The Netherlands is in an outstanding position to capitalize on the economic and social opportunities of digitalisation. At the same time, vulnerabilities and threats in the digital domain are increasing. The threat from professional criminals is growing and continues to develop. State actors focus on digital economic and political espionage and on making preparations for digital sabotage. Not only are the number of countries that are developing digital attack capabilities increasing, the attacks that are carried out are also becoming increasingly complex. This forms a direct threat to our
economic interests and national security.

These developments call for an increased effort to strengthen the approach to cybersecurity and thereby better protect the vital interests of the Netherlands. The National Cyber Security Agenda (NCSA) sets out the framework for the next step required in cybersecurity. The joint direction is laid out and various measures are considered collectively. This enhances the impact of public and private actions. The following principles are leading here:

  • Cybersecurity is inextricably linked to national security: as a result of digitalisation, national security interests are vulnerable to digital attacks.
  • Security in the digital domain can only be shaped in cooperation with and in part by the business community. Public-private  cooperation therefore forms the basis for the Dutch approach to cybersecurity.
  • The government represents public interests: a digital secure Netherlands, by recognizing threats to vital interests and by  strengthening resilience. The business community and citizens are encouraged to shape their own responsibilities and security. In addition, the government, as a public body, is obliged to have the cybersecurity of its own processes in order and to set a good example as a launching customer.
  • Knowledge is crucial to cybersecurity: sharing the available knowledge and promoting information sharing by the public and private sector is needed to strengthen cybersecurity across the board. In addition, it is necessary to (continue to) timulate both fundamental and applied research into cybersecurity, to develop the Dutch cybersecurity knowledge position. 
  • The objective is the mainstreaming of cybersecurity: digital security must be part of the everyday processes of every organisation. 
  • The digital domain is not confined by national borders. A Dutch approach to cybersecurity must take the international dimension into account of data, connections, internet governance and actors who carry out digital attacks. A more secure digital domain is therefore one of the Netherlands’ priorities in, amongst others, NATO and the EU. 
  • Finally: the tension between the interests of freedom, security and economic growth is inherent in the development of cybersecurity. By taking this into account, we want to weigh the dilemmas in cybersecurity more explicitly and set the course based on transparent and substantiated decision-making. 

The NCSA comprises seven ambitions that contribute towards the following objective: The Netherlands is capable of capitalizing on the economic and social opportunities of digitalisation in a secure way and of protecting national security in the digital domain.

  1. The Netherlands has adequate digital capabilities to detect, mitigate and respond decisively to cyber threats
  2. The Netherlands contributes to international peace and security in the digital domain
  3. The Netherlands is at the forefront of digitally secure hardware and software
  4. The Netherlands has resilient digital processes and a robust infrastructure
  5. The Netherlands has successful barriers against cybercrime
  6. The Netherlands leads the way in the field of cybersecurity knowledge development
  7. The Netherlands has an integrated and strong publicprivate approach to cybersecurity

These seven ambitions have been elaborated into objectives and measures that will be implemented in close public-private cooperation. To ensure this, a cybersecurity alliance will be formed between government bodies and businesses in which they will commit to jointly strengthening the Dutch approach to cybersecurity.