Innovation zone State of the art (cyber) security
The education sector feels the urgency and importance of improving cyber security, because IT is a necessary part of the primary process. Each institution is responsible for its own cyber security, but there is much to be gained by tackling this complex challenge together. This is happening in the Cyber Security Innovation Zone.
All member institutions and the sector as a whole are and remain resilient to cyber threats.
Four roadmaps have been drawn up to help achieve this ambition. Because cyber security is the responsibility of the individual institutions, the roadmaps focus on everything that institutions want to do together, have in common and where it is efficient to organise something centrally. Solidarity is central to this and institutions have the room to maintain their own pace. Two of the four roadmaps have now been fleshed out. They are: Together in Control' and 'Technology, Awareness and Skills'.
1 | Being in control together
The roadmap 'Together in control' focuses on the organisational and policy aspects of cyber security. On the one hand, by helping institutions to become in control and to start working on a risk basis. On the other hand, by making sector-wide agreements on frameworks and standards frameworks, so that all institutions have a basic level and can work together as effectively as possible.
2 | Technology, awareness and skills
The roadmap "Technology, Awareness, and Skills" focuses on technical and executive measures that help institutions become more resilient. It is important to tackle this jointly, for example with a reference architecture, sector-wide crisis plan and agreements on basic measures. In this way, institutions can optimally help each other and exchange knowledge. In addition, institutions want to be able to act on risks and see the effect of risk-reducing measures.
Because cyber security and cyber threats are constantly evolving, we have opted for a flexible working method instead of a fixed programme for the next five years. A Cyber Security Steering Group has been set up, for example, which will review the goals of the zone every two months and make adjustments as necessary. This group is made up of representatives from research universities, universities of applied sciences, the SCIRT and SCIPR communities, and SURF. Both the SURF Coordinating Contact Persons and the CISOs are represented on it.
CSC-WO: Frank Hendrickx, TU Eindhoven
U-CISO: Jérôme Zijderveld, TU Delft
CSC-HBO: André Zandberg, Fontys
HBO-CISO: Paula Duijnhoven, Hogeschool Leiden
CSC-MBO: Rick Ruumpol, ROC van Twente
IBP-Regie: Niels Hilhorst, ROC van Amsterdam
SCIPR-voorzitter: Anita Polderdijk-Rijntjes, Windesheim
SCIRT-voorzitter: Ewald Beekman, Amsterdam UMC
SURF: Floor Jas
Representative of small institutions: no permanent representative, someone always joins in.
The Innovation Zone is also accounted for twice a year by means of a report to SURF's Members' Council.