The VVD wants the Dutch Institute for Vulnerability Disclosure (DIVD) to play a larger, more formal role in digitally protecting the Netherlands by scanning networks. The party has a for today motive article. Minister Yesilgöz of Justice and does not see this immediately. The DIVD consists of security researchers who can be scanned for vulnerable files on the internet. In addition, it does security research.

According to VVD MP Rajkowski, many cyber attacks can be prevented early. Since the DIVD has arisen with possible security vulnerabilities, the organization should possibly be given a larger, more formal role in digitally protecting the Netherlands in collaboration with the National Cyber ​​Security Center (NCSC) and the Digital Trust Center (DTC), according to Rajkowski. .

The VVD MP believes that picking up and passing on the information about threats discovered by the DIVD should be given a structural shape. “It is not always clear to this group of hackers either. If they provide information to the central government, it does not always end up with those companies. And who is going to help those companies to continue to grow with that information? should not become a government organization, but what they do should be given a little more direction and seriousness,” she said today during a debate for the standing committee for Digital Affairs.

“Noting that the Dutch Institute for Vulnerability Disclosure proactively scans the internet on a largely voluntary basis for vulnerabilities and reports these to relevant offers; requests the government to investigate how the Dutch Institute for Vulnerability Disclosure can play a larger, more formal role in the keeping the Netherlands digitally safe in collaboration with the NCSC and the DTC.”

During the debate, Minister Jailgöz stated that the DIVD can currently penetrate the imports by scanning into an integrated network without a criminal investigation being initiated. “It must then comply with the guideline of the Public Prosecution Service with regard to Coordinated Vulnerability Disclosure”, the minister explains schematically.

“Central government organizations must have a legal basis to be allowed to enter the first networks, otherwise there is a criminal act. That is therefore at best a difference. A formed role for this organisation, the DIVD, or a merger with the National Cyber ​​Security ​​Security Center will not provide more vulnerabilities scanning capabilities,” Yesilgöz continued.

They want the scanning of networks from the government to be possible on the basis of a legal basis. For that reason, the minister does not want to combine them. “But as mentioned, the DIVD regularly supplies the NCSC with information about potentially vulnerable, early and, of course, hacked systems. The NCSC then informs organizations within their target group about better cooperation, because of course they have a very important function.”