Most businesses don't see cybercrime as a threat

The Dutch business community appears to be dangerously relaxed about cybercrime: 90 per cent of businesses don't see it as a threat to their activities. That's the standout finding from the Trends in On-line Security & e-Identity survey of more than two thousand consumers and five hundred-plus businesses by SIDN and Connectis.

Nothing for firms to worry about?

Over two thirds of business respondents rated cybercrime merely a minor threat. Indeed, 17.6 per cent of them said it wasn't a threat at all. Willingness to invest in security is correspondingly low. The great majority (69.4 per cent) of businesses expect no change in spending on security in the year ahead.

Any problems that do occur are likely to be down to malware, respondents said. Nearly 60 per cent identified malware attacks as the biggest digital threat to their organisations. DDoS attacks and the theft of intellectual property and customer data were also seen as problematic by more than half of large organisations.

Consumers: knowingly insecure?

Consumer responses on the topic of log-ins appear contradictory. For example, 57.2 per cent of respondents say that they use social log-ins, such as Google and Facebook, on a daily basis. Yet only 14.4 per cent say that they think such behaviour is safe. Similarly, 54.4 per cent use a user name-password combination every day, although only 37.5 per cent see that as a secure way of logging in.

And consumers do little to protect their own e-Identities better. Just 22.7 per cent of respondents use a strong password. Even fewer opt for multi-factor authentication, which involves using a device (e.g. a mobile, to which an SMS is sent) in combination with something the user knows (e.g. a password).

"What consumers worry about most are identity fraud, hacking and personal data theft. However, they aren't taking the basic precautions needed to reduce those threats: using strong passwords and multi-factor authentication," says Esther Makaay, eID Specialist at Connectis. "The necessary awareness is still lacking."

More emphasis on security awareness

"Security awareness is important at home and in the workplace," Makaay continues. "It's about knowing what forms of cybercrime there are, what you can do to prevent them, and what you should do if the worst nevertheless happens. Unfortunately, however, very little is being invested in security-awareness. Only 16 per cent of the surveyed businesses arrange for training or instruction."

"Digitisation means that every business has something worth stealing, whether it's customer data or intellectual property. However, a lot of people in the business community appear to overlook that," says Roelof Meijer, CEO of SIDN, the company behind the .nl internet domain. "Even firms that don't sell goods or services over the internet are interesting to cybercrooks, and they're often easy prey. Business people need to be more aware of the risks. On-line security should be a priority for every business."

Read the full survey of the report

Research method

Research consultancy GfK carried out the survey of trends in on-line security and e-Identity on behalf of SIDN and Connectis. Data from a representative group of 2095 Dutch consumers and 512 businesses of various sizes was used. The survey took place in the period February to March 2019, and the findings were analysed by an expert panel.




Marnie van Duijnhoven

communications manager

+31 26 352 55 00

  • Thursday 12 October 2017

    Internet security

    Looks too good to be true? Then it probably is


    Don't fall for fake webshop scams!

    Read more
  • Monday 3 December 2018


    Average Dutch person on line with a smartphone for 60+ hours a month


    SIDN presents research results: Trends in Internet Use 2018

    Read more
  • Tuesday 26 September 2017

    Internet security

    A fight on three fronts


    Our war on internet abuse

    Read more


Your browser is too old to optimally experience this website. Upgrade your browser to improve your experience.