach to cyber resilience with management at the highest level
Information Security events
Round table ‘Value of Cyber security investments
Attention to the value and costs of information security/cybersecurity has been increasing for years. This applies to almost all organizations in all industries and in government. From the CIO Committee (CC) Information Security, we facilitate these round tables to exchange experiences.05 Oct
Virtual meeting CEG Information Security
Cybersecurity is an important and growing point of attention for our members. The security experts working for our members exchange knowledge and experiences on this subject in a confidential environment and help each other with all relevant cyber security related issues. The aim is to strengthen the cyber resilience of the Netherlands and Dutch companies.12 Oct