CS4NL  
BGP
Cyber Security Knowledge

Knowledge and innovation for safe digital transformation

In 2023, BGP Cyber Security Knowledge and Innovation for the Top Sectors was launched under the name CyberSecurity for the Netherlands (CS4NL). CS4NL provides an ecosystem for the ten top sectors, a knowledge and innovation agenda with seven demand-driven themes and two programming streams. CS4NL coordinates NWO calls and calls based on top sector funds to achieve impactful knowledge and innovation projects. 

To the CS4NL website

Contactpersons

Antal van Kolck, programmamanager CS4NL
Send an e-mail
Frits Grotenhuis, director Topsector ICT 
Send an e-mail

Dutch society is digitalising at a rapid pace. Cyber security is a precondition for the safe and future-proof functioning of our country and contributes to our economic growth. That is why this component is an essential part of the Mission-driven and Top Sectors and Innovation Policy (Dutch MTIB). The importance and impact of digitalisation together with the complexity of the associated new cyber security solutions necessitate multidisciplinary, cross-sector and ecosystem-wide cooperation.

Purpose and setup of CS4NL

CS4NL promotes collaboration through programming and provides a substantial boost to cyber security knowledge and innovation in the Netherlands through open and targeted grant calls. CS4NL involves the entire innovation chain:

  • fundamental and applied scientific research
  • cyber security companies
  • industry that incorporates cyber security applications in products
  • private and public end users.

All top sectors have selected seven themes based on which tangible programmes of public-private partnerships will be formed. CS4NL operates a demand-driven approach to determine which technology should be developed. 

Security by design

Top sectors need to agree on a system of minimum requirements for hardware and software and their operation (such as identification, authentication and authorisation of data flows) so that processes and devices become more secure and their failure causes less damage. Governance within and between organisations is part of this issue: the application and safeguarding of the standards and agreements throughout the life cycle of systems and associated physical platforms.

Secure data-driven work

The social transitions of the top sectors are often supported by the use of data science and AI, in which data is central. New solutions are needed to exchange and process data securely. Knowledge and innovation questions about its use, creation and potential risks play a role in almost all top sectors. Legal and ethical issues also play a role in the top sectors' societal challenges. 

Secure and robust connectivity

A future-proof innovative Netherlands depends on a secure digital infrastructure; wireless and wired connections and the protocols and standards that ensure the functionality and security of connections. The demand for (secure) connectivity continues to grow in all top sectors, partly due to upcoming widely rolled-out technologies such as 5G and 6G. Physical infrastructure security and the agreement structure play crucial roles in this. 

OT/IT security

The intertwining of ICT and OT (Operational Technology) is increasing in critical (production) processes. Devices and systems talk to each other, read sensors and are mostly maintained and monitored by external parties from the point of view of efficiency and functionality. In all Top Sectors, there is insufficient understanding of the risks and threats posed by this integration. In addition, there is insufficient understanding of available control measures and insight into control measures to be developed.    

Cyber risk management

Several top sectors need innovation concerning effective and adequate cyber risk management. Knowing which risks apply requires more knowledge and data on the impact of cyber security threats, available measures and chain dependencies. The high dynamics of the digital domain and the deep insights required call for new approaches, for specialists as well as management.

System and chain security

Cascading effects or large accumulated damage from cyber attacks must be avoided in and across all top sectors. The fact that organisations are specifically part of long and complex, time-critical supply chains has led to the digital connectedness of organisations that is still growing. Additional knowledge is needed to understand and mitigate the cyber risks faced here. Another type of risk concerns digital components that are assembled in the chain into a larger product, such as software that is part of a larger software suite or a physical device.  

Cyber awareness, knowledge & skills (human capital)

Organisations do not always have the topic of cyber security sufficiently on their agendas. There are other priorities, an increasing stream of regulations, the translation of technical cyber issues to the board table is difficult and there is often a lack of manageable solutions. In daily work, it is difficult for employees to act in a digitally secure way at all times, for example due to a lack of risk awareness. Cyber security specialists are also in short supply.

Two tracks: low and high TRL

Programming proceeds along two tracks based on technology readiness levels (TRL).

  1. Lower TRL  
    An approach with NWO mission calls. The duration of projects in this track is at least 48 months and is primarily executed by PhD students.   
  2. Higher TRL  
    An approach in which, together with Top Consortia for Knowledge and Innovation (TKIs), projects with variable duration (often more short-cycled than the first track) are programmed. The seven themes are converted to more concrete problem descriptions (use cases) for this purpose.

CS4NL as a snowball

The scope range of CS4NL is 27 - 36 million euros for the period 2023-2027. Pivoting around CS4NL, partners are working together on continued development, including a possible National Growth Fund proposal for cyber security.

Broad ecosystem

CS4NL is emphatically an open ecosystem! The basis of CS4NL is a broad ecosystem, consisting of all top sectors and organisations from everyone's support base, the Academic Cyber Security Society (ACCSS), HBO, NWO, TNO, Cyberveilig Nederland (cyber business), Regional Development Agencies and the Ministry of Defence. Through the KIA Security, the departments of Economic Affairs and Climate (Dutch EZK) and Justice and Security (Dutch JenV) are also involved.