Access to Innovation
Access to Capital
Access to Talent
Access to Market
Access to Knowledge
Date Trend snippet:
21 May 2021
Relevance date:
2019
Type of Treath or Oppertunity
Domain of application
Source of threat
Trends in Security
Trends in Security Information
The HSD Trendmonitor is designed to provide access to relevant content on various subjects in the safety and security domain, to identify relevant developments and to connect knowledge and organisations. The safety and security domain encompasses a vast number of subjects. Four relevant taxonomies (type of threat or opportunity, victim, source of threat and domain of application) have been constructed in order to visualize all of these subjects. The taxonomies and related category descriptions have been carefully composed according to other taxonomies, European and international standards and our own expertise.
In order to identify safety and security related trends, relevant reports and HSD news articles are continuously scanned, analysed and classified by hand according to the four taxonomies. This results in a wide array of observations, which we call ‘Trend Snippets’. Multiple Trend Snippets combined can provide insights into safety and security trends. The size of the circles shows the relative weight of the topic, the filters can be used to further select the most relevant content for you. If you have an addition, question or remark, drop us a line at info@securitydelta.nl.
visible on larger screens only
Please expand your browser window.
Or enjoy this interactive application on your desktop or laptop.
3. Well budgeted State sponsored attacks cannot or hardly be prevented and should be responded to differently
Often State-sponsored attacks are carried out very sophisticated with lot of hours and budget in it, making it hard to detect and prevent. The approach towards it should therefore be handled differently and Attacks should be divided in 6 different threatlevels:
a. Threatlevel 1-3: scriptkiddies, hacktivists, internal actors; preventive measures
b. Threatlevel 4-5 Professional crime and terrorists: early detection and fast response
c. Threatlevel 6: State-actors focus on fast recovery in case of short incidents
a. Threatlevel 1-3: scriptkiddies, hacktivists, internal actors; preventive measures
b. Threatlevel 4-5 Professional crime and terrorists: early detection and fast response
c. Threatlevel 6: State-actors focus on fast recovery in case of short incidents
More source info
Een van de mogelijkheden om hier op een praktische manier mee om te gaan, is aangeven
of wat het niveau van een mogelijke aanval is waartegen de maatregel dient te beschermen.
Het NCSC1 maakt hiervoor gebruik van onderstaande niveaus:
1. Cybervandalen en scriptkiddies,
2. Hacktivisten,
3. Interne actoren,
4. Beroepscriminelen,
5. Terroristen, en
6. Statelijke actoren.
Het uitgangspunt van deze lijst is dat er veel aanvallen zijn van het laagste niveau en een
beperkt aantal van het hoogste niveau.
De ervaring uit andere sectoren met een hoog beveiligingsniveau (o.a. financiële instellingen
zoals banken en verzekeraars) is dat de grote hoeveelheid aanvallen het beste bestreden
kan worden met preventieve maatregelen. Voor aanvallen die niet vaak voorkomen (en
technisch geavanceerder zijn) is het beter te focussen op detectie en snelle reactie zodat het
een klein incident blijft. Zeer geavanceerde aanvallen (met nieuwe, onbekende
aanvalspatronen) zijn vrijwel kostenefficiënt te voorkomen of te detecteren en zal er dus een
(groter) incident optreden. De uitdaging bij deze incidenten is om te zorgen voor een korte
hersteltijd.
Niveau aanval Focus van maatregel
1. Cybervandalen en
scriptkiddies
2. Hacktivisten,
3. Interne actoren
Focus op preventie
Mogelijke maatregelen:
Self assessments, audits, patch management,
netwerkscheidingsmogelijkheden, snel delen van
aanvalspatronen via CSIRT, (Computer Security Incident
Response Team).
Niveau aanval Focus van maatregel
4. Beroepscriminelen
5. terroristen
Focus op vroege detectie en snelle reactie
Mogelijke maatregelen:
24/7 monitoring via SIEM/SOC, bij gedetecteerde aanval
preventief externe netwerkverbindingen uitschakelen.
Zorgen voor een extra beveiligd netwerk/toegangskanaal
(met meer encryptie en vaker wisselende sleutels, speciale
extra hardened laptops.
6. Statelijke actoren Focus op herstelmogelijkheden
Mogelijke maatregelen:
Zorg voor mogelijkheden tot handbediening en snel herstel.
Train om handbediening mogelijk te houden, en in
contracten ervoor zorgen dat er altijd een “manual override”
mogelijk blijft.
