Precautions

Businesses were asked which of the following steps against cyberattacks they had taken:

1) Use of antivirus software
2) Biometric methods for authentication
3) Multi-factor authentication
4) A VPN connection for external use
5) An ICT security monitoring system
6) Methods to assess the firm’s ICT security
7) Strong password policy
8) Data encryption
9) Storage of log files for incident analysis
10) Managing user access rights to the (internal) network (network access control)
11) Storage of backups
12) Conducting regularly scheduled risk analyses.

The presence of these precautions cannot provide a complete picture of a firm’s ICT security level, but they do give an overall impression, as each additional precaution contributes to a firm’s cyber resilience.

The questions regarding precautions refer to the year in which the questionnaire is completed. In the 2025 survey, the questions therefore relate to the year 2025.