Speech by minister Ollongren at the Cyber defensie pledge
From Words to Action: A New Phase in Cyber Resilience
First of all, I would like to express my gratitude to Romania for their outstanding commitment as the co-organiser of this conference.
Their effort embodies the spirit of teamwork that is the cornerstone of our NATO alliance.
However, we are committed not only to our alliance…
… but also to supporting our NATO partners.
Therefore, I warmly welcome the NATO partner countries that are with us today.
We are delighted to host you all at the NATO Cyber Defence Pledge Conference here in The Hague.
Together, let us embark on a new phase.
A new phase of enhanced cyber resilience.
Dear guests,
Cyberattacks are all around us.
And recently, we've seen these attacks unfold dramatically across Europe.
Let's consider the incident last summer involving the German Social Democratic Party.
A Russian intelligence-backed hacker group, known as Fancy Bear, shamelessly exposed email addresses and other personal data.
Moreover, companies in the logistics, defence, aerospace, and IT sectors were also targeted revealing a sinister pattern of attacks aimed at undermining the collective trust of Germans in democracy.
Yet, this cyber-attack was not confined to Germany alone.
Czechia, Lithuania, Poland, and Sweden were similarly assaulted displaying a disturbing trend of coordinated efforts to destabilize and disrupt European democracies.
In response, on May 3rd, a united front was displayed as Germany, NATO, and the EU came together to publicly condemn these attacks.
Our message was clear:
“Interfering with democratic processes is a serious offence and will not be tolerated."
Why am I highlighting this example today?
Because it demonstrates that cyber threats are neither abstract nor remote.
They are real, they are immediate, and as the Deputy Secretary General so aptly put it: "There is no peace in cyber-space."
In fact, cyber espionage is increasingly targeting critical parts of our physical vital infrastructure.
Hackers are laying the groundwork to disrupt these at later stages.
For example, we have seen evidence that certain actors are intensely focused on Western countries' water supply and electrical grids.
In the Netherlands, there is significant interest from Russia in our internet cables and wind parks in the North Sea.
Imagine the chaos if they succeeded in shutting down the Dutch energy network…
We must prevent such a catastrophe.
Therefore, we are at a critical juncture.
We must strengthen our defenses and enhance our resilience.
And stand united.
So together, we can protect our nation’s security, our economy, and our way of life from these cyber threats.
Sharing information is one way we can bolster our national cyber resilience.
For example, just this year, the Netherlands Defence Intelligence and Security Service uncovered a Chinese hacking operation targeting a defence network.
Our National Cyber Security Centre shared a technical report on the hackers' methods allowing other vital sectors to assess their risk and implement necessary protections.
Meanwhile, it’s not only our military and political structures that are under attack;
Our transportation and communication systems are increasingly vulnerable as well.
From the skies to our digital networks, the threats are real and constant.
For example, European aircraft have recently faced GPS disruptions.
Just this month, Finnair cancelled flights to Tartu due to severe interference.
Even our railways and media networks aren’t safe, with Russia-linked groups launching sabotage attempts.
Personally, I vividly recall an incident from last month that starkly illustrates the pervasive nature of these threats.
On an ordinary Thursday, Dutch parents turned on BabyTV for their toddlers expecting safe, educational content.
Instead, the broadcast was hijacked.
For fifteen minutes, images of Vladimir Putin, Russian flags, military parades, and propaganda music replaced children's programming, an audacious intrusion of geopolitical conflict into our homes.
Dear guests,
Cyberspace reaches into our society, our infrastructure, our homes, and workplaces.
Affecting civilians as much as soldiers.
We are not mere bystanders in this;
We are targets, and thus, we must be defenders.
We need to act swiftly, strengthen our defences, and stand firm.
And be united, ready to protect not just our networks, but our entire way of life.
That's exactly why it's crucial we are all gathered here today.
Here, we have the unique opportunity to learn from each other and share vital information on a variety of issues.
Just as Article 3 of the NATO Treaty, the cornerstone of our cyber commitment, mandates:
'Parties will maintain and develop their individual and collective capabilities to resist armed attacks.'
Achieving the capability to resist these attacks demands collaboration.
Not only within NATO, but also with our NATO partners.
Only by working together can we elevate our cyber resilience to a higher level, and build a stronger, more secure future.
Building on this momentum, I'm pleased to now be able to reflect on the significant progress we've made since last year in Vilnius, where NATO Allies agreed to a stronger Cyber Defence Pledge.
Originally, the key part of the pledge involved allies filling out a questionnaire, to assess our joint cyber resilience.
Until Vilnius, this questionnaire was quite basic - and lacked depth.
This year, that has changed.
The questionnaire has been greatly expanded to cover more areas.
And this year many more allies have completed the questionnaire.
So today, we can reflect on what we have achieved over the past year on the basis of the Pledge.
And we can make our commitment even stronger.
Sharing information among NATO members and with NATO partners is also crucial.
We need to learn from each other's successes, and be honest about our weaknesses.
To improve our cyber capabilities before - and after - crises.
Let me therefore tell you more about what the Netherlands is currently doing in terms of cyber resilience.
Last month, the Dutch government launched a tool called 'CyberCheck'.
This tool aids Dutch businesses in managing risks within their supply chains and highlights potential threats from countries such as Russia, China, North Korea, and Iran.
It helps our entrepreneurs identify the origin of their operating system or firmware and provides practical advice on safeguarding their critical infrastructure.
In essence, CyberCheck is a vital tool in strengthening our national cyber resilience.
Another way to boost our national resilience is by encouraging companies and non-governmental organizations in the Netherlands to share information about cyber weaknesses.
They can do this with the aid of our national cyber emergency response team, known as the Netherlands National Cyber Security Centre, or NCSC.
The NCSC supports NGOs and private companies in enhancing their resilience.
After all, many vital functions in society are performed by private companies.
Energy suppliers, hospitals, banks...
This is why we must support each other and exchange information.
To effectively deter threats, our entire society needs to be ready to respond.
We – as the Netherlands – furthermore believe it is crucial to make firm and strong agreements with private companies.
Parties, that play a vital role in the cyber domain.
Because they manage our networks and hold essential information regarding threats.
So why not look into the possibilities of sharing more information?
And harnessing the innovative capability of the private sector to maintain - or gain - an edge over our adversaries?
Last but not least, we believe that we can invest in training together with other countries;
Conduct exercises together;
Coordinate our efforts when dealing with crises;
And exchange personnel with each other.
All steps forward to strengthen our bond.
And to stay united.
With one aim: To be safe - and to stay safe.
Dear guests,
Let's turn the ideas put forward at the Vilnius summit into action.
By aligning our efforts at the three levels of cyber defence in NATO:
The political, military, and technical levels.
In summary, the journey to bolster our cyber resilience begins today.
Because we are more than just a group of countries.
We are a united community of allies and partners.
Steadfast in our commitment to safeguarding our security, our future and our freedom.
Thank you.