I/O Magazine  >  October 2020



         Another great example of community building is the   research agenda reflected more in cybersecurity educa-
         Capture the Flag event “Challenge the Cyber” which   tion. ‘Both higher professional education and university
         dcypher co-organised. It’s a hacking competition    education have a number of wonderful cybersecurity
         for students from universities and high schools that    courses, some mainly technical, others with a mixture
         was organised for the first time in 2019. Poll: ‘Thanks    of a technical orientation and an orientation from
         to this event I have now more contacts with other    the humanities and behavioural sciences. But on the
         educators in higher education. It’s a great initiative    whole, I think that the behavioural sciences and the
         that also stimulates cooperation.’               humanities should be given an even greater role in
                                                          cybersecurity education.’
         Before the advent of dcypher, cybersecurity was mainly
         seen as a technical topic. dcypher changed that. Poll:
         ‘The latest version of the research agenda emphasises
         that cybersecurity is not just a technical subject, but                          Erik Poll:
         a multidisciplinary subject that also requires lawyers,
         economists, psychologists and organizational experts,                           ‘The cybersecurity
         for example.’
                                                                                          field is much more
         These experts can investigate questions such as: What                            united than it used
         drives cyber criminals? How does their organisation                              to be’
         work? Which cybersecurity standards are needed?
         What laws and regulations are required? How can
         the behaviour of IT users be changed effectively to
         reduce cybercrime?


         Education agenda                                 Given the mission of dcypher, a lot has been achieved
         Professor of Cybersecurity Governance Bibi van den   in a short time, says Van den Berg. But if she has to
         Berg of Leiden University, who is also a member of    mention one aspect that has been less successful,
         the Cybersecurity Council, has worked hard in recent   then it is the valorisation of cybersecurity research.
         years on setting up cybersecurity education. She    ‘The bond between science and industry has become
         is particularly pleased that dcypher, after initially    stronger through dcypher, but there are still not
         focusing on cybersecurity research, has drawn up    many ideas from science that connect seamlessly
         a cybersecurity education agenda in the last eigh teen   with industry and vice versa. We can do better there.’
         months. Van den Berg: ‘That is a great piece of    Poll had hoped that dcypher could have secured
         work that shows where the needs in cybersecurity    long-term, structural research funding, but unfortu-
         education lie. And it runs from primary education    nately that did not work out. ‘The problem here is
         to post-university education. Before the arrival of   that cybersecurity cuts across various ministries
         dcypher, we had little insight into how cybersecurity   and that each ministry is an individual compartment.’
         education in the Netherlands was organised.’     Van den Berg agrees that this compartmentalisation
                                                          is an obstacle: ‘Both our research and education
         The cybersecurity education agenda is in line with the   agendas are deliberately integrated and broad. But
         analysis that the Netherlands is training too few skilled   then things go wrong in terms of financing within a
         cybersecurity professionals and that a lot of talent is   compartmentalized ministerial landscape. We have
         leaving and going abroad. Erik Poll has personally    to find a solution for this.’
         seen the brain drain happen a number of times: ‘We
         see young researchers leaving for Germany or the UK,
         where there is more money for research. We asked    Delta Commissioner
         a former PhD student of ours, who now works in the    Van den Berg sees an opportunity in appointing a
         UK, to become a professor in the Netherlands. But he   kind of Delta Commissioner for cybersecurity, or
         replied that he could get better funding for his research   setting up an umbrella body that falls under the
         in the UK and therefore did not want to return.’   Ministry of General Affairs. ‘Then you can say: this
                                                          is our leading cybersecurity agenda, this ministry is
         Van den Berg is pleased that the research agenda aims   about this part and that ministry is about that part.
         to increase attention for cybersecurity throughout the   We are now making one large multi-year plan with
         entire education chain. ‘We currently have a massive   that much budget. However, my most important
         shortage of well-trained teachers. We can only turn    lesson for the future is: embrace the current dcypher
         that tide by starting early in education. We can already   research and education agendas and do not let the
         teach children that cybersecurity is a relevant societal   networks and collaborations that have been carefully
         theme, that you can do exciting things in it and also   built up go to waste. Whatever platform comes after
         get a nice, good job.’ Van den Berg would also like    dcypher, that should be its main mission.’ Poll agrees
         to see the multidisciplinary character of dcypher’s   with van den Berg’s conclusion, adding one final,

           6