Dutch government splashes out on cybersecurity for 2023

Over the coming years, the Dutch government will enhance digital resilience in the Netherlands. This is thanks to the Dutch Cabinet, which on 20 September 2022, earmarked millions in the fight against cybercrime.

The reasoning behind the increased cybersecurity allocated budgets is not only to strengthen vital infrastructure and services but also because, according to Netherlands Statistics and Minister Dilan Yeşilgöz-Zegerius of Justice and Security, cybercrime today makes almost as many victims as traditional crime.

Government agencies receiving a budget boost include:

  • The Public Prosecution Service will receive an additional €12 million for ICT and for its investigative capacity in digital crime. Part of the sum will be used to upskill and increase capacity to tackle the issue.

  • The National Coordinator for Security and Counterterrorism (NCTV), in charge of coordinating the Dutch Cyber ​​Security Strategy (NLCS) will receive a budget of €54.9 million.

  • The National Cyber ​​Security Centre (NCSC) will receive an additional €16 million in 2022 and another €23 million in 2023. Over the coming years, the total budget will increase, reaching €42 million.

  • The Dutch Data Protection Authority has a 2022 budget of €29 million; in 2023, its new budget will amount to €34.5 million. It is estimated that by 2027, the Authority will enjoy a budget of €41.3 million.

In the near future, an algorithm supervisor will be created under the wing of the Dutch Data Protection Authority. Despite no clear budget, once created, the Authority will likely enjoy a further rise in the budget to accommodate the new supervisor.

What does this mean for IT providers?

In short, this means that public sector agencies will have to up their cybersecurity game. New and increased budgets will lead to new opportunities for cybersecurity providers. Infrastructure services, application services, and consulting deals will surely follow.

There will also be an element of training required to ensure that adopted cyber measures and tools are used to the fullest extent and understood. This also sets the tone for the private sector, even more so with the European Network and Information Security Directive (NIB2) implementation, which requires companies to take ‘appropriate cyber measures’ and report severe cyber incidents.

This narrative is also conveyed by the Ministry of Economic Affairs and Climate (EZK), saying that ICT products and services must become more secure, and cybersecurity knowledge development and innovation must be stimulated in both the public and private sectors.