Skip to content
Cooperation essential for the Dutch Cyber Security Strategy

Blog post -

Cooperation essential for the Dutch Cyber Security Strategy

On 10 October, the Dutch government published the Dutch Cybersecurity Strategy (NLCS) 2022-2028, which builds on the Dutch Cybersecurity Agenda published in 2018. This strategy not only describes the ambitions for a digitally secure society, but also sets out the NLCS Action Plan 2022-2028. Many of the actions laid down in the plan can only be taken up together with stakeholders from both the public and private sector. However, this cooperation will not happen by itself. There are two main challenges.

The NLCS has four pillars: digital resilience of the government, companies and civil society organisations; secure and innovative digital products and services; countering digital threats from states and criminals; and, the cybersecurity labour market, education and the digital resilience of citizens. The strategy is wide-ranging, with more than 130 actions that must be carried out together with public, private and scientific organisations. To this end, an integral public-private management model will be established at the beginning of next year.

The bottom line is that 'cooperation' is essential to the strategy. It is stated that this cooperation can be voluntary, but not without obligation. Of course, cooperation is not mandatory in the current system. And ’voluntary’ can only be realised if partners (public and private) feel joint ownership.

Currently, public-private partnerships within the cyber landscape are mainly characterised by good intentions, but often lack reciprocity in cooperation. Private organisations share information, knowledge and expertise for the benefit of the national interest, certainly, but what do these organisations gain from it? In other words, what is the reciprocity of this cooperation? In our experience, this is often limited or non-existent.

The first challenge lies in achieving joint ownership. However, this can only be achieved if the government becomes more aware of the drivers and interests of the private sector and is prepared to respond to them. Those interests (for the short or long term) must be clear. Because an investment - as that is what cooperation is all about - is only made if one not only has the confidence that it serves the public interest, but also that it benefits one's own organisation in the long term. Think of financing cooperation processes or long-term forms of cooperation in which security of service plays a role. What, exactly, will be different from party to party, but must be determined for cooperation.

The second challenge is that there are more than 130 actions in the action plan in which private parties must also be involved for success. The concern is that these actions lay claim to the same parties, both public and private. Given the time and capacity required, it is not feasible, for any organisation, to be in countless partnerships at once. Prioritisation of these actions is therefore of the utmost importance.

An example in which both challenges come together is the sharing of security information - a crucial topic which has been the primary subject of conversation for years. We see that such information still does not end up in the right places. A number of activities have been included in the action plan to solve this problem. These actions should be the priority as far as we are concerned.

The first step must be for the intended cooperation parties to meet as soon as possible. Book a meeting room or book a number of workplaces at a startup location. Only through physical presence and consultation comes mutual understanding and trust. Only then do people understand each other's point of view. Because our experience is that only by getting to know each other, making mistakes together and repackaging together, is real cooperation and therefore also the necessary reciprocity achieved.

Fox-IT is ready and prepared to play its part, as we are always aiming to make society digitally safer and more secure.

Willemijn Rodenburg, Relationship Manager Government at Fox-IT



Regional Press Office - Europe

Regional Press Office - Europe

Press contact +31 20 794 4737

NCC Group exists to make the world safer and more secure

In today’s threat landscape understanding the risks organisations and customers are exposed to is more important than ever.

Understanding the impact and how to be more resilient is key to protecting brand, reputation and sensitive customer information. Building a cyber-resilient organization can be a complex process but it’s not impossible.

With our knowledge, experience and global footprint, we help assess, develop and manage cyber resilience posture.

NCC Group Newsroom
XYZ Building, 2 Hardman Boulevard, Spinningfield
M3 3AQ Manchester
United Kingdom