The Cyber Security Council (CSR) warns the new cabinet that the likelihood of digital disruption in the Netherlands is significant. To reduce these risks, structural investments are needed in resilience, digital autonomy and protection against AI-driven threats.
The council identifies four priorities that directly align with the NIS2 objectives for supply-chain security:
Strengthening digital resilience in government, vital sectors and the business community
Attacks on vital infrastructure, telecoms and energy are increasing. The CSR calls for more robust supply chains, improved threat intelligence sharing between government and companies, regular crisis exercises and fallback scenarios. The resilience of SMEs must also be strengthened.
Investing in digital autonomy
Dependence on non-European tech companies poses a national security risk. The council advises investing in European alternatives, a sovereign government cloud and stronger strategic supplier management.
Preparing for AI-driven cyber threats
AI enables attacks that are faster, more autonomous and harder to detect. The Netherlands must invest in knowledge, defensive technology and closer European cooperation.
Better protection of citizens against cybercrime
The number of victims continues to rise. The CSR calls for better public awareness, digital skills education starting in primary school, strengthened police and prosecution capacity, and a central reporting and recovery point.
Prerequisites: talent, knowledge and legislation
The shortage of specialists, lagging investments and the implementation of new EU legislation such as the Cybersecurity Act and the Cyber Resilience Act require acceleration. The CSR advises allocating €690 million structurally to strengthen the Netherlands’ digital security.
The message is clear: without a solid foundation and stronger supply-chain governance, the Netherlands will remain vulnerable. NIS2 provides the necessary framework to structurally improve this resilience.
