Many Dutch organizations cannot fend off or detect basic digital attacks, partly because they are lagging behind in terms of security. The Cyber Security Council (CSR) warns the new cabinet that hundreds of millions of euros extra must be invested to boost cyber security.
It is not the first time that the government has been warned. For example, the security services AIVD, MIVD and the National Coordinator for Counterterrorism and Security (NCTV) wanted even more budget in February to keep Chinese and Russian state hackers, among others, out of Dutch systems.
At the moment, cyber resilience in the Netherlands is not sufficient to face increasing threats, the CSR writes in its report published Tuesday, which was drawn up on behalf of outgoing minister Ferd Grapperhaus (Justice and Security). Several issues are cited in the report. For example, security at many companies is so poor that basic attacks cannot be parried. “This also applies to organizations that are part of vital processes,” the CSR writes.
Because security is inadequate, the police and the Public Prosecution Service also have their hands full. In addition, according to the Council, there is insufficient knowledge of cybercrime among the investigative services.
Investment of 833 million euros required
The CSR advocates a ministerial sub-council for digital affairs. Authorities must also work together better to tackle digital threats.
To get the level of cyber resilience up to standard, the Netherlands must invest 833 million euros, says the CSR. That is an investment on top of the expenditures and budgets already allocated for this. The money must go towards tackling cybercrime, among other things.