Speech by Ferd Grapperhaus, Minister of Justice and Security, at the opening of the One Conference, 2 October 2018, World Forum, The Hague

Toespraak | 02-10-2018

Ladies and gentlemen, it’s great to see you all here at the One Conference.

The organisers have given me a brief sketch of who you are. There are more than a thousand of you here today, including policymakers, technicians and academics. A very warm welcome to you all.

And I’d also like to welcome the fifty speakers who will address the Conference.

I’m told that a large number of today’s participants are hackers – and excellent hackers at that.

Now, you’re probably thinking: here’s the Minister of Justice and Security, and one of his priorities is combating cybercrime. So he’s going to slam the conference doors and trap us all inside. To be honest, I did consider it, but only because I badly need your help.

This conference, as its theme reminds us, is about Merging Worlds – securing the connected future.

And, of course, I can’t do that without your help. I need all of you to do your part.

To seize the opportunities of the digital transformation, and to make cyberspace a safer place.

Government also needs to help advance these opportunities. The fantastic promise of the digital world. A sensible government won’t place unnecessary constraints on the march of progress. Instead, it must guide the process effectively. That’s our job. And we’re doing our part. Take for example the new bill that’s now before the Senate, which introduces security requirements for critical infrastructure.

Ladies and gentlemen,

I’m sure I’m not the only one, but I never fail to be impressed by today’s rapid technological advances.

Let me give you two very recent examples.

Given my responsibility for combating crime, I was struck by what I saw in a recent TV news item.

Many of you will remember the terrible images of the two women and two children who were shot dead in Cameroon this summer. The video footage was all over the internet. The government of Cameroon claimed that the footage was fake. Working from his Dutch hometown of Groningen, the Australian open-source analyst Benjamin Strick managed to work out who was behind the murders. Using tools such as geolocation, he identified the soldiers who’d committed this atrocity. This example shows how powerful technology can be in helping to solve crimes. But more importantly, it shows that technology has an impact on criminal law.

There are also examples in the Netherlands itself. Recently, a woman was violently abducted from her home, in the dead of night. Understandably, there were fears for her life. Using the latest technology, investigators were able to locate the vehicle she was in, and the kidnapper was arrested, preventing a far worse outcome.

These are truly positive developments.

But you don’t need me to tell you that the internet also has a dark side. A deeply sinister side. And you can rest assured that I’m committed to fighting the forces that use cyber tools for criminal ends. I need your help here, too. But of course, in the process we must all respect key values like privacy.

One of the most despicable developments in cybercrime is the spread of child pornography via the ‘dark web’. On the ‘regular’ internet, we can catch offenders fairly often. But on the dark web, it’s far more difficult. For me that’s simply unacceptable. We need your expertise, creativity and hard work to stop these dreadful practices.

With that in mind, I applaud the National Police’s High-Tech Crime Team for taking over and then closing down the Hansa Market site. This shows that criminals on the dark web can no longer consider themselves untouchable.

These investigative methods also show that we need to use your expertise not only where resilient systems are concerned, but also when it comes to the value of the information stored within them.

Professor Bibi van den Berg said some wise words in that regard. Cybersecurity, she argues, is much more than technology alone. It’s essential we look at how people use technology if we want to gain insight into the threats we face. Words of wisdom indeed.

And that’s why it’s important that we’re gathered here today. As I said, we have a very diverse group of participants. And I think that’s where our power lies.

We all have to connect with each other if we want to make cyberspace a better, safer place. No one has all the answers. So it’s vital that you talk to each other during this conference. To achieve great things, we need that mix of perspectives.

The government is investing heavily in cybersecurity. It’s a central part of our coalition agreement, and this year saw the launch of the Dutch Cybersecurity Agenda. I’m sure many of you are familiar with it.

The measures set out in the Agenda include rolling out a global network of cyber diplomats. And this year the Netherlands produced the Roadmap for digital hard- and software security.

At the end of my remarks I will give you a sneak preview of projects developed by a new public-private alliance, another initiative launched alongside with the Dutch Cybersecurity Agenda.

This year we’re investing an extra 30 million euros in cybersecurity, cybercrime enforcement and digital criminal investigation. We want to give cybersecurity research a boost, for example, and invest more in preventing and investigating cybercrime.

Because – as you all probably know but many others don’t – prevention is better than cure. That’s why prevention is, and will remain, a cornerstone of our efforts.

In October each year we ramp up our efforts to raise cybersecurity awareness through our ‘Alert Online’ campaign. As I’ve said, these efforts aren’t really aimed at you, but they are certainly needed. Research has shown that many Dutch people don’t worry much about cybersecurity risks. Public awareness of cybersecurity is no longer growing the way it did in recent years. It’s stagnating. And needless to say, that’s not what we want. After all, in every other sense companies and individuals do take responsibility for their own security. It’s perfectly normal to lock your front and back doors at home. To install a video camera, perhaps, or a burglar alarm. But when it comes to our devices we seem to lay down the welcome mat and say, ‘Come on in!’

There’s a role here for private parties, too. And fortunately there’s a great deal of interest on their part. With that in mind, I’m very pleased about the development of the ‘Cybersecurity Health Check’. It’s a tool created by the large accounting firms to help accountants and medium-sized enterprises assess companies’ cybersecurity. This shows that the private sector is taking its responsibility. And now I would like to see more public-private initiatives.

Ladies and gentlemen, it’s time for me to conclude.

I promised I’d give you a sneak preview of a new initiative in our country.

I also noted that the government can’t guarantee cybersecurity on its own. In the Netherlands, like anywhere else, we need joint action to make our country safe. Everyone concerned needs to take responsibility and, where necessary, help others do the same.

I am therefore proud that the Netherlands has started a Cybersecurity Alliance. In May this year, a large number of companies and other organisations joined forces to increase the Netherlands’ cyber resilience by collaborating on the goals and measures set out in the Dutch Cybersecurity Agenda. And now, six months on, the first concrete projects are getting under way.

A great many parties are already involved in the Alliance. If you aren’t yet a member, perhaps the short film you’re about to see will convince you of its value.

Thank you.