Measuring potential risks to national security

Over the past decade, a variety of methods and systems have been developed to assess risks to national security. These were principally developed to support periodic national risk assessments. This risk analysis and the studies that underpin it address risks and threats in areas such as critical infrastructure, cyber threats, infectious diseases, and natural disasters. Among other things, TNO is investigating what methods are needed to better identify, assess, and hedge against potential risks.

meten_van_potenti_le_risico_s_voor_nationale_veiligheid_header_1_

This is according to a paper on measuring the potential damage to national security caused by strategic dependence, published by TNO Vector at the Strategic Autonomy in an Open Economy symposium in The Hague in early June. Other pillars of strategic autonomy discussed were economic security, the security of our energy supply and digital sovereignty.

Want to read more about national security?

Gain more insight

‘Together with ministries and various organisations, we are investigating potential attacks on national security. For example, the Government-wide National Security Risk Assessment (RbRa) was commissioned by the National Coordinator for Counterterrorism and Security to be prepared by the National Security Analyst Network, which includes TNO. The risk analysis also considers the risks of strategic dependencies and how they could affect the Netherlands’ strategic autonomy. We need to understand more about the threats and types of events in this area and how they can affect national security. Then, we have to consider what risk is or is not acceptable, and how we can cover it’, say TNO researchers Bas Keijser and Peter van Scheepstal.

TNO’s role is to provide knowledge input on technological developments, cyber threats, and threats to critical infrastructure, such as our energy supply, payments, shipping, internet and data services, and emergency services communications.

Six national security interests

National security means: ‘The protection of our national security interests against threats that could damage those interests, causing societal disruption.’ The six national security interests are territorial, physical, economic, and environmental security, social and political stability, and international rule of law and stability.

Economic security and national security risks

The policy on economic security identifies, among others, three risks: the disruption of the continuity of critical infrastructure, the loss of high-value knowledge or confidential information, such as state secrets, and a strong dependence on parties and countries with which the Netherlands does not share the same geopolitical interests. The latter risk often involves strategic dependencies. These should be assessable in terms of harm to national security interests.

‘Ultimately, we want to develop methods by which we can show whether the existence of a dependency could potentially affect national security. In order to assess the types of risks and their impact, you need different methods to assess them. We are looking at what types of risk we can identify well using analytical methods, and where there are gaps.’

Identifying risks methodically

‘A merger, acquisition, or investment by a foreign party in a Dutch company could result in that party gaining access to sensitive technology that could threaten our national security. For sensitive technologies, TNO has described a system for the incremental assessment of risks to national security. Other dependency risks are indirectly caused by a strategic dependency, such as software that is essential for the smooth functioning of payment transactions, but which can be disrupted by a country with an offensive cyber programme against our country.’

‘In such cases, you need a method to properly identify the risks and determine whether there are indeed potential risks to national security. This includes dependencies on countries with different geopolitical interests from us. It is relatively easy to make a list of countries you would rather not do business with, but you want to be able to methodically interpret the specific risks in each case. Buying medicine and rare metals is not necessarily a risk to our security. But the situation is slightly different when it comes to economic coercion, unwanted access to knowledge or information, espionage or sabotage’, TNO’s experts explain.

Image Measuring potential risks to national security

Schematic representation of processes within which risky strategic dependencies could feature:

  • Dependency exists where there are relatively high levels of imports from outside the EU, or where there is dependence in terms of control, knowledge, innovation, or investment (A).
  • It can be considered a strategic dependency if the product, service, or technology is critical to the public interest of the Netherlands/EU, or if the dependency poses a risk to the continuity of critical processes, or gives third parties access to sensitive information (B).
  • Such dependency is risky if supply disruptions are possible in the inputs to a process or in the product or service being supplied (C).

Want to know more? Get in touch with us

Bas Keijser

Medior consultant

Peter van Scheepstal

Senior scientist

Recent articles