Speech minister Foort van Oosten bij ONE Conference

Good morning,

Twenty years ago, hurricane Katrina slammed into New Orleans. 
An unprecedented disaster in a low-lying city, surrounded by water. 
Just like here, a system of levees was meant to keep the water out. 
But the hurricane caused a powerful storm surge. 
The levees broke and 80 per cent of New Orleans was flooded. 
1,500  people died. 
One million people no longer had a home to turn back to.

And the painful truth is, part of the catastrophe could have been prevented.

New Orleans’ levee system was old. 
The coastal wetlands had once formed a natural buffer against storm surges. 
But they had largely disintegrated before 2005. 
And so, on the 29th of August, flood waters inundated the low-lying city of New Orleans. 

And so, the aftermath of Katrina cost many more lives. 

You may be thinking now: yes, it was a disaster, but what does this hurricane have to do with a conference on cybersecurity? 
My answer is simple: everything. 

Last summer here, and in Europe, we saw that the digital levees were unable to withstand a crisis or attacks by criminals. 
The medical data of hundreds of thousands of Dutch patients was stolen from a data centre. 
The Public Prosecution Service was hacked. 
And the power outage in Spain also meant that cyber systems were down. 
I think all of you could cite examples of system vulnerabilities in your own country.
So I’d like to focus on how we can better prepare for today’s cyber threats and for tomorrow’s digital risks. 
AI, climate change, geopolitical developments, cybercrime: they all pose significant threats to our way of life.
Our freedom and our digital space are at stake,  because we use it for payments, work, travel. 
And our healthcare system is fully digitalised, too. 
If systems go down, we need to be able to manage without them.

And that’s where you come in: cybersecurity experts have a key role to play. 
It is crucial for governments, businesses and public institutions – for you and I – to determine how resilient we actually are. 
And to enhance our security as needed. 
The Dutch public sector has made major investments to boost resilience against cyberattacks and cybercrime.  
But there’s always room for improvement when it comes to protection and preparation. 
It would help if everyone was much more aware of the risks of a major cyberattack or network failure.
The risk of disruptive disaster is real.  

We’ve heard the call to ensure that hospitals, supermarkets and banks can continue to operate if things go wrong. 
But prevention is better than cure. 

That’s why I’m working with public and private parties to implement the Netherlands’ Cybersecurity Strategy. 
The Cyber Security Act will be introduced next year. 
In addition, in 2026 three National institutes concerned with cybersecurity will merge into a centralised cybersecurity body. 
It will provide all organisations in the Netherlands with information and advice about digital and other threats and incidents. 
Because building resilience isn’t a task for government alone. 

We need to do it together. 

Not only by addressing weaknesses in our systems, but also by sharing the knowledge we have. 
Both nationally and internationally.
By making cybersecurity a constant priority for everyone. 
By investing in young talent to ensure that we’ve got smart people to protect us in the future.  
Public and private parties have underscored the importance of working together by signing up to the Cyclotron Programme. This is a voluntary agreement between public authorities and private sector parties. 
And now it’s up to the parties to implement it and get things rolling. 

A year before hurricane Katrina made landfall, government agencies had run a major disaster simulation. 
But nothing was done with the outcomes of this exercise. 
And that’s why New Orleans’ poorest residents ended up waiting for days for help to come. 
Without food or clean water, and without knowing the fate of their loved ones. 
Many of those who died in the days after the disaster should still be alive right now. 
If only effective plans had been in place and disaster relief had been mobilised more quickly. 
If institutions, staffed by people like you and me, had joined forces before the crisis. 

And so my appeal to you is simple:
Forge new partnerships today, 
exchange ideas about how to improve your cybersecurity and increase your resilience. 
And encourage others to do the same.

Because if the worst should happen, lives could depend on it.

Thank you.