Last Updated: September 2021

CYBERSECURITY POLICY

Strategy Documents

National Cyber Security Assessment (CSAN) 2021 Ministry of Security and Justice

Provides insight into threats, interests and resilience in relation to cyber security and the effect these factors have on national security.

Source Source 2 2021

Defence Cyber Strategy Ministry of Defence

The Ministry of Defence is investing in cyber capabilities in order to:

be in control of its own IT and weapon systems at all times and to safeguard its cyber resilience; further improve its intelligence regarding who poses a threat to our national security in the cyber domain; have more capabilities at its disposable for the disruption and deterrence of cyber attacks; safeguard, together with civil partners, the security of the Netherlands and of its vital infrastructure and processes in the unfortunate event of a military conflict in which offensive cyber assets are deployed; deploy cyber assets effectively in order to gain and retain superiority in military operations.

Source November 2018

Integrated International Security Strategy (IISS) 2018-2022 Foreign Ministry

Emphasizes cyber threats as one of the most important threats facing the Netherlands; Acknowledges that the threat of hybrid and cyber warfare will continue to increase; Strives for successfully developing clear international norms relating to cyberspace.

Source Source 2 May 2018

National Cyber Security Agenda Ministry of Security and Justice

Built on seven principles:

1. Cybersecurity is an integral part of Dutch national security; 2. The foundation of good cybersecurity is public-private cooperation; 3. Government represents public interests and sets good example; 4. Emphasis on knowledge sharing; 5. Must make cybersecurity mainstream; 6. Digital domain is inherently global and borderless; 7. Must navigate tensions between different sectors' interests.

Principles leading to seven ambitions:

1. Achieve adequate detection, mitigation, and response capabilities; 2. Contribute to international digital peace and security; 3. Become a leader in digitally secure hardware and software; 4. Achieve resilient processes and infrastructure; 5. Establish successful barriers against cybercrime; 6. Lead in cybersecurity knowledge development; 7. Develop strong integration between private and public sectors. Netherlands Last Updated: September 2021

Source April 2018

International Cyber Strategy: Building Bridges Foreign Ministry

Explains the Dutch government's approach to international cooperation on cyber issues; Outlines Dutch interests and threats; Defines challenges facing international cooperation; Highlights six areas for emphasis in any international discussion: Economic growth and development of the internet; Effective internet governance; Further enhancement of cybersecurity; Cybercrime; International peace, security and stability; Rights and internet freedom.

Source Source 2 13 February 2017

Netherlands Defense Doctrine Ministry of Defence

Identifies cyber threats as increasingly significant Lists cyber as part of the ""information domain"" of military operations Notes role of cyber in intelligence, as well as both defensive and offensive military operations Notes effectiveness of a cyber attack is unpredictable

Source 2013

Implementation Frameworks

National Manual on Decision-making in Crisis Situation National Cyber Security Centre (NCSC)

Applied during an (threatening) ICT crisis; Outlines the NCSC's leadership role in crises, as well as its role in facilitating public-private cooperation.

Source 2016

STRUCTURE

National Centre or Responsible Agency

National Cyber Security Centre (NCSC) Ministry of Security and Justice (falls under), National Coordinator for Security and Counterterrorism (NCTV) (part of)

Main activities:

Response to threats and incidents (serves as national CERT); Perception and action prospects; Improving crisis management; Cyber security collaboration platform

Source Source 2 January 2012 Netherlands Last Updated: September 2021

Key Positions

Director National Cyber Security Center (NCSC)

Mr. Hans de Vries serves as a Director of the National Cyber Security Center (2021).

Source

Head of International Cyber Policy Department Ministry of Foreign Affairs Source

Ambassador-at-Large Security Policy & Cyber Kingdom of the Netherlands

H.E. Nathalie Jaarsma serves as Ambassador-at-Large Security Policy & Cyber (2021).

Source Source 2

Dedicated Agencies and Departments

Dutch Cyber Security Council (Nederlandse Cyber Security Raad, CSR)

Independent national and strategic advisory body, formed by ministerial order, advises the government. Tasked with providing strategic guidance to the Dutch Cabinet on cyber security matters and overseeing the implementation of the national cyber security strategy

Source Source 2 2011

National CERT or CSIRT

National Cyber Security Centre (NCSC) Ministry of Security and Justice

The NCSC is a key figure in the operational coordination at a major ICT crisis and the Computer Emergency Response Team (CERT) for the Dutch government.

