Je browser is verouderd en geeft deze website niet correct weer. Download een moderne browser en ervaar het internet beter, sneller en veiliger!

About us

Z-CERT is the Computer Emergency Response Team (CERT) for the healthcare sector in the Netherlands. Z-CERT offers specialized services to healthcare institutions with regard to optimal cybersecurity protection, and offers support in case an incident has occurred. Z-CERT has in-depth knowledge of medical applications, medical networks and medical devices.

Z-CERT is member of FIRST (Forum of Incident Response and Security Teams) and TF-CSIRT. We work closely together with other national and international cyber security centers.

Z-CERT has taken on the role of Chair and Secretariat for the European Health ISAC (EH-ISAC) with support from ENISA. The EH-ISAC aims to set up a structured, effective and efficient information exchange mechanism to share cybersecurity information between healthcare organizations in the EU. For more information please send an e-mail to: [email protected].

The organisation Z-CERT

At this moment all hospitals (ranging from academic “UMCs”, top clinical “STZ” to “General” hospitals) as well as mental healthcare institutions (“GGZ”) can register with Z-CERT as a participant (constituency). Z-CERT will be extending its services to other healthcare providers in the near future.

Z-CERT closely collaborates with other (inter-)national CERTs, such as the National Cyber Security Center (NCSC) and the Information Security Service (ISS) for the municipalities, on a daily basis. Z-CERT is a foundation with a not-for-profit objective.

Incident Response

In case a healthcare institution has been affected by an ICT security incident, Z-CERT will offer advice on the approach and best resolution method of the incident. Additionally, Z-CERT can conduct forensic research into the Modus Operandi, in order to minimize technical and financial damage as well as any reputation risk.

Detection

On a periodic basis Z-CERT checks participants’ IP addresses and domain names for multiple blacklists (viruses, worms, botnets, etc.). In case any outcome on this comes back as positive, Z-CERT will immediately inform the participant(s) and offer advice.

Prevention

Z-CERT will inform its participants of any vulnerabilities detected in medical devices, medical networks and medical applications. To those participants affected by a vulnerability, Z-CERT will provide advice on how to best deal with the situation. Z-CERT will also be sending out alerts regarding possible threats and current attacks.

Knowledge and Expertise

Z-CERT shares its knowledge (through the release of whitepapers, etc) with its participants, facilitates meetings for its participants, as well as hosts network events and theme sessions.

Handling responsible disclosure notifications

Any vulnerabilities detected in healthcare facility systems, in medical networks and in medical devices by third parties, can be reported in accordance our CVD process. Upon receipt of such report, Z-CERT will immediately reach out the participant in order to correct the detected vulnerability, and will act as first point of contact to the detector.