We look back at the Cyber Resilience Symposium, organised by the Cyber Security Centre of Expertise on 13 October 2022. The main theme of the day was: how to strengthen the cyber resilience of public and private organisations? In other words, how do you strengthen the ability of organisations to recognise and respond appropriately to cyber threats?

 'Sharing is caring'

After the plenary opening by Professor Rutger Leukfeldt, the first keynote speaker was Melanie Rieback, CEO at Radically Open Security. She pointed out that competition in cyber security does not make sense. If your organisation is facing a cyber threat, many other organisations are probably also facing the same cyber threat. 'Sharing is caring,' she says. By working together, standing side by side and learning from each other, you become much stronger against hackers who want to disrupt your organisation. According to her, the Netherlands is a leader in the responsible disclosure of ICT vulnerabilities. The following four key points are important to increase the cyber resilience of organisations: openness, transparency, open source and non-competitive business models. With that clear message, she concluded her enthusiastic and honest presentation. 

Open Security

Cyber security as an enabler

The second keynote speaker of the day, Roel van Rijsewijk delivered a strong message by presenting cyber security not as a defence mechanism, but rather as an enabler for innovation. 'Fear is a bad advisor,' explains the director of Cyber Defence Thales. Van Rijsewijk also had a clear message: If you want to accelerate innovations as a company, it is important to share information with others and trust the people you work with. This calls for investments in cyber resilience. One hundred per cent security is impossible, the key is to detect vulnerabilities and then act appropriately.

Van Rijsewijk gave insight into why cybersecurity has grown so much. Companies that rely heavily on operational technology have also become heavily dependent on information technology. Industrial processes are controlled by hardware and software systems. This generates great efficiency, but also makes organisations more vulnerable to cyber-attacks. A major challenge in increasing cyber resilience is that companies are organised in 'silos': there is too little coordination between operational technology and IT departments. Detecting vulnerabilities requires training, testing and research. Cyber resilience works just like our immune system. 'You need to detect the virus to increase your resilience.' 

Parallel sessions

The afternoon sessions explored the topic of Cyber Security from many different perspectives. After the keynote speakers, several professors and researchers spoke in the parallel sessions, two of which are highlighted below. 

Cyber Security Risk Management - Pei-Hui Lin

Pei-Hui Lin has been a professor in Risk Management & Cyber Security at The Hague University of Applied Sciences since May. Lin talks about her research on models for systematically analysing risk. Her message is the following: Make sure you properly protect management systems and continuously improve measures against cyber-attacks. Also don't forget the human factor. Safe and responsible data handling is essential for security.

Joint Cyber Range - Daniel Meinsma

With cybersecurity playing such an important role in organisations, universities and universities of applied sciences are also paying more attention to the topic. A great example is the Joint Cyber Range, an initiative of Utrecht University of Applied Sciences and The Hague University of Applied Sciences. Daniel Meinsma, lecturer and researcher at The Hague University of Applied Sciences, is the co-founder of this initiative and talks about what this platform means for lecturers and students. "Many students want to become business consultants in the IT industry, but do not understand at all how technology works. We have developed challenges where students learn about technology in a proactive way."

In addition to these highlighted presentations, the sessions covered several other topics and visitors were further introduced to the world of Cyber Security. The audience could listen to topics such as  
'Cyber resilience of SMEs against ransomware' (Susanne van 't Hoff), 'Digital security in primary education' (Marinus Maris), 'Do online ads reduce DDoS attacks?' (Asier Moneva Pardo) and

'Digitally safer smart cities' (Emiel Kerpershoek).

During the break, visitors interacted with researchers at the poster exhibition about the projects of The Hague University of Applied Sciences' research groups and innovative labs.

In short, a very interesting and interactive afternoon!