Seven Dutch provinces join forces to strengthen cybersecurity under new EU rules
Seven Dutch provinces are creating a joint digital security center to protect people against cyber threats. In the meantime, the Netherlands faces possible legal action from the European Commission for failing to introduce a new cybersecurity law on time. Each participating province is expected to contribute up to 500,000 euros annually.
Drenthe, Flevoland, Friesland, Limburg, Overijssel, Utrecht, and Zeeland are seeking a shared Security Operations Center (SOC). SOC would include a specialized team that continuously monitors IT systems, detects cyber threats, and responds to incidents. The provinces want to work together to reduce costs and comply with the new cybersecurity law, which was approved earlier this year by both the Tweede Kamer and the Eerste Kamer.
The law requires more than 8,000 organizations, including provinces, to report cyber incidents within a set period. The rules are based on a European Union directive requiring member states to report cyber incidents within 24 hours across 18 critical sectors, including health care, banking, transportation, and government services.
Some provinces have already hired their own SOCs, but the seven provinces involved in the joint effort are planning a combined procurement process. The tender is expected to be completed next year.
“We must not be naive,” said Zeeland VVD provincial executive Daniëlle de Clerck. “It is a fact that more and more cyberattacks are taking place. Don’t ask me about numbers, but I do know that we are not doing this for no reason.”
Zeeland said Gelderland, Groningen, Noord-Brabant, and Noord-Holland intend to join the shared security center at a later stage.
