Within a single generation, the digital world has changed completely: from a technical niche for 'nerds' to a reality that affects everyone. Cyberattacks, data breaches and system failures can disrupt essential social processes. How can we ensure that our society remains digitally resilient?
From convenience to vulnerability
'From the moment we wake up and reach for our phones to the instant we order our groceries online, everything that offers convenience also makes us more vulnerable,' says Daan Weggemans, Assistant Professor at the Institute of Security and Global Affairs.
That vulnerability only becomes visible when something goes wrong. 'When air traffic comes to a halt because of a faulty software update, you see how deeply digital systems are woven into our daily lives.' According to Weggemans, the causes of digital disruption can broadly be divided into two categories: human error and criminal attacks. 'Whether an incident is malicious or not, the impact can be enormous.'
Cybercrime as a business model
Where money circulates, criminals find ways to profit from it. 'In the past, there might have been a few hackers extorting individuals,' Weggemans explains. 'Today, cybercrime has developed into organised crime with major economic and social consequences.'
Criminal networks operate like businesses, complete with products and services. Consider ransomware: software that locks files until a ransom is paid. 'A professionally organised underground market has emerged,' he says. 'On the dark web, you can buy almost anything - from ready-made viruses to access to specific networks.' The dark web refers to the non-indexed, anonymous layer of the internet where criminals trade data and illicit digital services.
The effects of digital attacks are felt across all sectors, from universities to hospitals and government bodies. A recent example is the hack on the laboratory that conducts research for the national cervical cancer screening programme, in which large amounts of personal data were stolen. 'Such incidents directly undermine public trust in government and healthcare institutions,' says Weggemans.
The effects of digital attacks are felt across all sectors, from universities to hospitals and government bodies. A recent example is the hack on the laboratory that conducts research for the national cervical cancer screening programme, in which large amounts of personal data were stolen. 'Such incidents directly undermine public trust in government and healthcare institutions,' says Weggemans.
Not always malicious, yet highly disruptive
'Sometimes a simple human error is enough to bring the world to a standstill,' Weggemans notes. 'A few lines of faulty code can suddenly disable vital communication or infrastructure.' He points to incidents such as the global airport disruptions caused by a malfunction in CrowdStrike's software. 'There was no malicious intent behind it, yet the impact was immense. It shows how dependent we are on digital infrastructure.'
For Weggemans, digital security is a multi-layered challenge. 'It's not only about technology, but also about human behaviour, organisational choices and legal frameworks. How is security arranged? Who carries responsibility? And what happens when things go wrong?'
Part of the solution, he argues, lies in security by design: systems that are built securely from the outset, with attention to users who are not digital experts. 'Digital security should be intuitive and reliable,' he says. 'People should be able to trust that it works without having to think about it. We cannot expect every citizen or small organisation to have all the necessary expertise.'
Balancing openness and security
Digital security belongs on every boardroom agenda, Weggemans believes. 'It affects every organisation, from local authorities to national ministries. Cybersecurity is a governance issue.' Yet many organisations only take action after an incident. 'That is too late. You should not start thinking about digital security once your systems have already gone down.'
Knowledge development is therefore essential, particularly for professionals outside the technical domain. 'We cannot expect everyone to become a programmer,' he says. 'But policymakers, legal experts and executives must understand how digital risks work, and how their decisions can influence those risks.'
'Digital security belongs on every boardroom agenda.'
Digital security demands leadership
Digital security belongs on every boardroom agenda, Weggemans believes. 'It affects every organisation, from local authorities to national ministries. Cybersecurity is a governance issue.' Yet many organisations only take action after an incident. 'That is too late. You should not start thinking about digital security once your systems have already gone down.'
Knowledge development is therefore essential, particularly for professionals outside the technical domain. 'We cannot expect everyone to become a programmer,' he says. 'But policymakers, legal experts and executives must understand how digital risks work - and how their decisions can influence those risks.'
The future calls for digital minds
The demand for professionals with digital expertise is growing rapidly. Governments, security agencies and companies are seeking people who understand how technology, policy and law intersect. 'That's why, as a university, we invest in programmes that connect academic knowledge with professional practice,' says Weggemans.
As director of the new bachelor's programme Cybersecurity and Cybercrime, he experiences this urgency every day. 'Interest is high, and organisations are already asking when students will graduate. They need people who understand technology and can navigate its governance context.'
'Technology is advancing at lightning speed,' Weggemans concludes. 'But ultimately, it is people who decide how we use it. The choices we make today - in policy, design and education - will determine the digital resilience of tomorrow.'
In January, the Centre for Professional Learning will offer the Cybersecurity Programme. One of the lecturers is Daan Weggemans, Assistant Professor and researcher at the Institute of Security and Global Affairs (ISGA).
The Cybersecurity programme
The CPL's Cybersecurity Programme examines these digital risks. Over four intensive days, participants gain insight into the technical, legal and administrative dimensions of digital security. 'They learn to speak each other's language and to see how policy, organisation and technology can either reinforce or undermine one another,' says Weggemans.
Participants come from a wide range of sectors - government, healthcare, infrastructure, justice and business. 'That diversity is valuable,' he adds. 'A lawyer, a policy adviser and an IT manager each view the same problem differently. Bringing those perspectives together fosters understanding, collaboration and practical capability.'
