Companies rate the risk of cybercrime much lower than before the crisis. And that while the number of cyber attacks has exploded in the past year. The logistics sector is also vulnerable.
For many entrepreneurs, the focus in recent months has been on business continuity and caring for staff. This makes cybersecurity less of a priority, thinks ABN Amro. The bank and market researcher MWM2 asked companies three times in the past period about the extent to which they see cybercrime as a risk to their own business. They did so just before the corona crisis, again in May 2020 and a third time in April this year. What emerges: before the pandemic, more than half of companies saw cybercrime as a major risk. More than a year later, that figure is just 34 per cent.
Ransomware and unauthorised access
Meanwhile, businesses are increasingly being targeted by cybercrime. Sectors that rely on digital data processing, such as logistics and manufacturing, are particularly vulnerable. Companies in transport and logistics typically bear the brunt of hostage software (ransomware) and unauthorised access of servers.
Hélène Minderman, expert security in the logistics sector, sees that although transport companies are more aware of the importance of cybersecurity, not enough is being done with it yet. "Often the subject is added to the IT manager's remit or it is outsourced to a supplier. Internally, they then do not have the necessary knowledge and attention. If you have your physical hardware in order, but not the digital one, you run considerable risks in this digital age."
Action is often only taken after an incident, and even then companies sometimes hold off on really looking into it, says Minderman. "Companies also think that when data is held hostage and simply paid for, the company can go on with its business. But this is obviously not how it works. We had an incident at a medium-sized company that had paid and was hit again two days later."
Smaller carriers popular target
Small and medium-sized companies should realise that they in particular can be a favourite target. "Large companies have more capacity, there the issue is more broadly embedded in the organisation. Medium-sized players struggle to organise this themselves in a serious way or have put their fate in the hands of their IT supplier. They trust that that supplier has 'covered the cyber risks while that is not reflected in the service level agreements." The policy adviser further explains that small businesses sometimes mistakenly think that hackers are only interested in valuable cargo. But they are actually also interested in information, such as bank account numbers and personal data. The fact that smaller carriers are part of the chain makes them interesting and therefore vulnerable.
More than technological investment
A successful approach to cybercrime requires more than just technological investments, according to ABN AMRO. Training employees in recognising risky situations is also crucial. In addition, according to the bank, risks can be reduced by keeping software up-to-date, carrying out regular security tests on the IT system and giving employees only rights that are necessary to perform their work.
