The Dutch Safety Board has started an investigation into the Citrix software security leak, which was discovered in December 2019. During the investigation, the Board will look at the approach taken in the months following the discovery of the leak. The Board will pay special attention to the governance of digital security in the Netherlands. Which parties, public and private, have what responsibility and authority to guarantee digital security and how have they been used to limit the consequences of this leak? The aim of the investigation is to increase digital security in the Netherlands.