Deloitte publishes its second report on potential cyber losses in Dutch SME sector
The annual losses to which the Dutch SME sector is exposed as a result of cyber crime are estimated by Deloitte at €1 billion, while the figure for the Dutch economy as a whole is put at around €10 billion, or 1.3% of the country’s GDP. This is the second time that Deloitte has used data analysis to detail and quantify the risks of losses from cyber attacks in the Netherlands.
The Rathenau Institute previously reported the Dutch SME sector to be one of the groups most vulnerable to hackers, and this is confirmed by Deloitte’s analysis. SME businesses are increasingly, therefore, falling victim to cybercrime, while at the same time the cost of cyber security is becoming ever less affordable for them. According to Maarten van Wieren, a Deloitte cyber security expert, “SME businesses often have less well developed cyber security policies or respond only to incidents, while cyber attacks are becoming more refined and increasingly complex.”
As Van Wieren explains, “On the one hand, the SME sector itself is very vulnerable to cyber attacks, but on the other hand these businesses’ role in the supply chain means their vulnerability also creates risks for larger companies. On top of that, more and more digital information is being exchanged that is easy for cyber attackers to hack through SME businesses. Optimizing these companies’ cyber security is now, therefore, a shared responsibility. Public-private partnerships are becoming increasingly important in this respect as it’s only by working together that we can build a strong and resilient digital economy.”
Various threats to the Dutch economy
Deloitte’s study focuses on the various ways in which information is misused by cyber attackers. It found the highest risk of losses (26%) to relate to disruptions to operational continuity and to reliable communication and IT systems (also 26%), while losses of confidential third-party data also represent a major risk (25%).
Cyber Value-at-Risk report
The Cyber Value-at-Risk model is the result of collaboration between Deloitte and the World Economic Forum. This year’s report is the second quantitative analysis of the potential value-at-risk. Since last year Deloitte has further refined the model by adding new data sources and defining the group of corporates differently, as well as including SME businesses for the first time. In addition, the 2600 largest Dutch companies and 250,000 SME businesses have been divided into 15 sectors. With the results of the data analysis, executive teams in the Netherlands will now be better placed to decide exactly where they need to concentrate their cybersecurity investments.
Cyber Security Week
The report was presented to Maarten Camps, Secretary-General of the Ministry of Economic Affairs, during the opening event of the 2017 Cyber Security Week on 25 September 2017.
The 2017 Cyber Security Week, which is being held at various locations in The Hague from 25 - 29 September, comprises some 80 events, at which hundreds of internet security and cyber crime experts from government, business and academia will share knowledge and expertise, discuss the latest developments and pitch innovative ideas. It is being jointly organized by The Hague Security Delta, the municipality of The Hague, InnovationQuarter, The Conference The Hague and Deloitte.
State of the State
The data analysis for the report was performed as part of Deloitte’s State of the State program, which seeks to provide policymakers and organizations with useful insights into societal issues such as safety and cyber security. This is the fourth year in succession that Deloitte has combined and analyzed open data for this purpose, and the new insights gained can be viewed on www.stateofthestate.nl.
Journalists can request the report from Karen van Schie on +31 (0)6 8201 9154 / [email protected].
Photo: On the left, Maarten Camps, Secretary-General of the Ministry of Economic Affairs
On the right: Maarten van Wieren, Researcher Deloitte.