Provinces leaky as sieves
‘We may have gone a bit overboard with protective legislation’. According to Bibi van den Berg, Professor Cybersecurity Governance at Leiden University, the sanctions that can be imposed when failing to report a data leak are so severe that organizations tend to cramp up when faced with a possible leak.
Van den Berg made her statements during an interview on the Dutch radio programme ‘Reporter Radio’, on Sunday evening 17 March. The episode was dedicated to the results of an investigation by Dutch regional newspapers ‘Leeuwarder Courant’ and ‘De Limburger’, and Dutch regional TV station ‘Omroep Brabant’. With the help of a Wob-verzoek (a Public Access Act request) they had obtained the official data on registered data leaks from the Dutch provinces. The inquiry showed a significant rise in registered data leaks last year. 52 leaks were reported in 2017, while 90 reports were filed in 2018.
Read the full article in iBestuur [Dutch only]