Expertise & Advice
The NCSC ensures that the primary target groups are equipped with tactical and strategic knowledge and substantive perspective for action. Both in the short term, for example, in the field of crises, incidents and threats, and in the long term, via, for example, best practices, lessons learned, presentations and whitepapers. In this regard, the NCSC provides specialist insight into developments, threats and risks in the field of cyber security.
The NCSC brings information and expertise on cyber security together. In this regard, it concerns both information, practical knowledge and experiences, and data from scientific research. Owing to its access to open and closed information, the NCSC has a unique knowledge position. The NCSC has insight into current developments in the field of cyber security. This insight forms the basis for the NCSC actions. In-depth up-to-date knowledge is crucial for preventing ICT security incidents by timely taking adequate measures. The NCSC elaborates on the relevant information by analysing it and mapping possible risks. In this way, the NCSC offers more than the sum of the parts: not only does the NCSC collect information, it also offers insights into the approach and threats and formulates possible measures. In this way, all the parties benefit from the cooperation: in return for the information and knowledge that they contribute, they receive insights and possible perspectives for action.
To spread knowledge, factsheets, files and Cyber Security Assessment Netherlands are published. The insights and knowledge are translated into tailored concrete advice with which organisations can maintain and increase their digital security. Examples are directives for protecting web applications and encrypting network traffic.
The NCSC provides security advice based on its unique knowledge position, experience and network. The knowledge and experiences of the NCSC are built in the operational process in cooperation with the partners. The NCSC provides ad hoc advice, but also participates in various platforms, which demand its knowledge.
Examples of this specific advisory role are:
- advice on security criteria for acquisition processes;
- review of information security policy;
- advice on the organisation of network logging and monitoring systems;
- contribution of expertise in the cyber security and information security platforms of national government;
- advice on security scans and penetration tests in vital sectors with high confidentiality;
- review of a plan of approach for setting up a sectoral CERT (Computer Emergency Response Team).