National cybersecurity organisations to join forces

The National Cyber Security Centre (NCSC), the Digital Trust Center (DTC) and the Cyber Security Incident Response Team for digital service providers (CSIRT-DSP) will merge into a single centre of expertise and information hub. Pooling the knowledge and information around cybersecurity, statutory tasks and service provision during major incidents will improve the digital resilience of the Netherlands. This new organisation will be providing appropriate information and knowledge to all Dutch organisations, great and small, public and private, critical and non-critical.

Ministers Dilan Yeşilgöz-Zegerius (Justice and Security) and Micky Adriaansens (Economic Affairs and Climate Policy), whose portfolios include these cybersecurity organisations, informed Parliament today about the findings of an investigation into the possibilities of cooperation.

Government agencies work for different target groups

While the government agencies have the same goals, they work for different target groups. The primary target groups of the NCSC are the organisations that are part of the critical infrastructure, such as banks, energy and telecom providers, and the national government itself; the DTC serves the business community; and the CSIRT-DSP serves digital service providers. The government’s two Cyber Security Incident Response Teams (NCSC and CSIRT-DSP) will merge in 2024. Next, the two information hubs and centres of expertise (NCSC and DTC) will merge in 2026.

Minister Dilan Yeşilgöz-Zegerius (Justice and Security):

‘We live an increasing part of our lives online, and criminals are aware of this. In addition, the current state of the world, with an ongoing war on the eastern flank of Europe, makes this issue more relevant than ever. We need to improve our digital resilience and our ability to deflect cyber attacks. It is important to avoid a fragmented approach as several organisations deal with this. This is why a single organisation, to be called NCSC, will be taking this forward. In this way, we can pool our resources in the fields of knowledge, information sharing and know-how if an incident does occur.’

Minister Micky Adriaansens (Economic Affairs and Climate Policy):

‘We are all aware of the importance of digital resilience, for instance in a situation where the Internet is unavailable due to a cyber attack, leading to empty shops or even the shutdown of industrial production. Digital devices and systems are everywhere. This provides opportunities to our businesses and convenience to consumers, but it also requires us to improve our digital resilience. The national government has a part to play in this, which includes knowledge sharing, up-to-date legislation and expertise in the case of major incidents. It will be advantageous to have one single organisation that can provide clarity and contribute to our digital effectiveness.’

More efficient and more effective

Creating a single organisation will allow the central government to deploy its cybersecurity capacities more efficiently and more effectively. The new organisation will combine the roles of national centre of expertise, information hub as well as national Computer Security Incident Response Team (CSIRT). This pooling of resources will also improve efficiency in the field of joint management, accommodation and ICT.