Waar focus op hertel te grote risico’s inhoudt, kan er in
uitzonderlijke gevallen gekozen worden voor extra fysieke
beveiliging en analoge
bediening/regel/veiligheidssystemen.
Tabel 2: Overzicht aanvalsniveaus en focus van maatregelen
Door ervoor te kiezen om niet alle risico’s te mitigeren met preventieve maatregelen kunnen
de kosten beperkt gehouden worden, zonder dat het risiconiveau significant omhoog gaat.
Bijvoorbeeld: Het niveau van preventieve maatregelen om een Stuxnet stijl aanval (statelijke
actor) te kunnen afslaan is heel duur. Door ook “snel herstellen” als maatregel op te nemen
(en dit te oefenen) kan ook als er een aanval gemist wordt (ook al is die op zich van laag
technisch niveau) toch snel weer verder gegaan worden met de normale operatie.
More trend snippets in Electricity and gas supply
Perceived liveability in the neighborhood has increased slightly
The score for the quality of life in the neighborhood is 7.6. This is slightly higher than in 2017 and 2012.
- In the longer term, from 2008 and 2005 respectively, opinions about physical facilities and social cohesion have changed little.
- Satisfaction with the physical facilities is slightly higher than in 2017 and 2012.
- Satisfaction with social cohesion is slightly higher than in 2017 and 2012.
20 January 2021
|
Report
:
CBS Veiligheidsmonitor 2019
Perceived nuisance in the neighborhood has not changed
In total, the neighborhood nuisance experienced is the same as in 2017 and less than in 2012.
- The physical deterioration from which Dutch people experience a lot of nuisance in their neighborhood is less than in 2017 and 2012. The perceived social nuisance has not changed compared to 2017, but less than in 2012.
- The perceived traffic nuisance is higher than in 2017 and equal to that in 2012.
- Almost half of the inhabitants (49 percent) of the 70,000+ municipalities will experience in 2019
a lot of neighborhood nuisance; a lot of nuisance is experienced especially in the four largest cities; the
neighborhood nuisance is comparable to 2017.
20 January 2021
|
Report
:
CBS Veiligheidsmonitor 2019
Public sense of safety has increased
In 2019, 32 percent of Dutch people sometimes felt unsafe in general. This is lower than in 2017 and 2012.
- Public sense of insecurity has decreased by 34 percent compared to 2005.
- 14 percent of Dutch people sometimes felt unsafe in their own neighborhood in 2019, this is lower than in 2017 (16 percent) and 2012 (18 percent).
- In 2019, public sense of insecurity was around 14 percent lower than in 2008.
- Compared to 2017, fewer Dutch people in 2019 indicate that they do not open the door in the evening because they do not think it is safe. A smaller group also feels unsafe at home in the evenings, and the group that is afraid of becoming a victim of crime has shrunk. The proportion that detours because of unsafe places or that feels unsafe on the street at night is comparable to 2017. Compared to 2012, public sense of insecurity at night and avoidance behavior in the neighborhood have also generally decreased.
- 36 percent of all Dutch people sometimes feel unsafe in places where groups of young people hang out. One in five sometimes feels unsafe around entertainment venues. Furthermore, 6 percent sometimes feel unsafe in their own home. That is less than in previous years.
- 18 percent of the residents of the 70,000+ municipalities sometimes feel unsafe in their own neighborhood. This public sense of insecurity is highest in the G4 (23 percent), followed by the G40 (17 percent) and the other 70,000+ municipalities (13 percent).
20 January 2021
|
Report
:
CBS Veiligheidsmonitor 2019
Victimization of traditional crime has declined
In the longer term, from 2005, crime victimization has decreased by 50 percent.
-17 percent of the residents of the 70,000+ municipalities were victims of one or more forms of crime in 2019. This is lower than in 2017 (19 percent). Victimization is greatest in the G4 (21 percent), followed by the G40 (15 percent) and the other 70,000+ municipalities (12 percent). Particularly in the G40 and the other 70,000+ municipalities, victimization has decreased compared to 2017. In the G4, victimization has remained the same.
In 2019, 2 percent of Dutch people were victims of violence, 9 percent of property crimes and 5 percent of vandalism.
-The victimization rate of vandalism and property crimes has decreased compared to 2017; the victimization rate for violence has remained the same over the past two years.
