Netherlands Last Updated: September 2021
CYBERSECURITY POLICY
Strategy Documents
National Cyber Security Assessment (CSAN) 2021 Ministry of Security and Justice
Provides insight into threats, interests and resilience in relation to cyber security and the effect these factors have on national security.
Source Source 2 2021
Defence Cyber Strategy Ministry of Defence
The Ministry of Defence is investing in cyber capabilities in order to:
be in control of its own IT and weapon systems at all times and to safeguard its cyber resilience; further improve its intelligence regarding who poses a threat to our national security in the cyber domain; have more capabilities at its disposable for the disruption and deterrence of cyber attacks; safeguard, together with civil partners, the security of the Netherlands and of its vital infrastructure and processes in the unfortunate event of a military conflict in which offensive cyber assets are deployed; deploy cyber assets effectively in order to gain and retain superiority in military operations.
Source November 2018
Integrated International Security Strategy (IISS) 2018-2022 Foreign Ministry
Emphasizes cyber threats as one of the most important threats facing the Netherlands; Acknowledges that the threat of hybrid and cyber warfare will continue to increase; Strives for successfully developing clear international norms relating to cyberspace.
Source Source 2 May 2018
National Cyber Security Agenda Ministry of Security and Justice
Built on seven principles:
1. Cybersecurity is an integral part of Dutch national security; 2. The foundation of good cybersecurity is public-private cooperation; 3. Government represents public interests and sets good example; 4. Emphasis on knowledge sharing; 5. Must make cybersecurity mainstream; 6. Digital domain is inherently global and borderless; 7. Must navigate tensions between different sectors' interests.
Principles leading to seven ambitions:
1. Achieve adequate detection, mitigation, and response capabilities; 2. Contribute to international digital peace and security; 3. Become a leader in digitally secure hardware and software; 4. Achieve resilient processes and infrastructure; 5. Establish successful barriers against cybercrime; 6. Lead in cybersecurity knowledge development; 7. Develop strong integration between private and public sectors. Netherlands Last Updated: September 2021
Source April 2018
International Cyber Strategy: Building Bridges Foreign Ministry
Explains the Dutch government's approach to international cooperation on cyber issues; Outlines Dutch interests and threats; Defines challenges facing international cooperation; Highlights six areas for emphasis in any international discussion: Economic growth and development of the internet; Effective internet governance; Further enhancement of cybersecurity; Cybercrime; International peace, security and stability; Rights and internet freedom.
Source Source 2 13 February 2017
Netherlands Defense Doctrine Ministry of Defence
Identifies cyber threats as increasingly significant Lists cyber as part of the ""information domain"" of military operations Notes role of cyber in intelligence, as well as both defensive and offensive military operations Notes effectiveness of a cyber attack is unpredictable
Source 2013
Implementation Frameworks
National Manual on Decision-making in Crisis Situation National Cyber Security Centre (NCSC)
Applied during an (threatening) ICT crisis; Outlines the NCSC's leadership role in crises, as well as its role in facilitating public-private cooperation.
Source 2016
STRUCTURE
National Centre or Responsible Agency
National Cyber Security Centre (NCSC) Ministry of Security and Justice (falls under), National Coordinator for Security and Counterterrorism (NCTV) (part of)
Main activities:
Response to threats and incidents (serves as national CERT); Perception and action prospects; Improving crisis management; Cyber security collaboration platform
Source Source 2 January 2012 Netherlands Last Updated: September 2021
Key Positions
Director National Cyber Security Center (NCSC)
Mr. Hans de Vries serves as a Director of the National Cyber Security Center (2021).
Source
Head of International Cyber Policy Department Ministry of Foreign Affairs Source
Ambassador-at-Large Security Policy & Cyber Kingdom of the Netherlands
H.E. Nathalie Jaarsma serves as Ambassador-at-Large Security Policy & Cyber (2021).
Source Source 2
Dedicated Agencies and Departments
Dutch Cyber Security Council (Nederlandse Cyber Security Raad, CSR)
Independent national and strategic advisory body, formed by ministerial order, advises the government. Tasked with providing strategic guidance to the Dutch Cabinet on cyber security matters and overseeing the implementation of the national cyber security strategy
Source Source 2 2011
National CERT or CSIRT
National Cyber Security Centre (NCSC) Ministry of Security and Justice
The NCSC is a key figure in the operational coordination at a major ICT crisis and the Computer Emergency Response Team (CERT) for the Dutch government.
