News item |: 03-10-2023 |: 09:08
Three government organizations in the field of cyber security are launching a joint counter for reporting threats and vulnerabilities. The move is part of preparations to integrate these three organizations into a single national cyber organization by 2025. It refers to the National Cyber Security Center (NCSC), Department of Justice and Security, Computer Security. The Incident Response Team for Digital Services (CSIRT-DSP) and the Digital Trust Center (DTC), both part of the Department for Economic Affairs and Climate. The overall goal is to make the Netherlands digitally safer.
From now on NCSC, CSIRT-DSP and DTC will work intensively together to ensure that every organization or company in the Netherlands, public or private, vital or non-vital and small and large, is warned if they are a victim or target are cyber threat. This “better understanding of the threat” is one of the spearheads of the Dutch cyber security strategy.
An alert service for targets and victims of cyber attacks
Every day, the government receives information about vulnerable or hacked systems. This can, for example, refer to software that contains a bug, systems that have had malware installed by cybercriminals, or systems that can be exploited for a ransomware attack at any time. NCSC, CSIRT-DSP and DTC obtain this information from security researchers, ethical hackers and domestic and foreign partners. It is important to get this information to the victim or potential target company quickly. The company can then take action to prevent or reduce the damage.
If the government has information about a cyber threat to an organization or company in the Netherlands, the government will send a warning message. The warning can be addressed to the network owner or the (end) user of the vulnerable system. There are now three different senders of these alerts, as each cyber organization serves its own target group. NCSC alerts important companies, central government and liaison organizations. CSIRT-DSP alerts digital service providers and DTC alerts the rest of the Dutch business community. After the integration of these three cyber organizations at the end of 2025, there will be only one sender.
A single window for sharing information with the government
The digital resilience of the Netherlands is too important to leave to fragmentation. That’s why it was decided to work with a single point of contact where security researchers, ethical hackers and domestic and international partners can share information about cyber threats and incidents so that victims or targets can be informed. This desk is located in the NCSC as the national CERT and can be reached via cert@ncsc.nl. The WCC evaluates the quality of the report and activates the notification process in the three organizations. For this purpose, a transparent and unambiguous assessment framework has been drawn up. This evaluation framework applies the principle of “sharing as much as possible”.
Cooperation. unambiguous assessment of threat information
In what cases is a warning message necessary? When is a company-specific cyber threat serious enough? Because it is useful to distinguish some information between urgent cyber threats and cyber threats that belong to Internet hygiene, the three organizations recently developed a clear assessment framework. About 30 types of cyber threats have been identified as “always on alert”. For example, a server port open to cyber attackers due to a misconfiguration. Or using an outdated cloud application for office automation that has security flaws. Cyber threat assessment is now uniform, warning messages are not. Companies warned by the DTC receive more explanations and instructions than organizations warned by the NCSC and CSIRT-DSP, as these organizations typically have more ICT knowledge.
Next stage
There is extensive cooperation between the three cyber organizations in other areas as well. For example, each other’s IT systems are already in use. In the coming months, the organizations will continue to work on one integrated, scalable and robust warning service to support businesses in the Netherlands with the digital security of their IT systems.
Stay informed about cyber developments
Unable to register for this alert service. The government sees it as its job to inform entrepreneurs and organizations about company-specific cyber threats, and therefore informs organizations and companies in the Netherlands about the threat without asking.
Want to stay informed about software and hardware vulnerability news? Then consider joining NCSC’s RSS feed. Want to know what else is happening and be in direct contact with cybersecurity or IT professionals or entrepreneurs from the same field? Then look to the DTC community.