Dutch Cyber Security Council
The Dutch Cyber Security Council (Nederlandse Cyber Security Raad, CSR) has a strong public-private character. Strategic problems in the cyber domain are approached from a multidisciplinary angle. It does not concern threats alone, but also social and economic opportunities. The CSR is looking explicitly at cooperation with councils in other countries and welcomes the establishment of more of these councils. Hence a brief look into how the CSR is organised in the Netherlands.
The Dutch CSR is a national and strategic advisory body. The CSR was formed by ministerial order and advises the government. The CSR also advises organisations in, for example, the critical infrastructure. The Council is formed from highly-placed representatives in scientific, public and private organisations: The private members represent their supporters, such as a trade association. Problems are approached from various angles and the various interests are handled according to priority in the advice.
To be able to provide independent and well-considered advice, the Dutch CSR is put together with a balanced composition. Representatives of public and private parties each hold seven seats. Scientific institutions hold four seats. The council has two co-chairmen: the government and private sector alternate with each other every meeting.
Clear terms of reference
Cyber security is a field in which many parties are active. The Dutch CSR therefore has a clear position and terms of reference:
- providing solicited and unsolicited advice on cyber security to the government and private parties,
- advising the government on the implementation and development of the National Cyber Security Strategy II,
- contributing to research in the scope of the Dutch Cyber Security Research Agenda,
- deploying CSR members during large-scale cyber incidents.
In addition, the members hold personal discussions at boardroom level in order to get cyber security on the agenda at strategic level.
The Council is forward-looking and develops a strategic vision of new technological developments. What lies ahead of us in the medium and long term? And what does this mean for the future approach to cyber security and cyber crime?