Source Source 2
Z-CERT (Computer Emergency Response Team for Healthcare)
Z-CERT has been designated as the computer emergency response team for the entire healthcare sector (Network and Information Systems Security Act) since January 2020. Z-CERT offers specialized services to healthcare institutions with regards to optimal cyber security protection, and offers support in case an incident has occurred.
Source Source 2 January 2020 Netherlands Last Updated: September 2021
LEGAL FRAMEWORK
Legislation
Computer Crime Act III (wet Computercriminaliteit III)
Source Source 2 1 March 2019
Personal Data Protection Act Implementation of the Directive 95/46/EC of the European Parliament and of the Council of the EU Source 2000
Views on International Law
Appendix: International Law in Cyberspace
International law is applicable to cyberspace; Includes section on the sovereignty, non-intervention, the use of force, and the due dilligence; Netherlands believes that respect for the sovereignty of other countries is an obligation in its own right, the violation of which may in turn constitute an internationally wrongful act; States have an obligation to respect the sovereignty of other states and to refrain from activities that constitute a violation of other countries’ sovereignty; The non-intervention principle, like the sovereignty principle from which it stems, applies only between states;
Source Source 2 26 September 2019
COOPERATION
Multilateral Agreements
Budapest Convention PARTY Source 1 March 2007 (entry into force)
UN Processes
Represented at the Group of Governmental Experts on Developments in the Field of Information and Telecommunications in the Context of International Security
Source 2016/2017, 2019/2021
Expressed views to the Annual Report of the UN Secretary-General on Developments in the Field of Information and Telecommunications in the Context of International Security
Source Netherlands Last Updated: September 2021
2011, 2013, 2015, 2017
Expressed Views at the Open-Ended Working Group on Developments in the Field of Information and Telecommunications in the Context of International Security
Source Source 2 2019/2020/2021
Bilateral and Multilateral Cooperation
First Indonesia-Netherlands Dialogue on International Cyber Policy: Joint Declaration Ambassador-at-Large for Security Policy and Cyber; Representatives from the Ministry of Foreign Affairs, the Ministry of Justice and Security, the National Coordinator for Security and Counterterrorism, the National Police and the Dutch Embassies in Jakarta and Singapore.
The first Indonesia-Netherlands Cyber Policy Dialogue was held virtually on 21 January 2021. The dialogue reinforced the close cyber cooperation and partnerships between the two countries in the areas of the normative international framework, capacity building, counterterrorism and disinformation in the context of cyberspace, and national policies to increase cyber security, to improve digital resilience of companies and communities, and to prevent and counter cybercrime.
Source 21 January 2021
Memorandum of Understanding, MOJS Netherlands – MHA Singapore Ministry of Justice and Security
Cooperation in science and technology concerning homeland and civil security matters; Future cooperative activities may include, but are not limited to, the areas of Forensics, Blockchain technology, Artificial Intelligence and Cybersecurity.
Source Source 2 17 April 2019
Permanent Structured Cooperation on security and defence (PESCO) European Union
Member; Comprises two projects on cybersecurity out of 17 projects: (1) cyber threats and incident response information sharing platform; and (2) cyber rapid response teams and mutual assistance in cyber security.
Source Source 2 11 December 2017 (decision adopted by the European Council)
U.S.-Netherlands Bilateral Call for Proposals in Cyber Security NCSC, US Department of Homeland Security, Science and Technology Directorate's, and Cyber Security Division.
US-Netherlands bilateral call to provide funding for collaborative cybersecurity research projects conducted by joint US-Dutch teams.
Source 18 May 2017
Cooperation, Senegal-Netherlands
Cooperation to exchange practical steps and expertise to address cybersecurity issues in Senegal and the broader West African region through reviews and expert meetings.
Source Netherlands Last Updated: September 2021
2016
Global Forum on Cyber Expertise, Member
A global platform for countries, international organizations and private companies to exchange best practices and expertise on cyber capacity building.
Source 16 April 2015 (Member since)
Benelux Memorandum of Understanding on Cyber Security (Belgium, Luxembourg, Netherlands) Minister of Security and Justice
• Initiatives to exchange information and expertise;
Sharing of best practices; Agreement between ministers for talks about Cyber Security on a regular basis
Source April 2011
Select Activities
Global Commission on the Stability of Cyberspace (GCSC) Foreign Minister
Launched at the Munich Security Conference; Brings together 24 independent experts from 15 countries; Tasked with proposing standards for conduct in cyberspace.
Source 18 February 2017
Membership
European Union (EU)
International Telecommunications Union (ITU)
North Atlantic Treaty Organization (NATO)
Organization for Security and Co- operation in Europe (OSCE)
United Nations (UN)