Dutch cyber security under threat; more autonomy needed

The Netherlands must do more to support its cybersecurity as the country is on the edge of losing its digital autonomy, national cybersecurity council CSR warned. According to the advisory body, the Dutch cybersecurity system was becoming too dependent on foreign tech companies, particularly those from the United States and China.

The Netherlands currently largely relies on American companies such as Microsoft, Amazon, Google and Oracle for its digital services. Thus, the Dutch government can no longer enforce its privacy legislation on this front, as these service providers often do not fall under jurisidiction of common European surveillance laws, CSR said in their most recent advice.

"Our digital autonomy is under pressure and that touches the heart of Dutch society; cyber threats are increasing and we are becoming increasingly dependent on the digital infrastructure that is in the hands of a number of large foreign market players," the organization stated.

To counter this development, autonomy in the digital sphere must urgently become one of the government’s central policies. This can be done by supporting strategically valuable tech companies, the advisory body explained. More public-private partnerships and a more active role of the Netherlands in the development of international standards are also needed, according to Digital Infrastructure Netherlands Foundation Michiel Steltman.

"Almost all cybersecurity standards are currently American. Large international players have a head start and without our intervention, it will only get worse," said Steltman.

Cyber ​​expert Ronald Prins from the cybersecurity company Hunt & Hackett explained that it was not realistic to expect all of the country's vital IT infrastructure to be manufactured in the Netherlands. According to him, the situation could be improved by having Dutch companies monitor the existing systems.

"You could make that mandatory for the vital sector," he suggested.