Cyber Hygiene in the Netherlands

Cyber Hygiene in the Netherlands (Digitale Hygiëne Nederland) is a research project that provides insight into the digital resilience of the Netherlands as well as the most significant risks and challenges. For instance, the researchers examined the vulnerabilities in the Dutch digital landscape, including the supplier market, Internet of Things (IoT) and other developments such as Big Data, Cloud or Artificial Intelligence.

How does Cyber Hygiene in the Netherlands work?

GDI Foundation has conducted research into the state of affairs in the Dutch digital landscape. First of all, the research paints an overall picture of the Dutch digital landscape. The research then describes the Dutch Internet of Things (IoT) in scope, quantity and types. Finally, the research examines the vulnerabilities by analysing what portion of the Dutch digital landscape is running on outdated software or is providing an outdated version of a service.

What is the impact of Cyber Hygiene in the Netherlands?

The research report identifies several potential or actual threats in the Dutch digital landscape:

  • A number of products from suppliers have a large market share, so vulnerabilities in them have a major impact on the whole of society.
  • All connections are potentially vulnerable, but the vulnerability is increasing throughout the entire chain because of developments in IoT and IT.
  • Developments such as Big Data, Cloud and Artificial Intelligence (AI) are often combined with IoT data, which transcend our country’s borders.
  • The focus on the reliable and secure processing of data throughout the entire chain of IoT data up to and including the Cloud is still in its infancy.
  • Governance in relation to IoT data and legislation has not yet been sufficiently elaborated (GDPR).
  • The vulnerabilities detected and the timeliness of their mitigation can be used as an indicator for follow-up actions.

What does this mean for my organisation?

The main risks to Cyber Hygiene in the Netherlands are occur among consumer-related devices (IoT). Organisations, the government and members of the public face the following challenges:

  • gaining structural insight into the development and use of unsecure IoT & IT;
  • establishing quality marks/quality requirements and independent supervision of secure devices or less secure devices (IoT/IT);
  • determining responsibility in the chain for guaranteeing privacy and security measures;
  • establishing industry standards, measurable hardening guidelines & connectivity requirements and automatic security updates during the life cycle of a product or service and chain;
  • ensuring accountability of suppliers for the effectiveness of the measures implemented.

Are you interested in the report? The research report entitled Cyber Hygiene in the Netherlands 2018 (Digitale Hygiëne Nederland 2018) can be downloaded from the Dcypher website.

What does the NCSC do?

The NCSC has commissioned GDI Foundation to analyse big data from public sources. It uses the outcomes of this research to improve its assessment on the impact of cyber incidents and tailor its recommendations to this information more closely.