September 30, 2020
There is a period of 11 years between the first national research agenda in the field of information security and the latest cybersecurity research agenda. Community building on this topic started earlier, in 2004 with the start of the Sentinels research program. The ICT security researchers united in the “Nederlandse Vereniging voor Security Onderzoekers” (NVSO). The establishment of the ICT Innovation Platform “Veilig Verbonden” (IIP-VV) in 2007 was a coalition in the security area between researchers and companies. The board included Fox-IT, Philips and Postnl. That platform has existed for almost 9 years and issued three research agendas. In the early years it had the support of the National ICT Research and Innovation Authority (ICTRegie), and when that body stopped, the IIP-VV received support from NWO and the ministries of EL&I, later Economic Affairs and Security & Justice, among other things to write a new edition of the National Cyber Security Research Agenda (NCSRA), which previous edition was referred to in government policy papers. Showcases of the harvest (or new cybersecurity knowledge) that spawned successive research agendas were the NCSRA Symposia.
In 2016, the IIP-VV was succeeded by dcypher, the Dutch cyber security platform higher education & research. It took over the entire legacy of the IIP-VV, but not without a change of course. ICT Security (which was the subject of the first NCSRA from 2011) was broadened to cybersecurity and positioned as a multidisciplinary research area. ICT security remained important, but the (business) economic, ethical, legal, philosophical and human factor aspects became increasingly important. Cybersecurity research within all these disciplines and between different disciplines deserved support. Researchers from those disciplines still had to get to know each other. That was the new function of the dcypher Symposia, successor to the NCSRA Symposia, the meeting place for ALL cybersecurity disciplines with the supplying and purchasing cybersecurity industry, the government and each other. A second important addition was the focus on cybersecurity higher education, which was dedicated to the platform. The end result of that work was the publication and festive presentation (in Corona time!) of the National Cyber Security Education Agenda (NCSEA) in March 2020, of which we also released an English version last week.
Looking back, it has been a privilege to have been involved for so long in the development of an emerging and ever-growing field. In the preparation for the last dcypher Symposium I actually looked back and relived some great events. I also came across the assignment I received from the NCTV in 2014 to write a design plan for a new “cybersecurity platform for new and established companies, students and researchers”. The problem statement was: “A good cybersecurity knowledge infrastructure not only supports the resilience of our society, but also offers opportunities for developing expertise and finding niches. Moreover, it guarantees the continuous inflow of new experts and the development of new knowledge. In order to face the major challenges, or the threats to which our cybersecurity is exposed, research and education in the field of cybersecurity must be (permanently) strengthened. To stimulate cyber security innovation, a multidisciplinary approach is needed, which also includes the non-technical sub-areas. The innovative products and services that are thus developed help the Netherlands to respond to the rapid (technological) developments in the digital domain. Dutch design (in security) can also be a distinctive quality stamp for security and privacy in ICT products and services and contribute to economic growth.”
If I could write another column, I would like to pay attention to answering the question of how far we are in solving the problemstatement which was formulated at the start of the preparation of dcypher in 2014. For instance, how would we translate the term “Dutch design (in security)” in 2020? The best translation that comes to my mind is “Digital Autonomy”, thanks to the inspiring panel on this topic at the dcypher Symposium on September 28th.
The image with which we announced this symposium was a long straight road under a blue sky. You can see far. In the distance it got a bit more hilly. On a road without turns you can get further and you will not be distracted. After all, the shortest way between A and B is a straight line. Thus dcypher went straight for his goal, even though that goal was not very clearly defined at the beginning of the road. It will automatically become clear if you continue. Of course we came across bears on that road. We sometimes had to put on the brakes for that. Uncertainties about ultimate ownership and coordination of our education agenda, the effect of ”De Verkenning” on the dcypher bureau, and so on. But all that didn't stop us from looking ahead, picking up the throttle and going forward right through to today, Wednesday, September 30. Much has been achieved, but much remains to be done and improved. Glad there is a follow-up. I wish the new platform every success. The dcypher heritage is ready. I will not repeat the advice given in my closing words at the dcypher Symposium here. Let me add one more: Continue on the path taken by dcypher, perhaps the road will soon bend into another direction, you will notice that automatically. In this review I tried to show that changes in direction were essential in the development of a community, which started out small, consisted of a handful of ICT security researchers and now consists of at least 1,268 subscribers of the last dcypher Newsletter.
Jan Piet Barthel (director dcypher, until October 1, 2020)