In the accountability survey of the Algemene Rekenkamer (Court of Audit), which was published today, is stated that RCN’s information security has strongly improved broadly speaking. After it was established in 2017, that physical security and IT security were not in order, SSO-CN started working on an improvement plan.
Improvements have been made, including in the area of access control of the buildings of the Rijksdienst and the security of the network. The buildings are only accessible with an access pass.
New equipment was taken into operation, which has network monitoring greatly improved. This allows threats and malicious intentions to be noticed and stopped earlier. As a result abuse and interruption of the network have decreased sharply. It is also no longer possible to access the network of RCN with an unauthorized computer.
According to the Algemene Rekenkamer, an effective approach based on the improvement plan resulted in a great deal of progress in a relatively short time. This has greatly improved the level of information security at RCN broadly speaking. However, the Rekenkamer recommends that additional steps have to be taken, in order to maintain this level in the future. From now on the SSO-CN will periodically check and enforce. This way new shortcomings can be discovered faster and resolved more effectively.
How the services in the field of information security of the SSO-CN can be structured better, will also be investigated. The first step in this direction was taken by the kick-off of a joint task force with the Belastingdienst/CN. An external party helps to develop a vision for the future of IT. Mid-June follow-up steps will be determined based on this.