Cloud and Infrastructure Ownership: Blind Spot in Digital Chains

Who owns the infrastructure your organization runs on? Cloud services and digital infrastructure form the foundation of virtually every modern organization. From ERP systems and customer portals to email and production systems: without cloud and underlying infrastructure, operations come to a standstill. Yet surprisingly few organizations have a clear picture of who actually owns that

Read more

Why cyber ratings belong in the annual report

Cybersecurity as a governance responsibility Cybersecurity has long ceased to be a purely technical IT issue. For directors and supervisors, it has become an integral part of business continuity, risk management and reputation protection. In a digital economy where organizations are highly dependent on cloud platforms, software vendors and international chains, stakeholders are increasingly expecting

Read more

NIS2, strategically important, but how do you get started?

For many entrepreneurs and executives, NIS2 is now clearly more than a legal obligation. The new European directive directly impacts digital resilience and the continuity of essential business processes. Non-compliance is not a theoretical risk: sanctions, reputational damage, and disruptions to daily operations are then a real threat. At the same time, many business leaders

Read more

Digital sovereignty under pressure at the International Criminal Court

The incident in which the International Criminal Court (ICC) temporarily lost access to its email environment touches on a fundamental governance issue: digital sovereignty. The Court, based in The Hague, is an independent international tribunal that prosecutes serious crimes such as genocide and war crimes. Such an organization must be able to operate autonomously at

Read more

A data breach that crosses the boundaries of one municipality

In December 2024, a serious data breach was disclosed at JCC Software, an external software supplier that provides the digital appointment system to multiple Dutch municipalities. Through this system, which is used by Municipality of Amersfoort among others, hackers gained access to sensitive personal data. However, the impact was not limited to Amersfoort. Because the

Read more

The Kaseya incident, the classic

The incident at Kaseya in July 2021 is often cited as a classic example of a digital supply chain attack. However, conversations with executives and CISOs reveal that the impact and lessons have not always been fully understood. Kaseya is an American software company that provides management solutions to Managed Service Providers (MSPs). These MSPs,

Read more