The Netherlands is one of the most digitalised countries in the world. This is both a strength and a risk. Cyber attacks, disruptions and over-reliance on a limited number of technology companies threaten security and digital open strategic autonomy. If government systems experience outages or stop working as intended, citizens and entrepreneurs can find themselves in trouble.
Why as 1 government?
- We are only as strong as our weakest link. A security breach does not mean a vulnerability in one organisation, but a risk to the entire government.
- If we want to have a real impact on the digital autonomy of government, we need to chart a clear course together. To secure a strong position, we must scale up and collaborate.
- It is incredibly difficult for individual government organisations to meet security requirements, as everyone has to invent the wheel themselves and rely on external suppliers.
Strategic goals
Together, we will set the following strategic goals for the Netherlands’ Digitalisation Strategy:
- There will be a single, government-wide approach to digital resilience and autonomy, which includes several collective solutions. We will increase our independence in terms of digital technology and reduce our dependence on an overly limited number of suppliers.
- Continuously improving our digital resilience will increase government stability. In crises, we will ensure quick and effective recovery to prevent disruptions from inflicting long-term damage. Exercises are crucial to achieving that, and we will conduct them as one government.
- There will be a government-wide approach to post-quantum cryptography, and all government organisations will be prepared to manage the risks in collaboration with the market.
What obstacles currently exist?
- There is no government-wide, coordinated approach to cybersecurity focused on the government.
- SOC services are compartmentalised and do not yet cooperate intensively enough.
- Government organisations are vulnerable to acute and prolonged IT service disruptions.
- There is insufficient insight into both the locations of our legacy systems and the vulnerabilities they pose.
- Everyone develops building blocks individually or purchases the same things redundantly.
- There is no one-size-fits-all approach to reducing digital strategic dependencies for government.
In what areas will we accelerate development as one government
- The implementation of the Bestuurlijk Convenant Digitale Veiligheid Gemeenten, as part of the Netherlands Cybersecurity Strategy (NLCS), will be accelerated.
- We will collaborate on a federated SOC system.
- We will increase the continuity and agility of our critical services under both normal and adverse conditions.
- We will create a government-wide overview of critical IT services and their building blocks, including legacy issues.
- Cybersecurity building blocks such as post-quantum encryption will be developed and integrated collectively.
- Policy will be created to increase digital autonomy collectively.