Hans, Security Specialist

"DigiNotar alerted the government to the pressing need for an organisation engaged in cybersecurity."

Trein

Crisis Management

We all want to prevent the negative consequences of IT incidents. While many organisations and people are working on this issue, what can you do if an IT incident nonetheless occurs? Mitigate the negative consequences as far as possible. If there is a threat of social disruption because of an IT incident, it is a matter of crisis management.

Role in the national crisis structure

The NCSC has a coordinating role within the national crisis management structure in case of an imminent or actual serious IT incident or an IT crisis. The NCSC has an extensive international network, in which the NCSC is the national point of contact for the Netherlands.

Our task pertains to the operational level, comprising assessments related to the IT disruption and its consequences. We follow three lines to provide this picture:

  1. coordinating the response to an IT crisis by public and private partners;
  2. activating the ICT Response Board (IRB) and supporting the activities of the IRB;
  3. following the reports of international partners in the field of IT crisis management.

Where necessary, we coordinate with other parties and consultation bodies at operational, technical and strategic level. We obtain information from these parties to provide a joint picture and to clarify events. Our role in this process is that of information broker.

Preparation by exercises and training

As stated above, coordination of the response to an IT crisis is one of the NCSC’s key tasks. In order to know how we should act in this kind of crisis situation, we have to be well prepared. We train our approach and skills in simulations as well as in occasional large-scale exercises. Our staff are educated and trained. We also participate in exercises conducted by our national and international partners. As a result, we will know how to get in touch with each other more easily and quickly should a crisis arise unexpectedly.

Advice about measures

The ICT Response Board (IRB) has been in existence since 2011. This advisory body assists in combating the consequences of an IT crisis. The IRB focuses its attention on maintaining vital processes in our society, such as the provision of drinking water and telecommunications. Many of these vital processes are in the hands of private parties. The IRB advises them about measures to be taken, which should mitigate the social impact of the IT crisis. This position makes the IRB the linchpin between the technical and administrative level.

IRB participants

Participants in the IRB are representatives of the vital government services and vital parties involved. Experts in a specific field of expertise are sometimes invited as well to join the IRB and explain the cause of the IT crisis. While the Chair of the IRB is affiliated with the Ministry of Economic Affairs and Climate Policy, the NCSC provides the Secretary and the Information Coordinator.