A Digital Leap Forward: Tilburg University Modernizes IT Systems for a Secure and Efficient Future
Tilburg University is overhauling its IT infrastructure to prepare for the future. Through harmonization and standardization, the university aims not only to reduce complexity but also to strengthen its digital resilience. In an era of increasing cyber threats, a robust and efficient IT environment is essential for education and research.

From advanced data analysis to online lectures and campus management, the university’s core functions are increasingly digital. But this digital core is under growing pressure. The current IT infrastructure and the rising dependence on technology are testing the university’s limits. The question is not if modernization is necessary but how quickly it can be achieved.
Tilburg University faces a challenge: how can systems remain not only secure and reliable but also efficient in an increasingly complex digital landscape?
Trimming Down Programs
To answer this question, the university is undertaking a large-scale revision of its IT landscape under the banner “Digital Forward.” “Over the years, there’s been an uncontrolled growth of IT solutions,” says Corné van Nispen, CIO and director of Library & IT Services (LIS) for the past two years. His task is to take up the pruning shears. “We need to set priorities, understand what’s truly important, and stop operating on a ‘you ask, we deliver’ basis.”
The proliferation of IT solutions is easy to explain historically, says Wilma de Koning, vice-chair of the Executive Board (CvB) and responsible for IT. “Faculties and divisions used to have a lot of freedom regarding IT. They handled most of it themselves, and everyone was fine with that. It allowed for innovation, staying ahead, and meeting the specific needs of their own people.”
However, this multitude of IT solutions has led to fragmentation and inefficiency. It’s time to modernize, which in this case means standardizing and harmonizing. Why? Van Nispen explains: “In a simplified IT landscape, you can implement the innovations needed for education, research, and operations more easily and quickly.”
Fortress, City, and Landscape
Yet, complete standardization isn’t the goal—it would make the IT landscape too rigid. De Koning explains: “Universities are complex; you also need room to experiment, especially in research. We want to provide that flexibility, but it requires clear rules.”
The desire for flexibility has led to the IT infrastructure being divided into three categories: fortress, city, and landscape.
The fortress is as standardized and secure as possible. “This is where you store and protect the crown jewels,” says Van Nispen. Examples include environments like Osiris for students or payroll systems for staff.

The city is also highly standardized but allows for slightly more freedom. “Here, we can house educational activities. You can permit more variation between faculties, ensuring programs are tailored to each field,” explains Van Nispen.
Research is housed in the landscape category. Scientists have more freedom to set their own frameworks and contracts to carry out their work effectively. “That doesn’t mean there are no security requirements here, but there’s more room for risk assessments,” says Van Nispen.
Investing in Difficult Times
The modernization process, which is already underway, will take place along these three lines in the coming years. This is happening even as the government in The Hague is forcing the university to implement significant budget cuts.
De Koning acknowledges that LIS may also face budget reductions. “But in certain areas, investments must come first. You can’t press pause on this project; it would be unwise. It’s like building maintenance. You can postpone it temporarily, but if you wait too long, you’ll only hurt yourself—financially, too.”
Van Nispen adds: “IT and digitization are no longer standalone entities; they’re embedded in all core processes. If you don’t invest in IT, you’re no longer investing in your primary functions. It’s all interconnected. If you want to remain relevant as a university, you need to keep making progress. That doesn’t mean everything must be digital or online, but you do need to keep investing.”
Some of these investments are already noticeable to staff and students. For example, logging in with two-factor authentication (2FA) and the introduction of a standardized scheduling system. “Teachers will notice this in the information they’re required to provide,” says De Koning. “And students will notice because schedules will be uniform across the board. This improves the exchangeability of courses and the ability to follow minors at other faculties.”
Digital Education
The future will bring even more rapid digital changes to education. AI is advancing quickly, and video lectures are popular among students. But digitalization is not the ultimate goal, warns De Koning. “Online education is not an end in itself. High-quality education is the goal. If online tools help achieve that, great. Faculties must find their own path in this regard.”

Van Nispen adds: “Digitalization isn’t about IT; it’s about the people at the center of it. How do we navigate the digital society, which is already a reality and influences us all? How do we balance its possibilities and applications within the university?”
According to Van Nispen, maintaining control is key. “You don’t have to follow every trend. Sometimes, saying no is the right choice. For example: ‘This doesn’t fit our university.”
Cybersecurity
Not every innovation needs to be adopted without question. But when it comes to cybersecurity, universities can’t afford to lag behind—a fact underscored by the cyberattack on Eindhoven University of Technology in mid-January. The university had to shut down its network, resulting in a week without education or access to facilities like email, Wi-Fi, Canvas, and Teams.
Cybersecurity plays a central role in Tilburg University’s modernization strategy. “But it’s an illusion to think we’ll ever be 100% secure,” says De Koning. “A cyberattack can happen—it’s a fact of life. We try to stay one step ahead, but it’s a constant race.”
Van Nispen explains: “Of course, we have crisis management plans and protocols in place, and our network is monitored 24/7.” To stay ahead, the university regularly hires hackers to identify potential vulnerabilities. “That’s called ethical hacking,” he says. “We invite a company and say, ‘Try to break in here and there. Let’s see how far you get.’”

Tilburg University also sends phishing emails to its staff. “We observe where people fall for them and why—not to punish anyone but to learn from it.”
Raising awareness among staff and students is another priority. Campaigns focus on recognizing phishing emails, working securely online, and handling sensitive information properly.
Modernizing IT infrastructure isn’t just a technical process, emphasize Van Nispen and De Koning. It also requires a shift in mindset among staff and students.
For the “Digital Forward” initiative to succeed, changes in thinking, actions, and processes are needed across the university. “IT isn’t just a part of the university—it is the university,” Van Nispen concludes. The digital leap forward must be made together.