-A total of 14 percent in 2019 were victims of one or more of these forms of "traditional" crime; this is lower than in 2017 (15 percent) and 2012 (20 percent)
-In 2019, 23 percent of the crimes encountered by victims of traditional crime were reported to the police. This is comparable to 2017 (24 percent) and less than in 2012 (29 percent).
20 January 2021
|
Report
:
CBS Veiligheidsmonitor 2019
Cybercrime victimization has increased
One in nine Dutch people (13 percent) was a victim of cybercrime in 2019; this is higher than in 2017 and 2012.
- In 2019, 8 percent of the crimes encountered by victims of cybercrime were reported to the police. This is comparable to previous years.
- Hacking is the most common of cybercrime offenses in 2019 (6 percent). This is followed by sale or purchase fraud (5 percent), internet bullying (4 percent) and identity fraud (1 percent).
20 January 2021
|
Report
:
CBS Veiligheidsmonitor 2019
Social preventive behavior has increased slightly
Social preventive behavior overall increased slightly between 2017 and 2019. The presence of preventive facilities in / around the home has decreased slightly compared to 2017.
- Almost seven in ten Dutch people often take valuables out of the car in 2019 to prevent theft.
- 45 percent often leave the lights on at night when no one is home.
- 63 percent of Dutch citizens have extra security locks.
- 12 percent have an alarm system at home.
- In terms of the presence of preventive facilities in or around the home, almost all districts in Zeeland - West Brabant, East Brabant and Limburg score higher than average.
20 January 2021
|
Report
:
CBS Veiligheidsmonitor 2019
Almost half of the Dutch population has confidence in the national government
Almost half of the Dutch population (47%) has (a lot of) confidence in the national government. That is significantly higher than previous years. Also, 57% of the Dutch population has confidence in the provision of information by the national government during crises or disasters.
14 April 2021
|
Report
:
Risico- en Crisisbarometer
The Dutch population worries most about the rise of infectious diseases
A shift is visible regarding worrying societal events. Before, terrorism was the largest worry amongst the Dutch population (now 19%). This has shifted to infectious diseases, in particular the COVID-19 virus (now 22%).
14 April 2021
|
Report
:
Risico- en Crisisbarometer
Infectious diseases are estimated by the Dutch population as having a higher chance of occurrence and higher impact
From the perspective of the Dutch population, infectious diseases have a higher chance of occurrence. Also, the consequences and impact of infectious diseases are estimated higher than before. Consequently, infectious diseases are, from the perspective of the Dutch population, the most destructive events that can occur.
14 April 2021
|
Report
:
Risico- en Crisisbarometer
The Dutch population has a higher estimation of the occurrence of wildfires, extreme weather, radiation accidents and financial crises
From the perspective of the Dutch population, it is estimated that the occurrence of wildfires, extreme weather, radiation accidents and financial crises are more frequent.
14 April 2021
|
Report
:
Risico- en Crisisbarometer
More than half of the Dutch population feel obliged to help others when a crisis or incident occurs
60% of the Dutch population feel obliged to help others when a crisis or incident occurs. 59% feels that it is in their character to help others in such situation. However 49% indicate that they will only help others in times of crisis or incident when they know their loved ones are safe.
14 April 2021
|
Report
:
Risico- en Crisisbarometer
The number of Dutch citizens that have fallen victim to cybercrime has increased in 2019
Between 2017 and 2019, the number of Dutch citizens that have fallen victim to cybercrime has increased from 11% to 13%. This concerns, for example, sales fraud, credit card fraud and hacking. Bullying and stalking via the internet is also seen as cyber crime.
21 June 2021
|
News
:
Less burglary or Violence, more Cyber Crime in Security Monitor
This threat landscape paper provides valuable insights into emerging trends in terms of cybersecurity threats, threat actors’ activities as well as vulnerabilities and cybersecurity incidents.
The ENISA Threat Landscape 2023 report is a comprehensive overview of the cybersecurity landscape, drawing insights from open sources and ENISA's Cyber Threat Intelligence capabilities. It covers various cybersecurity threats, including threat actors, CVE landscape, ransomware, malware, and more. The report categorizes threat actors, providing insights into their motives, impact, and tactics. It emphasizes the challenges of attribution and highlights the misuse of legitimate tools by state-nexus groups. Additionally, the report addresses evolving tactics of cybercriminals, hackers-for-hire, and hacktivists. It provides recommendations for threat mitigation and offers valuable insights into the attributed threat actors during the reporting period. Overall, it serves as a crucial resource for understanding emerging threats and cybersecurity trends.
