Elly van den Heuvel

Director, Netherlands Cyber Security Council (CSR), Ministry of Security and Justice of the Netherlands

PERSONAL INFORMATION Elisabeth Christina (Elly) van den Heuvel Profile Director to the Cyber Security Council (CSR), Elly van den Heuvel, is highly regarded as a motivational manager who skilfully and sensitively taps into the power of multidisciplinary collaboration to achieve a common goal. With cooperation laying a solid foundation for the success of her activities, and fruitful consultations with all relevant parties in the private, public sector, including academia, she has furnished CSR with a more contemporary, future-oriented focus. Equipped with a unique combination of cybersecurity operational, tactical and strategic knowledge coupled with proven competent leadership, Van den Heuvel’s knowledge and skills facilitate effective communication on every level: from IT professional to civil servant. She is well acquainted with working in a complex national and international environment, and fully understands the various interests and concerns involved. She engages in and is a strong proponent of a unifying leadership approach, which compels full engagement from all concerned. Van den Heuvel represents the Council at meetings, conferences and commissions at national and international level. Previously (2008 – 2014), as Head of the National Cyber Security Centre and GOVCERT.nl, Van den Heuvel focused on professionalising the organisation by developing products and services that contributed significantly to the cybersecurity of connected organisations. By doing so, it set itself up as demand-oriented, whereby products and services matched the needs of stakeholders. Her attention was equally focused on organising public-private cooperation within the cybersecurity domain. Added to her achievements were building a sturdy foundation of trust with all stakeholders, and the preparation and coordination of ICT crisis management during a national crisis (DigiNotar). Responsible for operational coordination of large incidents in the critical infrastructure, she has exhibited verifiable competencies in establishing clear objectives and carrying out her duties with commitment and unflagging determination. Acknowledged for patient, interpersonal interaction, Van den Heuvel is quick to form bonds of trust and loyalty with both staff and colleagues. An undergraduate degree in communication management affords her the ability to identify and transmit salient information in a lucid and efficient manner. In her capacity as a professional coach specialising in more effective work procedures, she endorses receptivity to feedback, and is a passionate advocate of the indispensable value of self-reflection. Fully at ease in a multicultural environment, she generates and maintains an impressive global network in the cyber community, and is regularly invited to serve on advisory boards. As a much valued keynote speaker, she has given presentations at national and international conferences including Denmark, Sweden USA, Australia, Japan, France and Singapore. She is an active and respected member of the cybersecurity community as Advisor Cybersecurity World Economic Forum WEF (2018-present), Chair woman of the advisory board of the International Cybersecurity Forum FIC (2018-present), Member Supervisory Board of the Healthcare CERT (Z-Cert) (2017-present) and Initiator of the Cyber Security Summer School (NCS3) and Women in Cyber Security (WICS) International Network for women working in the field of cyber security and cyber crime (2012). She has published various publications on cybersecurity. WORK EXPERIENCE Director to the Cyber Security Council (CSR) (15-08-2014–present) Ministry of Security and Justice, National Coordinator, Counter Terrorism and Security A Level Security Screening Independent advisory body to Dutch Cabinet comprised of 18 high-level representatives from scientific sector and public and private parties. Council gives advice, both requested and unsolicited, to government and private parties. • Holds responsibility for written strategic advices and practical guides produced by CSR  ‘Cyber Security in Education and Industry’  ‘Cyber security guide for boardroom’  “European foresight Cyber Security” 20 Articles of strong influential European public, private sector parties, and academia (ENISA, Europol, World Economic Forum, NATO, Microsoft, Semantic, Harvard University, et alia). Resulting in advice to EU Commission.  ‘Towards a nationwide system of information exchanges. Advice on information sharing in the field of cyber security and cybercrime’  ‘Towards a safe, connected, digital society. Recommendation on the cybersecurity of  the Internet of Things (IoT)’  ‘European Foresight Cyber Security. Public private academic recommendations to the European Commission about Internet of Things and Harmonization of duties of care’  ‘Every business has duties of care in the field of cyber security. Cyber security guide for businesses’  “Numeri fixi technical studies in the Netherlands unacceptable” • Contribute to awareness of decisions and policy makers • Initiated the First National Cyber Security Summer School (NCS3) – a yearly 5-day training for young talent to generate interest in a career in cyber security • Invited for presentations and keynote speeches abroad. Participate in boardroom discussions on cyber security and cyber crime awareness HEAD National Cyber Security Centre/ Deputy Director Management Cyber Security and HEAD Govcert (01-03-2008–15-08-2014) Ministry of Security and Justice, National Coordinator, Counter Terrorism and Security, National Cyber Security Centre (NCSC) (2012-2014) Previously General Manager Govcert.nl, Computer Emergency Response Team (CERT) for Dutch central government (Since 1 January 2012, Govcert.nl has been incorporated into the National Cyber Security Centre) • Tasked with responsibility for National Cyber Security Centre NCSC • Held responsibility for management of security incidents in vital infrastructure of the Netherlands (including DigiNotar crisis) • Tasked with responsibility for analysing and explaining threats analysis resulting in The Cyber Security Assessment Netherlands (SCAN). Yearly threats analysis trend report on cyber security based on collaboration between National Cyber Security Centre and both public and private partners • Held responsibility for alerting organisations on time and giving instructions on how to use them • Held responsibility for Certification Security Incident Management Maturity Model (SIM3) • Actively participated within CSIRT communities e.g. TF-CSIRT and Information Sharing and Analysing Centres (ISAC’s) • Stimulated knowledge sharing and tool development within international CERT community. Stimulated and supported European Government CERTs (EGC) meetings • Held responsibility for organizing the ONE conferences resulting in most appreciated cyber security conferences globally • Stimulated private and public cooperation in field of cyber security and cyber crime; chaired monthly tactical meetings with managers of liaison officers • Contributed to both National Cyber Security Strategies including multi-annual strategic action plan EDUCATION AND TRAINING 1995 University of Leiden, the Netherlands Master´s in Information Science & Adult Education 1992 The Hague University, the Netherlands Undergraduate degree, Economics and Communication Management 2008 InterCoach, The Hague, the Netherlands Centre of expertise for fellow coaching within the Government 2010 – 2012 ABD programme, the Netherlands Leadership training for promising civil servants Including a 3 months Traineeship Europol (EC3) 2014 Speech Republic and Media training Brainbox ADDITIONAL INFORMATION Publications Memberships Certifications Additional activities Chair woman of the advisory board of the International Cybersecurity Forum FIC Supervisory Board of the Healthcare CERT (Z-Cert) (2017-present) Chair, Advisory Board Distributed ENergy SEcurity Knowledge (DENSEK) (2014 –2016) Management Board member, European Union Agency for Network and Information Security ENISA (2013-2015) Initiator, Women in Cyber Security (WICS) International Network for women working in the field of cyber security and cyber crime (2012) Publications CSR Magazine Editor in Chief. Magazine especially for boardroom members, decision makers, politicians, policymakers, and CEOs (2014-present) Digital Security at Strategic Level, Magazine National Security and Crisis Management 2015, nr. 2 A Dutch Approach to Cyber Security through Participation Kas Clark, Dutch National Cyber Security Centre; Don Stikvoort, S-CURE; Eelco Stofbergen and Elly van den Heuvel, Dutch National Cyber Security Centre 2014 Coordination and Cooperation in Cyber Network Defence: the Dutch Efforts to Prevent and Respond Elly van den Heuvel, and Gerber Klein Blink, ‘Best Practices in Computer Network Defence: Incident Detection and Response’ NATO 2013 European Foresight Cyber Security Meeting 2016 – public private academic recommendations to European Commission re: Internet of Things and Harmonisation for duties of care Elly van den Heuvel initiator and editor Public speaking Keynote speaker at national and international congresses (Denmark, Sweden, USA, Australia, Japan, Singapore, France etc.) Member of Trade Mission with King Willem Alexander and Queen Maxima to Japan (2014) Coaching Professional coach specialising in more effective work performance