Many ICT security incidents in private sector

The rate of ICT-related security incidents appears to be fairly high in the Netherlands. Common incidents are breakdown of ICT services, external attacks, data destruction by computer viruses and disclosure of confidential information through hacking, pharming or phishing. Last year, 25 percent of large companies (companies employing 250 and more persons) in the European Union (EU) were faced with these problems. With 43 percent, the incident rate was much higher in the Netherlands.

Many incidents in comparison to neighbouring countries

The rate of ICT-related security incidents was also high in the Netherlands relative to neighbouring countries. Incident rates in Germany, Belgium and the United Kingdom were 22, 24 and 10 percent respectively. The Netherlands, Denmark and Norway are among the countries with the highest number of ICT security incidents. Finland tops the EU list with 47 percent. In countries with many ICT incidents, widespread and state-of-the-art ICT technology is usually common. As a result, the risk of incidents is also higher.

ICT security incidents in large companies, 2009

ICT security incidents in large companies, 2009

Incident rate also above EU average in medium-sized and small businesses

Last year, 30 percent of middle-sized companies (employing 50-249 persons) in the Netherlands had to cope with ICT security incidents, versus 20 percent in the EU. The rate for small businesses (employing 10-49 persons) was 20 percent in the Netherlands, versus 14 percent in the EU. Cultural differences between the countries may also affect the readiness in the private sector to report this type of incidents.

Disclosure of confidential information through hacking, pharming or phishing relatively high

In 6 percent of large Dutch companies, confidential information was seized by hacking into the ICT system, pharming or phishing in 2009, the EU average for large companies being 1 percent. The Netherlands also scores high in this respect.

Large companies and disclosure of confidential information through hacking, pharming or phishing, 2009

Large companies and disclosure of confidential information through hacking, pharming or phishing, 2009

Vincent van Straalen