The Netherlands will invest 6 million euros per year in cybersecurity of schools – Computer – News
The Dutch government will structurally develop six million euros in the digital security of primary and secondary schools. In this way, the government wants to control the cybersecurity of underlying coherences in order to make schools safer.
Wants to steer on standards with the central management, supporting with, among other things, external audits and being able to act more quickly, write the education ministers Dennis Wiersma and Robbert Dijkgraaf. For example, the ministers want to draw up a framework of standards for how information security and privacy should be arranged in education.
Information security and privacy specialist, legal knowledge ‘not available in every school’. This creates inequality, because that knowledge may be available at one school and not at another school. With the framework of standards, the government wants to centralize that knowledge and thus combat inequality. With the help of external audits, the government can provide support and intervene where necessary.
Educational organizations such as Kennisnet, PO-raad, VO-raad and Sivon help draw up that framework, based on the framework of standards of higher education. At the beginning of 2023, the government can carry out a baseline measurement of the education sector, so that the framework can be worked on.
In addition to the standards framework for schools, from the information that starts in 2023, explicit attention should be paid to information security and privacy in the annual report. In this way, school boards should become more aware of their responsibilities in this area and that this is not just the responsibility of the IT administrator.
As a third point, the ministers mention a Computer Emergency Response Team. Higher education already has such a CERT, now primary and secondary education must also have such a team. Schools can report to CERT if they are confronted with a cyber incident. The CERT can help deal with the problem.
That CERT must also become a member of the National Coverage System of cybersecurity partnerships. For example, the CERT must receive information and advice from the National Cyber Security Center. Schools are also required to report cyber incidents to CERT.
The education ministers will announce the plans to the House of Representatives on Thursday. In the same letter to parliament, all ministers announced that in August 2023 all AVG concerns about Chrome and Chrome can be removed. It was previously said that this would be the case by mid-2022.