Source Source 2

Z-CERT (Computer Emergency Response Team for Healthcare)

Z-CERT has been designated as the computer emergency response team for the entire healthcare sector (Network and Information Systems Security Act) since January 2020. Z-CERT offers specialized services to healthcare institutions with regards to optimal cyber security protection, and offers support in case an incident has occurred.

Source Source 2 January 2020 Netherlands Last Updated: September 2021

LEGAL FRAMEWORK

Legislation

Computer Crime Act III (wet Computercriminaliteit III)

Source Source 2 1 March 2019

Personal Data Protection Act Implementation of the Directive 95/46/EC of the European Parliament and of the Council of the EU Source 2000

Views on International Law

Appendix: International Law in Cyberspace

International law is applicable to cyberspace; Includes section on the sovereignty, non-intervention, the use of force, and the due dilligence; Netherlands believes that respect for the sovereignty of other countries is an obligation in its own right, the violation of which may in turn constitute an internationally wrongful act; States have an obligation to respect the sovereignty of other states and to refrain from activities that constitute a violation of other countries’ sovereignty; The non-intervention principle, like the sovereignty principle from which it stems, applies only between states;

Source Source 2 26 September 2019

COOPERATION

Multilateral Agreements

Budapest Convention PARTY Source 1 March 2007 (entry into force)

UN Processes

Represented at the Group of Governmental Experts on Developments in the Field of Information and Telecommunications in the Context of International Security

Source 2016/2017, 2019/2021

Expressed views to the Annual Report of the UN Secretary-General on Developments in the Field of Information and Telecommunications in the Context of International Security

Source Netherlands Last Updated: September 2021

2011, 2013, 2015, 2017

Expressed Views at the Open-Ended Working Group on Developments in the Field of Information and Telecommunications in the Context of International Security

Source Source 2 2019/2020/2021

Bilateral and Multilateral Cooperation

First Indonesia-Netherlands Dialogue on International Cyber ​​Policy: Joint Declaration Ambassador-at-Large for Security Policy and Cyber; Representatives from the Ministry of Foreign Affairs, the Ministry of Justice and Security, the National Coordinator for Security and Counterterrorism, the National Police and the Dutch Embassies in Jakarta and Singapore.

The first Indonesia-Netherlands Cyber Policy Dialogue was held virtually on 21 January 2021. The dialogue reinforced the close cyber cooperation and partnerships between the two countries in the areas of the normative international framework, capacity building, counterterrorism and disinformation in the context of cyberspace, and national policies to increase cyber security, to improve digital resilience of companies and communities, and to prevent and counter cybercrime.

Source 21 January 2021

Memorandum of Understanding, MOJS Netherlands – MHA Singapore Ministry of Justice and Security

Cooperation in science and technology concerning homeland and civil security matters; Future cooperative activities may include, but are not limited to, the areas of Forensics, Blockchain technology, Artificial Intelligence and Cybersecurity.

Source Source 2 17 April 2019

Permanent Structured Cooperation on security and defence (PESCO)

Member; Comprises two projects on cybersecurity out of 17 projects: (1) cyber threats and incident response information sharing platform; and (2) cyber rapid response teams and mutual assistance in cyber security.

Source Source 2 11 December 2017 (decision adopted by the European Council)

U.S.-Netherlands Bilateral Call for Proposals in Cyber Security NCSC, US Department of Homeland Security, Science and Technology Directorate's, and Cyber Security Division.

US-Netherlands bilateral call to provide funding for collaborative cybersecurity research projects conducted by joint US-Dutch teams.

Source 18 May 2017

Cooperation, Senegal-Netherlands

Cooperation to exchange practical steps and expertise to address cybersecurity issues in Senegal and the broader West African region through reviews and expert meetings.

Source Netherlands Last Updated: September 2021

2016

Global Forum on Cyber Expertise, Member

A global platform for countries, international organizations and private companies to exchange best practices and expertise on cyber capacity building.

Source 16 April 2015 (Member since)

Benelux Memorandum of Understanding on Cyber Security (, , Netherlands) Minister of Security and Justice

• Initiatives to exchange information and expertise;

Sharing of best practices; Agreement between ministers for talks about Cyber Security on a regular basis

Source April 2011

Select Activities

Global Commission on the Stability of Cyberspace (GCSC) Foreign Minister

Launched at the Munich Security Conference; Brings together 24 independent experts from 15 countries; Tasked with proposing standards for conduct in cyberspace.

Source 18 February 2017

Membership

European Union (EU)

International Telecommunications Union (ITU)

North Atlantic Treaty Organization (NATO)

Organization for Security and Co- operation in Europe (OSCE)

United Nations (UN)