Cybersecurity Monitor 2023: smaller companies take fewer measures
The ICT sector and healthcare score well on cybersecurity measures
Companies that are more involved with ICT or that have a major interest in securing their data, such as the ICT sector or healthcare, score better in the field of cybersecurity than sectors where this seems less important.
ICT security measures taken per sector with 2 or more employees. Source: CBS tables
Cybersecurity Monitor 2023: smaller companies take fewer measures
Cybersecurity incidents
The number of ICT security incidents is decreasing
The total number of ICT security incidents with both internal and external causes has decreased. This downward trend applies to all company sizes and has started since 2020. For example, in 2016, almost 40% of the largest companies had an ICT security incident due to an external attack, while in 2022 this was only 18%.
ICT security incidents with an internal cause (a) or an external attack (b) per size class. Light-colored part: incidents with costs. Source: CBS tables
Larger companies are more likely to be victims
Large companies consistently experience more incidents than small companies over the years. This applies to both internal incidents and incidents resulting from an external attack. There may be several causes for this pattern. In the event of internal incidents, such as failure of ICT systems due to hardware or software failures, large companies often have a larger and more complex ICT infrastructure.
The number of companies with ICT security incidents is decreasing, this decrease is visible for companies of all company sizes. Of these incidents, a third appear to be associated with costs, this applies to both incidents with an internal and external cause. In 2022, these costs were in most cases less than 1% of company turnover.
Ransomware attacks are declining
The 2022 survey shows that the number of companies that have fallen victim to a ransomware attack has decreased. In percentage terms, larger companies suffer more from ransomware attacks than large companies. There is an increase in the number of ransomware attacks in the IT sector and among self-employed entrepreneurs.
Percentage of companies that have suffered a ransomware attack by company size. Source: CBS tables
Of all companies with 2 or more employees that suffered a ransomware attack, 37% called in a cybersecurity company. A smaller share (18%) went to the police. This percentage decreases as we zoom in on smaller companies.
Cybersecurity Monitor 2023: smaller companies take fewer measures
Secure digital business
As an entrepreneur or security manager, would you like to receive notifications of serious cyber threats to companies in your mailbox? Then join the DTC Community .
To support entrepreneurs, there is also a wide range of cybersecurity information and a toolbox with cyber tools . Want to test whether you already have the basics in order? Take the CyberSafe Check for self-employed persons and SMEs or the Basic Cyber Resilience Scan .
Subsidy for Strengthening Cyber Resilience partnerships
Today, Minister of Economic Affairs and Climate Policy Micky Adriaansens announced that the Strengthening Cyber Resilience subsidy scheme will be reopened from 2 September 2024. Through this subsidy scheme, the Digital Trust Center (DTC) encourages public-private partnerships to take action to improve the cybersecurity of sectors, regions and chains. This year, for the first time, the subsidy scheme will also be open to the Caribbean Netherlands.
Joining forces on cyber resilience
The aim of the subsidy scheme is to create networks in which members can put their knowledge and skills in the field of cyber resilience to good use. In a cyber resilience network, entrepreneurs enter into long-term collaboration with other organizations to step up cyber resilience, within and between non-vital industries, sectors and regions.
In 2024, a total sum of 600,000 euros is available for the best project plans developed to improve cyber resilience among companies. The maximum funding per project is 150,000 euros. The Netherlands Enterprise Agency (RVO) is responsible for implementing this subsidy scheme.
Since it was first launched in 2018, the scheme has awarded grants to 37 collaborative projects. Learn more about the projects that received a subsidy in 2023 or in previous years .
Submit your project
Do you have a good idea or plan for improving the cyber resilience of companies in your industry, sector or region? If so, your project may be eligible for the 2024 Strengthening Cyber Resilience subsidy scheme. More information on the application process and conditions will soon be available on the Netherlands Enterprise Agency website .
Plans can be submitted to the Netherlands Enterprise Agency from 2 September to 14 October 2024.
Subsidy for partnerships for 'Strengthening Cyber Resilience'
Today, Minister Micky Adriaansens of Economic Affairs and Climate announced that the subsidy scheme for Strengthening Cyber Resilience will be opened again from September 2, 2024. With this subsidy scheme, the Digital Trust Center (DTC) encourages public-private partnerships to make sectors, regions and chains more cyber secure. This year, the subsidy scheme will also be opened to the Caribbean Netherlands for the first time.
Working together on cyber resilience
The aim of the subsidy scheme is to create cyber resilience networks where members apply their knowledge and skills in cyber resilience. In a cyber resilience network, entrepreneurs work long-term with other organizations to increase cyber resilience, within and between (non-vital) branches, sectors and regions.
In 2024, an amount of 600,000 euros will be available for the best project plans aimed at increasing the cyber resilience of companies. The maximum support per project is 150,000 euros. The Netherlands Enterprise Agency (RVO) is responsible for the implementation of this subsidy scheme.
Since the launch of this subsidy scheme in 2018, 37 collaborative projects have been subsidized. Click here to view the projects that received a subsidy 2023 or previous years
Submit your project
Do you have a good idea or plan for improving the cyber resilience of companies in your industry, sector or region? Then your project may be eligible for the subsidy scheme Strengthening Cyber Resilience 2024. More information about the registration process and the conditions will soon be available on the RVO website .
Plans can be submitted to RVO between September 2 and October 14, 2024.
Subsidy for partnerships for 'Strengthening Cyber Resilience'
Secure digital business
As an entrepreneur or security manager, would you like to receive notifications of serious cyber threats to companies in your mailbox? Then join the DTC Community .
cybersecurity information and a toolbox with cyber tools to support entrepreneurs . Want to test whether you already have the basics in order? Take the CyberSafe Check for self-employed persons and SMEs or the Basic Cyber Resilience Scan .