Video message about the CSR Advice 'Integral Approach to Cyber Resilience'

Our society increasingly runs on digital systems.
That adds a lot of value, but also makes us more vulnerable.
We've seen an increase in the number of annual cyber-attacks.
To keep our country cyber safe, we need a different approach.
So the Cyber Security Council has released a report…
entitled Integral Approach to Cyber Resilience…
as a recommendation for the new cabinet…
to integrally implement.
The report focuses on increased direction from government…
as well as significant investments,
more than €800 million for the next government term.
Surrounding countries have a head start in this area.
We have to tackle this together, publicly, privately,
and with the research community.
That's the only way to make this a success.
The Cyber Security Council is advocating for a single,
national cyber security strategy instead of the 19 we have now.
And the strategy will be used to allocate the national budget.
To make that happen, we're also recommending a ministerial sub-council.
That sub-council will include ministers with this topic in their remit...
who will prepare the cabinet for decision making in this area.
The cabinet, led by the prime minister,
will then make decisions about this strategy.
The civil service should also be organised into a collaborative…
that we call a civil service cyber security umbrella,
who will advise the sub-council.
Prioritising this is vital.
We believe that, over the long term, we can devise...
a more solid structure,
but that requires thought about what this means in a Dutch context,
and things like legislative changes that will certainly be necessary.
Neighbouring countries like Belgium, Germany, and England...
already have governing bodies...
to address cybersecurity issues.
And of course this recommendation advises...
including key stakeholders like the business community on the council.
Government and the sciences also have a place...
so it's truly an integrated recommendation,
which is necessary to make the Netherlands more resistant...
to threats and attacks around cybersecurity and cybercrime.
This recommendation is important in that it provides an integrated agenda.
And the business community plays a key role.
That is covered in the report.
They are responsible for securing...
products, services, and their own employees and systems,
but there are also recommendations for ways
government can support the business community...
in improving cybersecurity.
By investing in confidence...
around information sharing when a threat arises...
but also in supporting awareness-raising...
in the business community around cybercrime.
The report is also a great way to support the business community...
in their responsibilities around cybercrime.
There are several real-world examples it's worth mentioning,
like recommendations for product and service security,
software security, where government also plays a role...
serving as a benchmark and also providing oversight.
There are recommendations for investing in a knowledge centre...
and strengthening government oversight.
These elements are all included in the integrated recommendation.
I'd particularly like to take a look at specific recommendations...
that enable the business community to do a better job...
around cybercrime.
Of course there are several vital industries.
They are already integral elements.
Banks are part of that. I manage one such bank.
An important part of security is...
the focus on raising awareness...
but the report is mainly focused on companies...
outside of that critical sector, which are also very vulnerable.
Cybercrime is similar to overall security.
It's integrated into everything, but its perhaps most vulnerable points...
are consumers and small businesses who don't have this on their radar.
That's where the system is most vulnerable...
and where cybercriminals are able to gain back-door access.
Or they can install malware on cameras...
that they can use to launch attacks...
using simple software on small devices...
to cripple major systems at large companies.
Everything is vulnerable, so cybercrime is a behavioural component.
This report provides concrete recommendations.
The multitude of recent data breaches demonstrates...
that we don't have our digital affairs in order in this country.
The cyber resilience report from the CSC,
provides for the first time, with a
comprehensive, black-and-white calculation...
that neighbouring countries\Nare doing a better job.
They're investing more in cybersecurity, and the Netherlands is falling behind.
It's clear in my sector, in academia...
that the best researchers prefer...
to work in other countries instead of the Netherlands...
because they are given more freedom and resources.
If we want to take digital autonomy seriously in the Netherlands,
a strong knowledge position is an absolute must.
The CSC recommends including digital literacy...
in primary and secondary school curricula.
That's already on the agenda, but as part of the...
overall curriculum revision, which is taking an incredibly long time.
We believe that's time we don't have.
We are calling for digital literacy to be implemented as soon as possible...
in primary and secondary education...
for children and young people who are growing up in a digital world...
and need to be well informed about the opportunities...
and certainly the risks that digital developments bring.
We can only maintain the prosperity and security of our country...
by becoming one of the most cyber-secure countries in the world.
That is only possible with this integrated approach.