31 January 2024
|
Report
:
ENISA Threat Landscape 2023
Digitalization is making Dutch society increasingly vulnerable
Due to the continuing digitalization of Dutch society, the offline and the online worlds are becoming interconnected. More devices contain digital technology, more services are rendered by digital means and more data is processed digitally. Since the cyber resilience of these developments is often subpar this constitutes an increase of Dutch vulnerability.
30 March 2021
|
Report
:
Cyberweerbaar met nieuwe technologie
Increasingly dependence on foreign companies and products is undermining Dutch en European strategic sovereignty as well as introducing new vulnerabilities
The growing dependence of endusers on foreign products and services brings with it a wide array of issues. Foreign states and their companies are not always obliged to follow Dutch or European laws. They can even be under state control or pressured into undermining their users or customers. Loss of service during an issue at the supply side is also a new vulnerability that was introduced by foreign dependencies.
As other states and foreign actors are further in the development and implementation of new technologies, the Netherlands and European Union are at risk of becoming increasingly dependent on foreign actors.
30 March 2021
|
Report
:
Cyberweerbaar met nieuwe technologie
New technologies provide opportunities to enhance cyberresilience
Machine learning, post-quantumcryptograpy, quantumcommunications, distributed systems, LiFi and 5G all offer novel ways to enhance once's cyber resilience. From automated 0-day detection and patching to new heights of encryption using quantum. These two examples are not just potential choices, but necessary to combat the new vulnerabilities that these technologies also opened up.
30 March 2021
|
Report
:
Cyberweerbaar met nieuwe technologie
New technologies create new vulnerabilities
New technologies provide new vulnerabilities. Applied machine learning, for instance, could automate the execution of cyberattacks. new technologies can also lead to entirely new ways to attack a target. The creation of deep fakes to manipulate populations is novel attack vector that did not exist before. Lastly new technology and its application provide new vulnerabilities. Machine learning is very vulnerable to data pollution, providing actors with a new way to undermine actors that use machine learning.
30 March 2021
|
Report
:
Cyberweerbaar met nieuwe technologie
Increasing cyber resilience with existing technologies
There is only limited gains to be had by in investing in new technologies if we are not using existing technologies on a larger scale to increase cyber resilience. There is still much to be gained from taking basic security measures (strong passwords, 2-factor authentication *), encryption, the use of Privacy Enhancing Technologies (PETs) *, open data standards *, open source software * and more secure communication protocols.
30 March 2021
|
Report
:
Cyberweerbaar met nieuwe technologie
Lack of expertise and talent in cyberresilience
Many different organizations and reports show us that there is a large lack of experts in the field of cyberresilience. Both in the Netherlands and globally.
30 March 2021
|
Report
:
Cyberweerbaar met nieuwe technologie
A large part of the Dutch population feels that the national government does too little to prevent extremism, subversive crime and tensions between population groups
For most occurring events, such as floods, terrorism and geopolitical tension, the majority of the Dutch population thinks that the national government does enough to prevent and tackle such events. However, for three events (extremism: 38%, subversive crime: 45%, tensions between population groups: 49%), a significant percentage of the Dutch population feels that the government does too little to prevent these events.
20 April 2021
|
Report
:
Risico- en Crisisbarometer
The improvement of IT and OT systems' resilience is essential in protecting critical processes from cyberthreats
Many suppliers of so-called critical processes utilise outdated OT-systems. In the past, many OT-systems functioned independently from IT-systems. Consequently, such OT-systems did not take into account the necessary safety and security measures in order to connect to other IT-systems. Currently, seen that OT and IT systems are becoming more interconnected, problems can arise regarding their cybersecuritymeasures.
10 May 2021
|
Report
:
In order to increase the cyber resilience of the Dutch society it is necessary to invest in scientific cybersecurity research, avoid 'braindrain' to other countries and attract cybersecurity specialists
The Netherlands is currently dependent on various (European) countries regarding the delivery of cyber products and - services. Besides, fundamental scientific research regarding cybersecurity is underfunded. Also, the research that is conducted in the Netherlands is subject to 'braindrain', meaning that valuable (Dutch) knowledge is being utilised in other countries. Lastly, there is a shortage of qualified cybersecurity specialists. All of these factors lead to a weakened state of cyber resilience in the Netherlands.
