Despite cyberattacks being in the news almost daily, cybersecurity remains a low priority for many SMEs. Bernold Nieuwesteeg (founder of the Centre for the Law and Economics of Cyber Security at Erasmus University Rotterdam and former advisor to the Cyber Security Council) states in a recent article in the FD that ethical hacks can wake up these businesses and raise awareness of the dangers. The Netherlands has strong IT infrastructure, but vulnerable points still exist. For example, a hack at software provider Nebu led to a large data breach, affecting 2.5 million Dutch people. This highlights how a single weak link in a chain can have widespread consequences.
Free reign for cybercriminals
The Netherlands is still insufficiently protected against digital threats. The Cyber Security Council recently warned that the differences in cyber resilience between organizations could lead to societal disruption. Despite many initiatives and tools, these remain underutilized, especially by SMEs. For example, the Digital Trust Center (DTC) has received millions of euros to improve cybersecurity for SMEs, but many SME businesses are not taking advantage of this support.
No priority for SMEs
For many SMEs, cybersecurity is not a priority due to other urgent matters such as market conditions and staff shortages. Cybersecurity is often seen as intangible and “far from my bed.” It is only when organizations become victims of cybercrime that they realize the importance of investing in cybersecurity.
Ethical hacking as a solution
Nieuwesteeg advocates in the article for large-scale ethical hacking to wake up businesses and close the cyber resilience gap. He proposes establishing a national ethical hacking brigade that would hack SMEs unannounced to raise their awareness of the dangers.
Read the full article in the FD here: “Small and medium-sized businesses pay too little attention to their own cybersecurity”.
CCRC helps SMEs.
At CCRC, we play a crucial role in protecting organizations, including SMEs, against cyberattacks. CCRC organizes realistic supply chain exercises and provides professional business continuity management. During our interactive Cyber Boost Sessions, entrepreneurs learn from experts and other business owners how to respond during a cyber crisis. The sessions offer realistic scenarios and provide practical tools that can be directly applied within their own organization.