© 2022 CERT-WM

Computer Emergency Response Team voor Water Management

About this document

This document covers the contact and organizational information of the
CERT-Water Management (CERT-WM) in accordance with IETF RFC2350: https://www.ietf.org/rfc/rfc2350.txt

Date of Last Update

The latest update is from September 29, 2022. This change includes reformatting the document and PGP update.


The most current version can always be found at the website of the CERT-WM: https://www.cert-wm.nl. Any questions regarding the content of this document can be sent to mailto:cert@hetwaterschapshuis.nl.

Contact Information

Name of the Team

Cyber Emergency Response Team voor Water Management (CERT-WM).


Mailing address

Het Waterschapshuis


PO Box 2180

3800 CD Amersfoort

The Netherlands

Office address

Rijkswaterstaat Security Centre

Derde Werelddreef 1

2622 HA Delft

The Netherlands


Time zone


UTC+1 | CET between the last Sunday in October and the last Sunday in March (winter).

UTC+2 | CEST | DST between the last Sunday in March and the last Sunday in October (summer).

Mobile Phone

+31 6 51 25 65 22


+31 88 79 86 400 (SOC Rijkswaterstaat)

Public Keys and Encryption Information

The CERT-WM uses PGP for signing and en/decrypting information.

Our current public PGP/GPG key is: 578D 9EA6 7174 2AF8

Team Members

In accordance with national law, the CERT-WM does not publicly publish the names of individual team members. Team members will identify themselves to the reporting party with their full name during official communication regarding an incident.

Other Information

General information about the CERT-WM (in Dutch) can be found at:



The CERT-WM functions as the CERT for the entire water management sector in the Netherlands and it offers cyber security related services to its constituents.

Mission Statement

The primary mission of the CERT-WM is to actively improve the information and cyber security and resilience of its constituents by means of:

  • proactive advice on security improvements;
  • detection of anomalies;
  • managing (potential) cyber-related incidents that can overcome constituents;
  • providing tailored advisories on vulnerabilities or patches.


The constituency of the CERT-WM consists of organizations in the Netherlands involved in national water management (excluding potable-water) and wastewater treatment.

Sponsorship and Affiliation

Funded by Het Waterschapshuis and sponsored by Rijkswaterstaat, the CERT-WM operates as a co-operation of the Security Operations Centre (SOC) of Rijkswaterstaat and Het Waterschapshuis.


The authority of the CERT-WM is restricted to advising and assisting its constituents by coordinating the response to cyber-related incidents.



Types of Incidents and Level of Support

The CERT-WM is restricted to handling only cyber-related types of security incidents. The CERT-WM advises or informs constituents. The CERT-WM is not capable of delivering capacity support.

Co-operation, Interaction and Disclosure of Information

While appropriate measures are taken to protect the identity of constituents and members of neighbouring sites where necessary, the CERT-WM will -if possible- share information freely to assist others in resolving or preventing security incidents.

Communication and Authentication

Regarding the classification of information that the CERT-WM is likely to be dealing with, telephones will be considered sufficiently secure to be used unencrypted. Unencrypted e-mail is considered secure and will be sufficient for the transmission of non-sensitive data. If it is necessary to send sensitive data by e-mail, encrypted attachments will be used. Secure IM-communications will be conducted using Threema.



Incident response

The CERT-WM will provide assistance or advice with respect to the following aspects of incident management:

Incident Triage/Taxonomy
  • Investigate whether indeed an incident occurred.
  • Determinate the extent of the incident.
Incident Coordination

The CERT-WM can contact stakeholders, constituents and other CERTs if the information obtained is considered of interest to those.

Proactive Activities

The CERT-WM coordinates and maintains the following services to the extent possible within its resources:

  • List of security contacts per constituent, administrative, organizational and technical.
  • List of used computer systems (software, hardware and services) per constituent to provide: 
    • tailored and early warnings of vulnerabilities;
    • tailored and early reporting on patches or updates.
  • Coordination of RD/CVD  reports.
  • Monitoring of web systems used by constituents.


While every precaution will be taken in the preparation of information, notifications and alerts, the CERT-WM assumes no responsibility for errors or omissions, or for damages resulting from the use of the information contained within.

The CERT-WM advises constituents and has no authority to order operational activities. Final responsibility therefore remains with the constituents.