Dutch telecom providers are obliged to take new security measures in the coming year. The ISPs are required by the outgoing cabinet to keep better control of incidents, better screen staff and implement more security updates.
The requirements are set out in the Ministerial Regulation on Security and Integrity of Telecommunications. This directive comes from the government. It wants to improve the security of telecom networks. According to outgoing minister Stef Blok of Economic Affairs and Climate Policy, Dutch citizens and companies ‘must always and everywhere be able to count on reliable and safe mobile infrastructure’. “After all, society and the economy can only function if, for example, our data, financial traffic and communication are safe”, writes Blok.
Providers must comply with several basic rules before October 1, 2022. They fall into five categories. One is the security of physical technology. Providers are required to ‘protect them automatically and up-to-date against malicious software’. It is also mandatory to secure the infrastructure by ‘targeted encryption of critical data’.
In addition, providers must continuously monitor technical infrastructure for incidents, and stricter requirements will be imposed on suppliers and administrators of software. Employees who work on certain infrastructure components must also be screened structurally and background investigations are mandatory.
The government already started last year a consultation for the plan. Telecom networks fall under so-called vital infrastructure. Disruptions to such infrastructure could ’cause serious disruption of society’. The new regulation is therefore part of a broader government initiative to improve the security of such networks.
–