Netherlands establishes cyber resilience network to strengthen public-private digital defence

The Netherlands has launched a Cyber Resilience Network, a public-private partnership aimed at fundamentally overhauling the nation’s approach to digital defence.  

The initiative, detailed in a comprehensive building plan from the National Cyber Security Centre (NCSC-NL), aims to connect over 1,152 organisations in a collaborative framework that extends far beyond simple information sharing to include coordinated incident response, training and threat intelligence.  

The move comes at a critical time, as a stark government report reveals just how close the country came to a debilitating IT crisis that could have brought essential public services to a standstill. 

The urgency for this new approach becomes clear when examining the statistics. The chance of an organisation being hit by a cyber incident is now one in eight, yet preparation for such a crisis remains alarmingly low, according to the NCSC building plan. This isn’t merely a private sector problem.

A recently published Dutch government report, titled From vulnerable to resilient, paints a sobering picture of the Dutch government’s own digital dependencies, revealing that the near-collapse of a major IT supplier in early 2024 could have triggered a national crisis. 

The report concluded that government bodies are insufficiently prepared for the acute and prolonged failure of outsourced IT services, having become what researchers term “analogously incompetent”.

In a world where relying on physical processes is no longer an option, this digital vulnerability poses a critical threat to national stability. The potential consequences would have been severe: no benefit payments to millions of Dutch citizens, a complete halt to legal proceedings, healthcare indication processes grinding to a standstill, and operational problems across numerous government organisations. 

Shared responsibility

It is hardly surprising, then, that the Dutch government is pursuing a comprehensive strategy to address these vulnerabilities. The Cyber Resilience Network represents a significant evolution from the previous nationwide network (Landelijk Dekkend Stelsel), which was primarily focused on information sharing between organisations. The new network is built around five core functions that transform how the Netherlands collectively approaches cyber defence. 

“Digital security is a shared responsibility,” said Belle Webster, a board member at the NCSC-NL and unit manager for the Cooperation and Knowledge Exchange, in a LinkedIn post announcing the network’s launch.

“The Cyber Resilience Network is a prime example of how government and industry are coming together to strengthen the digital resilience of the entire Kingdom of the Netherlands,” she added, highlighting the collaborative nature of the initiative. 

This expansion reflects a growing understanding that individual organisations can no longer fend for themselves against sophisticated cyber threats. Compare it with burglars, who will always seek out the house that is easiest to break into.

In the digital realm, attackers are increasingly targeting supply chains and managed service providers, knowing that a single breach can provide access to dozens of victims. The From vulnerable to resilient report highlights this “digital monoculture”, where many organisations depend on a small number of providers, as a major risk of concentration.

Heavily digitised

The Netherlands’ position as one of the top five most digitised countries in Europe has created both opportunities and vulnerabilities. ICT plays a crucial role in the primary processes of major government organisations such as DUO (student finance), SVB (social security), UWV (employment services), CJIB (traffic fines) and the Tax Authority.

Even organisations with significant physical assets and processes, including Rijkswaterstaat (infrastructure), RIVM (public health), Defence, and the National Police, have become heavily digitised. 

This digitisation has led to extensive outsourcing of ICT activities to external suppliers. While these arrangements offer opportunities in terms of technological development, digital capabilities and professional services, they have also made government organisations more dependent on ICT suppliers. The concentration risk has increased significantly, with many companies and government bodies housing their ICT with US “hyperscalers” such as Microsoft, Amazon and Google. 

The Cyber Resilience Network is designed to counter these very threats by creating a network of trust and shared capabilities. Rather than each organisation attempting to build comprehensive cyber defences independently, the CWN enables collective resilience through systematic information exchange, coordinated incident response, shared knowledge and joint training exercises.

The plan includes concrete priorities for the coming year, focusing on establishing the network’s core functions and onboarding key partners from both public and private sectors.

Preparation for NIS-2

The timing of these initiatives is particularly significant. The Cybersecurity assessment Netherlands 2024 emphasises the threat of large-scale outages and explicitly mentions the risk of a “digital monoculture”. State actors and criminal organisations are increasingly targeting ICT suppliers, knowing that once inside, they potentially have access to many organisations that have housed their ICT there. 

Recent incidents have demonstrated the vulnerability of digitised systems. Major disruptions have occurred at TU Eindhoven (2025), Crowdstrike (2024) and Maastricht University (2020). While these incidents were often resolved in days or weeks through intensive effort, the question remains how resilient governments would be if major ICT incidents could not be resolved in weeks or months. 

The Dutch government’s new approach acknowledges that existing structures, knowledge and measures are insufficiently utilised for mitigating the risk and impact of acute and prolonged ICT outages. In audit terms of “design, existence and operation”, much is available on the design front, but implementation and testing are often lacking. 

The network’s establishment coincides with the Netherlands’ preparation for the implementation of the Cybersecurity Act (NIS-2) later in 2025, which will strengthen requirements for digital resilience. However, the government report notes that compared with legislation in the financial sector, such as the Digital Operational Resilience Act, current frameworks remain insufficiently specific about risks related to large-scale, acute and prolonged outages of ICT service providers.

Collaboration is key

This shift from individual defence to collective resilience marks a pivotal moment for the Netherlands. The government’s dual-pronged approach acknowledges the reality that in the face of sophisticated and persistent cyber threats, the only viable defence is a shared one.

The Cyber Resilience Network represents not just a technical solution, but a fundamental reimagining of how a highly digitised nation can maintain its digital sovereignty while benefiting from the efficiencies of modern ICT services. 

The success of this initiative will depend on effective implementation and genuine collaboration between public and private sectors. As the Netherlands moves forward with this ambitious plan, it may well serve as a model for other highly digitised nations grappling with similar challenges.

The foundation for this transformation is information and collaboration. Everything else, as they say, is noise.