The annual Cyber Security Assessment Netherlands (CSAN) by the National Coordinator for Security and Counterterrorism (NCTV) paints a worrying picture. The organization has established that cyber incidents have a real chance of causing major damage.
It cannot be excluded that disruption due to cyber attacks or large-scale failure will take place in the Netherlands, even if it has never been the case, said Minister of Justice and Security Ferd Grapperhaus.
The advancing digitization means that the digital threat has a permanent character. Digital espionage and the threat of professional criminals and state actors are the greatest threat, according to the Port of Amsterdam.
Increasing digital resilience will continue according to NCTV. Preventing cyber incidents within vital processes is currently a top priority within the Dutch Cyber Security Agenda to manage the risk of social disruption.
By applying a ‘comply or explain system’, companies in the vital infrastructure are obliged to implement control measures in case of vulnerabilities. When companies choose not to take measures, they are obliged to substantiate this conscious choice. Digital resilience can be increased by taking technical, procedural or organizational measures.
What is more, DigiCert announced that as of Saturday 11 July part of the DigiCert certificates will be declared invalid. This applies to the so-called EV certificates (Extended validation). These are EV certificates issued by CertCentral, Symantec, Thawte and GeoTrust. The NCSC advises to make an inventory as soon as possible whether your organization uses an affected EV certificate and to replace it.