One in five businesses fall victim to cybercrime

25/09/2017 15:00
Over 20 percent of businesses with at least 10 employed persons had to deal with the consequences of cyber attacks in 2016. The financial and energy sectors were affected in particular. Nearly half of the affected businesses incurred expenses as a result of cybercrime. Statistics Netherlands (CBS) reports this based on new research on the use of ICT by enterprises.

Half of the Dutch private sector encounter ICT incidents from time to time. External cyber attacks are not as common as unintentional cyber incidents; for example, failure of ICT systems as a result of disruptions in hardware or software occurs most frequently. Approximately 43 percent of businesses were affected by this in 2016.

Half of businesses with ICT incidents incur costs

External cyber attacks lead to costs just as often as disruptions in ICT systems; in around 50 percent of the cases. For example, costs are incurred due to repair activities or additional protection of ICT systems. Businesses also suffer loss of turnover. Cyber attacks can lead to failure of systems, loss or corruption of data as well as data theft.

Internal disclosure of data, whether or not intentional, involves costs in a significantly smaller number of cases. This type of incident occurs far less often and apparently requires other - often less expensive - types of measures.

Differences vary per industry

Around half of enterprises in most branches of industry encountered an ICT incident in 2016, but there are wide variations. The sector hotels and restaurants suffers little from ICT problems (33 percent of businesses) while the health and care sector is affected relatively often (57 percent).

External cyber attacks occur relatively often in the financial sector and at energy companies. In the financial sector, these attacks often lead to failure of ICT systems, whereas energy companies experience more loss or corruption of data. ICT incidents also occur relatively often in the health and care sector, but they are more frequently related to hardware and software failure and intentional or unintentional disclosure of data by staff.

ICT incidents more often seen in large enterprises

Large enterprises are affected by ICT incidents more frequently than smaller businesses. For example, three-quarters of firms with 500 employed persons encountered one or more ICT incidents in 2016. This applied to 43 percent of businesses with 10 to 20 employed persons. ICT incidents as a result of external cyber attacks occur in 41 percent and 15 percent of these businesses respectively.