The National Cyber Security Center (NCSC) does nothing with most of the threat information it receives. Due to legal restrictions and the agency’s slowness of action, more than 95 per cent of the information is thrown away even though it is relevant. As a result, one in five Dutch companies is the victim of a hack every year.
Most threat information ends up in the trash
The NCSC receives threat intelligence on a daily basis, ranging from vulnerabilities in software to indications that businesses may be the target of ransomware attacks. The Network and Information Systems Security Act (Wbni) states that the NCSC may only share such information with companies and organizations that are part of the vital infrastructure. Furthermore, this law stipulates that a lot of relevant data may not be shared. Think of IP addresses, e-mail addresses and passwords. Such data is considered personal data by the General Data Protection Regulation (GDPR) and may therefore not be shared.
This not only causes frustration among
Read the article