Go to content

Increasing and changing threats to critical infrastructure

News item | 14-11-2025 | 11:17

Geopolitical tensions, climate change, system failures and human error can lead to the disruption or failure of critical processes which can have major consequences for the functioning of our society and the Dutch and European economy and therefore constitute a threat to national security. The Critical National Infrastructure Threat Landscape, which was published today, provides an overview of these threats and offers ministries and critical providers a conceptual framework for improving the identification of risks and resilience.

Our critical infrastructure is the foundation on which Dutch society operates. This infrastructure covers such things as electricity, access to the Internet and drinking water and payment transactions and it is being affected by an accumulation of increasing and changing threats.

Enlarge image
Image: ©ANP
Passengers at Eindhoven Airport, where a major disruption brought air traffic to a standstill. Enlarge picture of passengers at Eindhoven Airport, where a major disruption brought air traffic to a standstill.

Deliberate threats to critical infrastructure

Critical processes can be disrupted by deliberate threats emanating from, for example, state actors, terrorism and violent extremism, activism and criminal activities. In particular, state actors pose an increasing threat to critical infrastructure. This threat is apparent in, among other things, an increase in the use of hybrid tools, such as sabotage, espionage and pre-positioning, cyberattacks, disinformation, economic pressure and the abuse of strategic dependencies.

Natural threats to critical infrastructure

The effects of climate change are an increasing threat to critical infrastructure. For example, there are increasing shortages of freshwater during the summer, more flooding due to rainstorms and the effects of that flooding are becoming more severe. Flooding can be disruptive when critical networks cease to function. Extreme heat and drought in summer can also put pressure on critical processes.

Threats arising from the failure of critical processes themselves

National security can also be compromised when critical processes fail due to human error, system failures or chain effects. Various examples of such failures have shown that a seemingly minor technical or human error can have major consequences for critical processes. The interdependencies within critical national infrastructure mean that a disruption to a single critical process can result in chain reactions that impact other critical processes.

Increasing the resilience of our critical infrastructure

Governments, public and private organisations, and intelligence and security agencies are constantly working together to protect our critical infrastructure and increase resilience. One example is the 'Approach to Critical Infrastructure' (Aanpak Vitaal) which aims to increase the resilience of critical infrastructure by keeping a constant eye on the threat, by taking appropriate and proportionate measures and by making sure that all the parties involved work closely together.

This approach is going to be enshrined in legislation through the incorporation of the European Critical Entities Resilience (CER) Directive into national legislation in the form of the Critical Entities Resilience Act (Wet weerbaarheid kritieke entiteiten, Wwke). Organisations governed by the Critical Entities Resilience Act will initially be designated as critical entities by the ministry and informed accordingly.

Digital resilience is going to be increased through the implementation of the Network and Information Security Directive (NIS2 Directive) and its transposition into the national Cybersecurity Act (Cyberbeveiligingswet, Cbw). The central government is urging organisations to prepare for the impact of these new laws and underlying regulations when they come into force.

Documents