third Cyber Security Assessment Netherlands - NCSC

harm to the integrity of such information. The chapter also reviews
current developments here.
Threats consist of accidental events and negligence, or the actors’
(Chapter 2) intentional or intended activities. An attack may
manifest itself but be detected and countered. In this case,
the resilience is adequate. The degree to which the actors have
the intention and skills to equip themselves with technical and
other tools (Chapter 3) largely determines the potential impact
and chance of success of an attack.
The Resilience of end-users, organisations, and society can limit the
chance of a threat manifesting itself and its subsequent impact.
Resilience comprises the absence or presence of vulnerabilities among
people, organisations or technology (Chapter 4) and measures
to boost resistance, strengthen defences and limit vulnerabilities
(Chapter 5).
Chapter 6 describes the Manifestations in the Interests, Threats, and
Resilience triangle. This chapter also describes expected developments
with respect to threats.
Topics of particular interest are discussed further in the detailed
sections, including: Cyber crime, Cyber espionage, Botnets, DDoS,
Hyperconnectivity, Grip on information, Vulnerability of IT,
Vulnerability of the end user, and Industrial Control Systems. These
topics were selected with the consensus of a large number of the
parties who collaborated on this CSAN.
The core assessment was compiled from information sourced from
the detailed sections. For the sake of readability, we do not always
provide references to actual sources. The Appendices contain
the References, a summary of Incidents dealt with by the NCSC,
and a Glossary of terms and abbreviations. Throughout the text,
numbers in superscript refer to footnotes on the same page while
references to the list of references (see appendix 1) contain a short
description of the reference. «
14