2 3 2 Header Security Operations Center
Security in practice

Protection of the
online world

A connected society has huge advantages, but is also vulnerable. When digital systems don’t function well, before long there are serious consequences. That’s why hundreds of KPN experts are monitoring our online world every moment of the day, all year round.

Our online environment has many similarities with the physical world. That means, unfortunately, that there is also criminal activity: hackers searching for sensitive information, cyber attacks that shut down websites or criminals who steal money online. KPN has developed a security cycle that enables us to take action as soon as there is a risk of danger. This cycle consists of 4 phases: prevent, detect, respond and monitor.


The first step in the defense against cyber criminality is knowing how criminals can strike. To deprive them of opportunity, KPN is looking at possible weak points in digital security. Are software and virus scanners up-to- date? How and where are personal data and passwords stored? Our Strategy & Policy team is tasked with preventing incidents on our network. In addition, the Security Operations Center (SOC) monitors KPN’s and our customers’ infrastructure. The experts from the SOC also give advice about the security of important company information and processes.

What’s more, we work on large-scale publicity campaigns, so that consumers have greater internet awareness – essential for a safe online world. Young children are an important target group in this regard.


The ethical hackers of the KPN Red Team attack customers and KPN every day. By putting themselves in the shoes of cyber criminals, the Red Team uses targeted cyber attacks to detect gaps in security. When asked, they also try to penetrate customers’ systems. This way, our hackers test the software and devices of, among others, multinationals and governments.

To test their knowledge and to share it with others, KPN experts take part in international hacking competitions. At the Cyber Security Academy they are constantly updated about the newest developments in the field. This way, KPN remains optimally prepared for hacker attacks.

In addition to deploying our own Red Team, KPN is also open to alerts from external hackers. On condition that they detect and report any weaknesses in the system responsibly and confidentially.


At first sign of an incident or threat, our Computer Emergency Response Team (CERT) takes action. The team is on alert 24 hours a day. When there is a report of a hack or a system weakness, the CERT experts quickly neutralize an attack by closing any gaps in the security. They hunt for possible viruses and search the digital ‘crime scene’ for damage or illegally placed files. CERT also investigates how the hackers got into the system. KPN CERT works intensively, at a national and international level, with a large number of CERT teams from other companies and governments. By sharing knowledge and expertise, these companies and institutions are in a better state to deal with cyber threats.


The daily security of KPN’s systems and customers is in the hands of our Security Operations Center (SOC). It is the largest security center in the country, monitoring the security of ICT infrastructure in the Netherlands 24/7. The SOC specialists constantly monitor security events, manage the resolution of security incidents and eliminate the impact of DDos attacks, in which criminals attempt to shut down websites.

2 3 2 Video Still Quantum Computer

Security with quantum technology

Around the world, scientists and ICT experts are working on Quantum Computing. The quantum computer has incredible speed and computing powers, incomparable with current technology. KPN is already carrying out research into this technology of tomorrow. Also when it comes to security.

For example, we are testing encryption for quantum computers: encrypting information so that quantum computers can exchange data completely securely. In 2016, we applied encryption for Quantum Computing to our network for the first time, during a data exchange between our data centers in Rotterdam and The Hague.

Privacy in practice

In control of your personal data