Dutch government cybersecurity organizations intensify cooperation on warnings of cyber threats

Three Dutch government cybersecurity organizations are joining forces to establish a unified reporting platform for threats and vulnerabilities. The collaborative effort is a crucial step in their preparation for the eventual integration into a single national cyber organization by the end of 2025. 

The initiative empowers these agencies to enhance cooperation, ensuring that every entity in the Netherlands, whether public or private, vital or non-vital, small or large, receives timely alerts if they fall victim to or become targets of cyber threats. This aligns with the core objective of the Dutch Cybersecurity Strategy, providing a clearer perspective on cybersecurity threats.

Focused on intensifying cooperation on warnings of cyber threats, the three agencies are the National Cyber ​​Security Center (NCSC), part of the Ministry of Justice and Security, the Computer Security Incident Response Team for digital services (CSIRT-DSP), and the Digital Trust Center (DTC), both part of the Ministry of Economic Affairs and Climate. Their shared objective is to enhance digital safety in the Netherlands.

“Every day the government receives information about vulnerable or hacked systems. This could, for example, concern software that contains an error, systems on which malware has been installed by cyber criminals, or systems that can be abused at any time for a ransomware attack,” according to an NCSC post published Tuesday. “NCSC, CSIRT-DSP, and DTC receive this information from security researchers, ethical hackers, and domestic and foreign partners. It is essential to quickly get this information to the victim or potential target company. The company can then take action to prevent or reduce damage.”

Furthermore, if the government has information about a cyber threat to an organization or company in the Netherlands, the government will send a warning message. The warning can be addressed to the network owner or the (end) user of the vulnerable system. There are now three different senders of these notifications because each cyber organization serves its own target group. 

The NCSC warns vital companies, the central government, and link organizations. The CSIRT-DSP warns digital service providers and the DTC warns the rest of the Dutch business community. After the integration of these three cyber organizations at the end of 2025, there will be only one sender.

The post identified that the digital resilience of the Netherlands is too important to be left to fragmentation. “That is why it has been decided to work with a single point of contact where security researchers, ethical hackers, and domestic and foreign partners can share information about cyber threats and incidents so that victims or targets can be informed. This counter is part of the NCSC as a national CERT and can be reached via [email protected].” 

It added that the NCSC assesses the quality of the report and activates the notification process at the three organizations. “A transparent and unambiguous assessment framework has been drawn up for this purpose. This assessment framework applies the principle of ‘sharing as far as possible.’”

Looking ahead, the NCSC post identified that there is also extensive cooperation between the three cyber organizations in other areas. “For example, each other’s IT systems are already used. In the coming months, the organizations will continue to work on one integrated, scalable, and robust warning service to support businesses in the Netherlands with the digital security of their IT systems.”

In July, the Cybersecurity Assessment Netherlands 2023 (CSAN 2023) report highlighted the importance of operational technology (OT) security despite facing challenges. It warns of state actors using cyberattacks for geopolitical goals, extortion as a lucrative business model, and new technologies like AI (artificial intelligence) posing new threats. The Dutch report emphasizes the need for broader risk management and integration of digital risks into national security risks.

Anna Ribeiro

Industrial Cyber News Editor. Anna Ribeiro is a freelance journalist with over 14 years of experience in the areas of security, data storage, virtualization and IoT.