Direct naar de inhoud

In 2021, the Safety Board issued seven recommendations in its report, addressed to government parties and the business sector. The first recommendation aims to increase response capacity in the short term. The six following recommendations aim, in the longer term, to strengthen the public and private system and introduce incentives to create a system in which manufacturers and customers continuously work on to make software more safe and secure.

Recommendations recognized

Responses to the report show that the Dutch government and international software manufacturers recognize the importance of improving their approach to cybersecurity. The Board finds it hopeful that the parties express several intentions and  actions they took or are planning to take. However, it will take several years (until 2026) before the actions are implemented. The Board calls on parties to continuously accelerate actions to increase digital safety and security.

Faster action needed

The Dutch cabinet shows its commitment to realize the possibility to alert all potential victims of cyber threats as quickly as possible. Software manufacturers are not yet taking collective action, pointing mostly at customer responsibility and the lack of a level playing field. As of yet, it is not clear what effect European laws and regulations will have on this dynamic. The Dutch cabinet is acting on the recommendation to ensure a legal basis requiring governmental organizations to manage digital safety and security; for private companies, the government is maintaining voluntary compliance with a strengthened code of conduct.

The Dutch Safety Board’s full response on the follow-up on the recommendations can be found on its investigation page, ‘Vulnerable through software – Lessons resulting from security breaches relating to Citrix software.’

This site is registered on as a development site. Switch to a production site key to remove this banner.