With digital technology now penetrating into the core of our businesses, production processes and public institutions, it becomes increasingly important that the technology is secure and trustworthy and complies with legal and ethical standards. More security is necessary, especially since the technology is highly complex, changes quickly and its risks are at the expense of the user. That is why confidence in technological expertise, compliance with agreements, standards and laws, and the focus on your interest of the supplier or implementation partner, is good but not always sufficient.
It is time for a next step towards:
- Ensuring compliance of digital technology with laws and regulation (i.a. GDPR) and providing assurance that products/services/processes do what they are suppose to (and nothing more). We will aim for more standardisation and certification, both in the Netherlands via initiatives at he Centre for Crime Prevention and Safety and the Online Trust Coalition, and in Europe via the European Commission.
- Sharing information about cyber vulnerabilities and incidents between government and businesses, and among businesses. Some important steps have been taken towards a ‘National covered system’, but there is more to be done. Securely sharing information between NCSC, DTC and other certs, and with cybersecurity partnerships, has to improve soon. Information that can help businesses guard themselves against concrete forms of ill intentions and damage cannot only reside at the government. Additionally, business should have the possibility to share information about incidents and threats that they experience themselves with others, so that they can be better prepared.
- Besides secure products and services, and information about current threats and vulnerabilities, it is also vital to practice how to act during an incident, including a situation in which some employees are working from home and others from the office. Therefore, we will once again draw attention to our exercise scenario and update it where necessary.
The new digital world offers many opportunities. This also increases dependence and vulnerability. By working together and sharing information and knowledge, we are all getting better and safer and we are creating new opportunities for these threats. We are working on this, both within the CIO Platform Nederland, and with the government and other parties outside.
Information Security news
Advisory report NL Cyber Security Council advises an integrated approach to cyber resilience with management at the highest level
Information Security events
Virtual meeting CEG Information Security
This CEG shares knowledge and experience on topics such as: cybercrime, privacy, creating awareness and how to deal with data leaks. A recurring topic on the agenda is an update about cyber security in the Netherlands.18 May
(C)ISO Drinks & Bites
Together with the board of the CIO Platform Nederland, we will start the summer period with an informal networking meeting includings drinks & BBQ. This meeting is conditional on the measures that will be in place by then and is, of course, completely corona-proof. (This event is for members of the CEG Information Security and based on personal invitation and registration!)15 Jun