About Cyber Resilience Center Brainport

Resilient through cooperation

Brainport is the first economic area in the Netherlands to have a Cyber Resilience Center. Since September 2019, the foundation has been helping companies within the knowledge-intensive industry with resilience against digital espionage and cyber attacks.

This makes the Eindhoven high-tech region a leader in the Netherlands, which takes, besides the vital sectors designated by the government (such as health care, energy, port, etc.) cyber resilience serious. Within the center, companies can be part of a collective, professional system fighting against online attacks.
Participants can exchange confidential information via a well-secured, private platform about threats as well as solutions.

The high-tech and manufacturing industry consists of a chain of companies. This highly interwoven ecosystem is only as safe as possible if all players are resilient to cybercrime.

Nearly 25 companies from the high-tech industry were at the cradle of Cyber Resilience Center Brainport.

The initiative was further developed with the help of TNO, the Ministry of Economic Affairs and Climate, the Ministry of Justice and Security, Brainport Industries, Brainport Development, the Eindhoven Metropolitan Area, the Province of North Brabant and BDO Advisory.

The foundation is closely linked to the Digital Trust Center and the National Cyber Security Center.

Together we want to control the risks of digitization and vulnerabilities as much as possible. That is the connecting factor for all of us!
Every chain is only as strong as its weakest link.

Brainport Eindhoven regio heeft als eerste in Nederland een Cyber Weerbaarheidscentrum om bedrijven binnen de kennisintensieve industrie te helpen met weerbaarheid tegen digitale spionage en sabotage. Daarmee is de hightech regio koploper in Nederland die – naast de door het Rijk aangewezen vitale sectoren (zoals gezondheidszorg, energie, haven etc.) – serieus werk maakt van cyber weerbaarheid. Binnen het centrum kunnen met name bedrijven uit het MKB aansluiten op een collectief, professioneel systeem tegen online aanvallen.

Ruim twintig grote bedrijven uit Brainport Eindhoven wisselden al (mondeling) vertrouwelijke informatie uit op het gebied van cybersecurity binnen de Eindhoven Cyber Security Groep (ECSG).
Voor het sterk verweven ecosysteem in de hightech regio geldt echter dat deze als geheel pas echt zo veilig mogelijk is als alle spelers weerbaar zijn tegen cybercrime. Daarom besloten de ECSG, Brainport Industries, Brainport Development, BDO Accountants & Adviseurs, de Provincie Noord-Brabant en de Metropoolregio Eindhoven, gezamenlijk de opgedane expertise van de ECSG verder uit te bouwen tot een Cyber Weerbaarheidscentrum Brainport (CWB).
Door een first user groep van bijna 25 bedrijven uit de hightech industrie is in 2018 gewerkt aan de ontwikkeling van de dienstverlening zodat CWBrainport, in het derde kwartaal van 2019, een vliegende start kan maken. Belangrijke bouwstenen daarbij zijn de pilot over informatiedeling en -uitwisseling die is uitgevoerd door TNO in opdracht van het ministerie van Economische Zaken en Klimaat (Digital Trust Center) en het aansluiten op de besloten informatie van het Nationaal Cyber Security Center van het ministerie van Justitie & Veiligheid. Allemaal willen we de risico’s van digitalisering en kwetsbaarheden zo goed mogelijk in de hand houden. Dat is onze verbindende factor!
The Cyber Resilience Center Brainport continues to build on the foundation laid by the Eindhoven Cyber Security Group (ECSG). This Information Security & Analysis Center (ISAC) was founded in January 2014 by 20 larger companies in the Brainport Eindhoven region. Almost all members are part of the highly knowledge-intensive industry.

The shared challenge is protecting Intellectual Property (IP) and the fact that many of the suppliers cannot (yet) protect themselves. The ECSG has worked on this by exchanging information about vulnerabilities, incidents and best practices on an informal but private basis. Via the affiliated members, work has been done on an unstructured basis (and often at a tactical level) to increase the cyber resilience of suppliers.

Practice has shown that this formula works, but is not sufficient: the information is fragmented and often focuses on individual organizations instead of supply chains. This was the starting point for the development of the Cyber Resilience Center Brainport, an organization specialized for the high-tech industry in which larger and smaller companies work together on cyber resilience.
For the sake of SMEs, especially in the knowledge-intensive industry, the Ministry of Economic Affairs and Climate already called in May 2017 to set up a cybersecurity information exchange for and by companies, which had to be linked to the available confidential government information. It was the basis for the creation of a Digital Trust Center (DTC).

The main functions are:
  • information hub: providing relevant and clear information about current cyber threats, intelligence and action perspectives;
  • digital shelter for consultation, advice and victim support; center of expertise;
  • certification, quality mark and labeling;
  • boost function to build an ISAC (Information Security & Analysis Center) function in various sectors;
  • coordination and funnel for the really important themes and drawing up a roadmap;
  • innovator and sounding board for the cyber industry;
  • coffee corner: get to know each other and dare to call and trust each other.


The Cyber ​​Resilience Center Brainport has been identified as a front runner and has been embraced by the DTC.
The National Cyber Security Center (NCSC) is subject to the Ministry of Justice and Security. This warning service is also a consultative institution and focuses primarily on vital sectors in the Netherlands, namely: Port, Airport, Financial Institutions, Multinationals, Telecom, Nuclear, Healthcare, Energy, Water, Managed Service Provider, Insurance, Government and Pensions.

The government has not established a comparable institution for organizations that fall outside the critical infrastructure, such as their suppliers. Because the Dutch high-tech industry is not covered by vital infrastructure, this means that they are often warned later (or sometimes not at all) when the public sector has become aware of a threat or a vulnerability.

Only when the information is classified as “public information” it is shared with the high-tech industry. It can therefore happen that a threat is known to the vital sectors so that they can arm themselves in time, while at that moment the threat becomes manifest for a company in the high-tech industry.

In order to strengthen the digital resilience of the Netherlands, the NCSC has the legal option to share information with organizations whose objectively recognizable task is to inform other organizations or the public about threats or vulnerabilities. This applies to Cyber Resilience Center Brainport and will be finalized in the spring of 2020.

Team

Alexis Barron

Director ad interim

If you want to know more about the foundation, the services, the working method and the membership, I am happy to be at your disposal.

Lisette Oosterbosch 2

Lisette Oosterbosch

Communication & Event manager

Contact person for questions or suggestions for events by the CWB.