Launching the NIS2/Cbw control framework: a practical evaluation tool.

By 2026, Dutch organizations must comply with the Cyberbeveiligingswet (Cbw) and Cyberbeveiligingsbesluit (Cbb) — the national implementation of the EU’s NIS2 directive. While the exact enforcement date is still pending, the impact on organizations will be substantial. At the same time, sector-specific requirements such as BIO2 (for the public sector) and DORA (for financial institutions) are being […]

Launch IDRS platform for reporting on digital control

This proposal is submitted by the Online Trust Coalition (OTC). The OTC is a public and private partnership at the initiative of the Dutch Ministry of Economic Affairs.Its mission is to enhance trust in online services, with a particular focus on cloud infrastructure—an essential enabler for digital innovation and Europe’s strategic autonomy.The OTC has developed […]

Cybercrime as a misfit: why traditional policing strategies fall short

Cybercrime is evolving rapidly, often faster than (government) organizations can adapt. In this session, Stan Duijf will guide you through the development of strategies by the Netherlands police and explain why these no longer align with the fast-changing nature of today’s cybercriminal landscape. Through three insightful examples presented by Sophie Warringa, Matthijs Jaspers and Lieske […]

The governance of the PQC transition in the EU

This intervention will analyse the aspects of the governance of the PQC transition in the EU. It will explore the relevant provisions in the EU legal acts containing general implicit requirements to adopt PQC (e.g. NIS2, CRA, GDPR, DORA, eIDAS2 and other) and how they are complimented by the various policy documents making specific references […]

We need to talk about…patching

Most organizations have a formal patching policy. This is also a requirement under both DORA and NIS2. Research shows that most patching policy contain deadlines within which the different categories of vulnerabilities must be patched. But only some of these organizations can actually measure whether they comply with their own policy. Paradoxically, it is therefore […]

Why Compliancy Won’t Protect Reputation – and What Will.

For executives and senior professionals navigating the complexities of digital responsibility, this workshop offers a pragmatic roadmap to establishing effective cyber governance. Because in the end, it’s not just about compliance — your reputation is on the line. We go beyond checklists and delve into how to structure cyber governance strategically: goal-oriented, aligned with your […]

Safeguarding national security in government contracts – ABRO (session in Dutch)

Supply has been and increasingly will be a target for cybercrime and state actors. Our changing world also requires the Dutch government to change the way it protects its key interests across the vast network of suppliers. Many government suppliers provide essential products and services that intersect with the core processes and assets of government […]

Beware of your belongings: Prying eyes in China

Our presentation will discuss the threats of cyber attacks, device tampering and we will dive into a case study and how these threats look like. We will share tips on how to protect your devices and data from unauthorized access.

Operation Heart Blocker – Disrupting the market of a cybercrime syndicate

In Operation Heart Blocker, we dealt a major blow to one of the largest “Cybercrime As A Service” networks. The organization behind this network had dozens of webshops where cybercrime tools were offered and operated as a professional company. This presentation explains how we ultimately mapped out a complete worldwide network of malicious webshops and […]