Are SMEs ready for the growing cyber-threat?

SIDN Panel responds to recent research

The number of cyberattacks on SMEs is rising. Not just in the Netherlands, but worldwide, as highlighted by the Global State of SMB Cybersecurity Study 2019. The study was based on a survey of 850 professionals in five different countries, most of whom thought higher investment in cybersecurity would be needed in the year ahead. Hot on the heels of that publication came a report by BDO Advisory, highlighting the vulnerabilities of SMEs. BDO's scan of 300,000 websites detected weaknesses in more than half.

So, are businesspeople aware of the threats and do they know what to do if they come under attack? For answers, we turned to the SIDN Panel: several dozen entrepreneurs, all with an active internet presence. What are they doing to defend against cybercrime? Of the twenty businesspeople on the panel, nineteen said that they had recently taken steps to stay safer on line. And six reported actually coming under cyberattack in the last year.

Business community knows how to respond

Businesspeople do think about security. That much is clear from the way our panellists responded when asked what they would do in a variety of cybercrime scenarios. They didn't have to think long before answering, and most said they had off-network backups, enabling them to quickly isolate infected machines and networks. Those who had recently suffered attacks were particularly well versed on response strategies, and were quite willing to take drastic action.

Cyberattacks are an everyday challenge

Notably, the panellists were quite open about the risks, saying that they were happy to talk about hacks that were potentially visible to the outside world (hacked sites and social media-accounts). Informing customers and business partners was seen as the priority. What's more, panel members said that they would be reluctant to end their business relationship with a firm that had come under attack. Anyone could fall victim to cybercrime, they felt.

Most SMEs don't have a regular cybersecurity service provider

Few smaller businesses have a cybersecurity specialist on the payroll, or a regular outside service provider. Suitable people are hard to find, and in great demand. Only two members of our twenty-strong business panel reported having a regular cybersecurity service provider. Almost all said that they would look for one if they hit a problem they couldn't resolve themselves. Whether they could actually find someone if the need arose is another question.

New services under development

Cybersecurity services for SMEs are still in their infancy. That's why we have been investing in the development of CyberSterk, a cybersecurity solution for SMEs.


  • Friday 8 November 2019

    .nl domain name

    Registry locks: great potential but little current demand


    About 150 .nl domain names now secured with .nl Control

    Read more
  • Thursday 7 November 2019

    Internet security

    Privacy statements are a breeze with Privacy Label


    SIDN Fund supports development of reader-friendly privacy statements

    Read more
  • Wednesday 16 January 2019

    Internet security

    Registrants and operators need to test for EDNS compliance


    Domain names on non-compliant servers may be unreachable after 1 February

    Read more


Your browser is too old to optimally experience this website. Upgrade your browser to improve your experience.