Innovation zones: using IT innovation to improve the quality of education and research

In the coming years, the SURF organisation will work with its members to improve the quality of education and research with the aid of IT innovation. We will do this in nine innovation zones. On this page you can read which ones they are and what the current state of affairs or ambition is.

Vrouw schrijft op een post-it

Innovation zone State of the art (cyber) security

The education sector feels the urgency and importance of improving cyber security, because IT is a necessary part of the primary process. Each institution is responsible for its own cyber security, but there is much to be gained by tackling this complex challenge together. This is happening in the Cyber Security Innovation Zone.


All member institutions and the sector as a whole are and remain resilient to cyber threats.


Four roadmaps have been drawn up to help achieve this ambition. Because cyber security is the responsibility of the individual institutions, the roadmaps focus on everything that institutions want to do together, have in common and where it is efficient to organise something centrally. Solidarity is central to this and institutions have the room to maintain their own pace. Two of the four roadmaps have now been fleshed out. They are: Together in Control' and 'Technology, Awareness and Skills'.

1 | Being in control together

The roadmap 'Together in control' focuses on the organisational and policy aspects of cyber security. On the one hand, by helping institutions to become in control and to start working on a risk basis. On the other hand, by making sector-wide agreements on frameworks and standards frameworks, so that all institutions have a basic level and can work together as effectively as possible.

2 | Technology, awareness and skills

The roadmap "Technology, Awareness, and Skills" focuses on technical and executive measures that help institutions become more resilient. It is important to tackle this jointly, for example with a reference architecture, sector-wide crisis plan and agreements on basic measures. In this way, institutions can optimally help each other and exchange knowledge. In addition, institutions want to be able to act on risks and see the effect of risk-reducing measures.


Because cyber security and cyber threats are constantly evolving, we have opted for a flexible working method instead of a fixed programme for the next five years. A Cyber Security Steering Group has been set up, for example, which will review the goals of the zone every two months and make adjustments as necessary. This group is made up of representatives from research universities, universities of applied sciences, the SCIRT and SCIPR communities, and SURF. Both the SURF Coordinating Contact Persons and the CISOs are represented on it.

Members of the Cyber Security Management Group

CSC-WO: Frank Hendrickx, TU Eindhoven

U-CISO: Jérôme Zijderveld, TU Delft

CSC-HBO: André Zandberg, Fontys

HBO-CISO: Paula Duijnhoven, Hogeschool Leiden

CSC-MBO: Rick Ruumpol, ROC van Twente

IBP-Regie: Niels Hilhorst, ROC van Amsterdam

SCIPR-voorzitter: Anita Polderdijk-Rijntjes, Windesheim

SCIRT-voorzitter: Ewald Beekman, Amsterdam UMC

SURF: Floor Jas

Representative of small institutions: no permanent representative, someone always joins in.

The Innovation Zone is also accounted for twice a year by means of a report to SURF's Members' Council.