ICT Crisis Management
Being able to have open, safe and stable ICT, is a precondition for the unhindered functioning of society. In the undesirable event that something does go wrong, ICT crisis management is an important link in crisis management. To tackle the cause during an ICT crisis, the government is largely dependent on the services of private parties. An important part of ICT crisis management is therefore based on public-private partnerships. The ICT Response Board is a public-private partnership that analyses the situation during a large scale ICT crisis or threat.
During an ICT crisis, the National Manual on Decision-making in Crisis Situation is applied. In the event of an (threatening) ICT crisis, the Director of Cyber Security of the National Coordinator for Security and Counterterrorism is responsible for managing the crisis organisation within the national crisis structure. The Department for Cyber Security handles the crisis at strategic and tactical level. The NCSC offers operational coordination regarding the response and has, in addition, an advising and informing role towards the crisis decision-making structure.
The NCSC ensures that the Netherlands is able to tackle an ICT crisis effectively:
1. Crisis organisation preparation
When various ministries are involved in tackling a crisis the national crisis structure is invoked. The NCSC is a part of the national crisis structure during an ICT crisis.
2. Facilitation of the ICT Response Board
The NCSC facilitates the ICT Response Board (IRB), the public-private advisory body for the national crisis decision-making structure in the field of ICT crisis management.
3. National cooperation during crisis
Crucial in strengthening ICT crisis management is setting up a system of partnerships at the national level. For this reason, the NCSC has made agreements with public and private partners concerning the method of cooperation in a crisis situation.
4. International cooperation
ICT crises have no physical borders. The Netherlands participates in international initiatives in this field. The NCSC is active within the EU and in the International Watch and Warning Network (IWWN).
Within the EU, the Netherlands participates in the implementation of EU policy in the field of ICT crisis management, which is set out in the European Cybersecurity Strategy. This concerns participation in the biennial training cycle under the name of Cyber Europe and improving cooperation between national CERTS via the set-up of Standard Operating Procedures (SOP).