The Elephant in the Room: addressing insider threats. Lessons and good practices from Dutch organizations
When addressing security issues, external threats seem to be the sole point of focus. We often miss the fact that our own employees, colleagues or business partners – people whom we trust – could also pose a significant threat to organizations. This threat arises from their authorized access to information and systems, making it challenging […]
NIS2
More information about this session will follow soon
The tower of Babel: the many languages of risk management and how to navigate them
Digital risk management is a fragmented field of expertise. In Europe alone, many national cybersecurity centers have developed their own methodologies in order to empower organizations to increase their digital resiliency via the adoption of their framework. In parallel, many private sector organizations have taken similar actions. Although risk management has been foundational to cybersecurity […]
SME’s: basic principles for cyberresilience, why, how?
The Cybersecurity Council has asked the government to pay more attention to SME’s because of the gap in cyberresilience for SME’s versus big companies. Recently we, Digital Trust Center and NCSC, have refreshed the basic principles for cyberresilience. These principles can help to bridge the gap. We will add entrepreneurial stories to this principles to […]
How the Dutch raise the security baseline: transparency
A trustworthy government is accountable and approachable. Transparency plays a large part in that equation. For this reason the Dutch government provides insights into the baseline cybersecurity of all its online services. Anyone is able to determine if their government is operating securely or not: from high level down to the individual technical metric. This […]
Diving Into The Attack Surface of the Netherlands
The non-profit Shadowserver Foundation (https://shadowserver.org) has been active for over 15 years, delivering free daily cyber threat intelligence feeds to National CSIRTs (over 201 National CSIRTs covering 175 countries and territories) and many other organizations that have an Internet presence (over 8000 organizations worldwide, including Sectoral CSIRTs, ISP/CSPs, hosting providers, enterprises, banks, academia, hospitals, SMEs, […]
Gamechanger in cybersecurity: RED 3.3 and CRA
The upcoming cybersecurity requirements for digital products promise to be a gamechanger in cybersecurity. The essential requirements in the Radio Equipment Directive (RED 3.3) and the Cyber Resilience Act (CRA) will enable consumers and businesses alike to rely on the cybersecurity of digital products that are sold on the European market. We will explain in […]
