Michel van Eeten is a Professor at Delft University of Technology. His chair focuses on the Governance of Cybersecurity. He studies the interplay between technological design and economic incentives in Internet security. His team analyzes large-scale Internet measurement and incident data to identify how the markets for Internet services deal with security risks.

He has conducted empirical studies for the ITU and the OECD on the economics of malware and the role of Internet Service Providers in botnet mitigation. The latter study found that just 50 Internet Service Providers (ISPs) harbor around half of all infected machines worldwide and that countries with active telecom regulators have lower infection rates. The Dutch government commissioned an in-depth study on the Dutch market, which estimated that each year around 5-10 percent of all Dutch households have at least one computer in a botnet.

He recently won a four-year grant from NWO (Netherlands Organisation for Scientific Research) to develop reputation metrics for Internet intermediaries such as ISPs, hosting providers, registrars and transit providers. Such reputation metrics have the potential to change the security incentives operating in these markets.

Complementary to this project, he has also received funding as part of two EU projects: the Advanced Cyber Defense Center, which develops anti-botnet services for European operators and users, and the eCrime project, which will study the economic impact of cybercrime on non-ICT sectors, such as health and the chemical industry.

Originally trained as a social scientist, Michel van Eeten has worked on critical infrastructure protection issues for over a decade. His work as a policy analyst included advice for a variety of infrastructure operators and service providers in telecommunications, rail transport, electricity provision, water supply and financial services. He is also a member of the Dutch Cyber Security Council. As part of his administrative responsibilities, he currently serves as the Director of the TPM Graduate School.

research interest

Governance of Infrastructures.
Internet Security.
Critical Infrastructure Protection.
High Reliability Organizations.
Multi-Actor Networks.
Symbolic Language in Politics and Policy.

More info


Professor of Public Administration at the Department of Policy, Organisation Law and Gaming, Faculty of Technology, Policy and Management, Delft University of Technology


PhD in Public Management, Delft University of Technology
MPA in Public Administration, Leiden University


Technology, Policy and Management


Recent publications:

  • Arnbak, A, Asghari, H & Eeten, MJG van (2014). Assessing legal and technical solutions to secure HTTPS. ACM Queue: tomorrow's computing today, 12(8), 1-15.
  • Arnbak, A, Asghari, H, Eeten, MJG van & Eijk, NANM van (2014). Security collapse in the HTTPS market. Communications of the ACM, 57(10), 47-55.
  • Dafermos, G & Eeten, MJG van (2014). Images of innovation in discourses of free and open source software. First Monday, 19(12).
  • Asghari, H, Eeten, MJG van & Mueller, M (2013). Internet Measurements and Public Policy: Mind the Gap. In C Kanich (Ed.), 6th workshop on cyber security experimentation and test, CSET '13 Vol. 38. Login (pp. 1-26). s.l.: USENIX Association.
  • Tajalizadehkhoob, ST, Asghari, H, Ganan, C & Eeten, MJG van (2014). Why them? Extracting intelligence about target selection from zeus financial malware. In s.n. (Ed.), proceedings of the 13th annual workshop on the economics of information security, WEIS 2014 (pp. 1-26). s.l.: WEIS.

Courses and programs by this instructor