The 6 conclusions from the cybersecurity survey report

Published on 05/05/2023 in Solution news

The number of cyber incidents increases every year. But how do organizations protect themselves, and what are their priorities when doing this? We studied how companies in the Benelux implement their cybersecurity policy.

The 6 conclusions from the cybersecurity survey report

1. 84% of companies fear becoming a victim (again)

32% of respondents know that a cyber incident took place within their enterprise in 2022. Of those who report that their organization was unaffected, 15% are not certain.

The number of large companies that experience incidents is greater than the number of SMEs. Among those with more than 2000 employees, 60% report an incident in the past year. That trend may be attributable to better detection in large companies. In almost one in ten companies affected, it concerns more than ten events.

One in three companies experienced one or more cyber incidents in the past year.

2. Both intentional and accidental incidents affect companies

Organizations record both intentional and accidental incidents.

The top 3 intentional cybersecurity incidents are:

  1. Social engineering (22%)
  2. Ransomware (15%)
  3. Malware (13%)

Among the accidental incidents, unauthorized activities such as downloading malicious apps appear most often (38%).

3. A third of the cyber incidents lead to employee inactivity

Thirty percent of the incidents lead to employee inactivity. In that case, on average 28% of the employees cannot work. That unavailability lasts more than one week in 19% of cases.

Awareness-raising campaigns, technical maturity and development of a security strategy are the absolute top priorities for the coming year.

4. Incidents often lead to high costs

Almost half of the cybersecurity incidents have a financial impact. Those costs are linked to reduced productivity and reputational damage (12%).

For 37% of the companies affected, that damage amounts to more than 10,000 euros. For 11% of these the price tag is more than 100,000 euros. The consequences are usually limited to less than one day (60%). For 9% of the incidents, the impact is felt for longer than a month.

5. Awareness-raising not yet standard practice everywhere

Raising employee awareness is an important first line of defense against cybercrime. Yet almost four in ten organizations provide no training for employees. Among SMEs this amounts to 46.5%. Almost half of the large enterprises (48.1%) organize more than one training session per year.

6. 1 in 5 increasing the security budget

22% of respondents state that their cybersecurity budget has increased by more than 20% in the past year. The increase is most substantial among large companies, where one in three respondents is significantly raising the budget.

The complete survey report is available now

Read more about the results Opens a new window

Experts

Our experts keep you informed on the latest news and trends for ICT professionals.

Other articles of Experts