(Dutch only)

Are you not a member of FERM yet?

With a view to increasing awareness around cybersecurity in the port, the FERM foundation was set up in 2021. Over the subsequent years, FERM has worked, together with public partners (the Police, Deltalinqs, Municipality of Rotterdam, Rotterdam-Rijnmond Safety Region, Rijnmond Environmental Protection Agency (DCMR), Port of Rotterdam Authority, Province of Zuid-Holland and Customs) to bring more companies on board. FERM draws attention to the unbalanced growth between the rising threat and the number of companies taking sufficient measures against cyberattacks. For a small annual contribution, companies that join FERM receive solid advice and training to boost their own resiliency and the resiliency of their ecosystem. FERM also organises regular knowledge sessions on cyber-related topics and the implementation of NIS2.  

In order to boost the resiliency of companies, in the short term, The Hague is coming up with more rules. In 2024, the NIS2 Directive is going to be translated into Dutch law. NIS2 is an update to the current EU cybersecurity legislation. The more comprehensive directive contains more stringent security requirements for essential and important entities and introduces stricter supervisory and enforcement measures. The introduction of the new legislation dramatically increases the number of organisations within the port of Rotterdam that will be required to comply with this cybersecurity legislation.  If your organisation belongs to one of the 18 designated sectors, employs 50 or more people and has an annual turnover of more than €10 million or total assets of more than €43 million, you can expect NIS2 to be applicable to your company. The new legislation is anticipated to have a positive effect on the digital resiliency of organisations within the port industrial complex. So, don’t wait around for the implementation of NIS2, get started now on preparing and implementing measures. 

Likewise, the digital threat to companies in the port of Rotterdam is as big as ever. Resiliency to such threats is therefore a prerequisite for the proper functioning of the nautical and logistical processes in and around the port. Whilst there were no incidents affecting vital systems last year, a variety of incidents did happen. DNV’s ShipManager software fell victim to a cyberattack. With ShipManager, DNV offers a global online platform for shipping lines to use for fleet management purposes. The attack temporarily affected the management of around 1,000 vessels. Luckily, the attack didn’t impact the functioning of the vessels. The digital services of maritime service provider Royal Dirkzwager were also unavailable for a week as a result of a cyberattack. In June, the Dutch seaports suffered a DDoS attack carried out by Russian hackers, causing the websites to be offline for several hours. Here, too, the attacks were unable to compromise the safe and smooth processing of the shipping traffic in the port of Rotterdam. However, several companies within the port did experience disruption due to digital services and information being unavailable.  

In these days of rising geopolitical tensions between East and West, state actors are using cyberattacks to achieve their geopolitical objectives. However, cyberattacks are not limited to the global stage. Companies in all sectors are part of a digital network within which online tools and apps are used to exchange all kinds of information with suppliers, clients and other service providers such as, for example, your accountant or your transport company. A recent report by ABN AMRO² showed that more than 75% of companies have been affected by cybercrime at some point. Last year, that figure was ‘only’ 45%. For the first time, the attacks on SMEs are exceeding those on large enterprises. Under the influence of new technologies such as AI, cyberattacks are also becoming increasingly advanced and therefore harder to spot. The Netherlands National Coordinator for Counterterrorism and Security (NCTV) therefore warns organisations to expect the unexpected and set up their security accordingly. 

Phishing, ransomware and DDoS attacks, misinformation and fraud. Cybercrime appears in many forms and is considered among the top 10 greatest business risks worldwide¹. Dutch society is highly digitalised. Companies and organisations are more than ever before part of a digital ecosystem. This has tremendous advantages for business operations, but it does also make business vulnerable. After all, cyber incidents can affect anyone. It’s no longer about what the data is worth to the hackers. It’s about what the data is worth to you as a company.