10 May 2021
|
Report
:
As protection of the public is a governments social responsibility, it should assist vital infrastructure companies in securing IACS
Cyberattacks to Industrial Automation Control Systems (IACS) in vital infrastructure could lead to large incidents and consequences. Therefore, the government should keep an eye on organisations in the vital sector. Involved sectors believe it is important to show to the public that they are secured and safe out of their social responsibility.
21 May 2021
|
Report
:
Onderzoek Cybersecurity voor Industrial Automation en Control Systems (IACS)
There is a need for sector specific cooperation and testing within IACS in the vital sectors
Organisations have expressed the need for cooperation and testing, this could be realized by creating sector specific security frameworks, stimulating, and facilitating Information Sharing and Analysis Centres (ISACs) and exercises focused on IACS specific attackscenarios, on the national and the international level.
21 May 2021
|
Report
:
Onderzoek Cybersecurity voor Industrial Automation en Control Systems (IACS)
The government has a role in maintaining an overview and ensuring robustness of IACS and cyber resilience.
The government can ensure robustness by making sure vital sectors have their own sectoral IACS control framework, supervision can be strengthened proportionally. Knowledge about IACS should be gathered and sharing (classified) IACS threat information is better facilitated. And IACS managers and administrators should be better supported in the purchasing process.
21 May 2021
|
Report
:
Onderzoek Cybersecurity voor Industrial Automation en Control Systems (IACS)
Economic fragility and societal divisions are set to increase
Underlying disparities in healthcare, education, financial stability and technology have led the COVID-19 crisis to disproportionately impact certain groups and countries. The economic and long-term health impacts will continue to have devastating consequences. The pandemic’s economic shockwave—working hours equivalent to 495 million jobs were lost in the second quarter of 2020 alone—will immediately increase inequality, but so can an uneven recovery. Only 28 economies are expected to have grown in 2020. Nearly 60% of people identify “infectious diseases” and “livelihood crises” as the top short-term threats to the world. Loss of lives and livelihoods will increase the risk of “social cohesion erosion”, which is also a critical short-term threat.
31 May 2021
|
External
:
The Global Risks Report 2021
Growing digital divides and technology adoption pose concerns
COVID-19 has accelerated the Fourth Industrial Revolution, expanding the digitalization of human interaction, e-commerce, online education and remote work. These shifts will transform society long after the pandemic and promise huge benefits—the ability to telework and rapid vaccine development are two examples—but they also risk exacerbating and creating inequalities. “Digital inequality” is a critical short-term threat. A widening digital gap can worsen societal fractures and undermine prospects for an inclusive recovery. Progress towards digital inclusivity is threatened by growing digital dependency, rapidly accelerating automation, information suppression and manipulation, gaps in technology regulation and gaps in technology skills and capabilities.
31 May 2021
|
External
:
The Global Risks Report 2021
A doubly disrupted generation of youth is emerging in an age of lost opportunity
While the digital leap forward unlocked opportunities for some youth, many are now entering the workforce in an employment ice age. Young adults worldwide are experiencing their second major global crisis in a decade. Already exposed to environmental degradation, the consequences of the financial crisis, rising inequality, and disruption from industrial transformation, this generation faces serious challenges to their education, economic prospects and mental health. The risk of “youth disillusionment” is being largely neglected by the global community, but it will become a critical threat to the world in the short term. Hard-fought societal wins could be obliterated if the current generation lacks adequate pathways to future opportunities—and loses faith in today’s economic and political institutions.
31 May 2021
|
External
:
The Global Risks Report 2021
Climate continues to be a looming risk as global cooperation weakens
Climate change continues to be a catastrophic risk. Although lockdowns worldwide caused global emissions to fall in the first half of 2020, emissions could bounce back. A shift towards greener economies cannot be delayed until the shocks of the pandemic subside. “Climate action failure” is the most impactful and second most likely long-term risk. Responses to the pandemic have caused new domestic and geopolitical tensions that threaten stability. If geopolitical tensions persist, middle powers will struggle to facilitate a global recovery and reinforce resilience against future crises.
31 May 2021
|
External
:
The Global Risks Report 2021
A polarized industrial landscape may emerge in the post-pandemic economy
As economies emerge from the shock and stimulus of COVID-19, businesses face a shakeout. Existing trends have been given fresh momentum by the crisis: nationally focused agendas to stem economic losses, technological transformation and changes in societal structure—including consumer behaviors, the nature of work and the role of technology both at work and at home. The business risks emanating from these trends have been amplified by the crisis and include stagnation in advanced economies and lost potential in emerging and developing markets, the collapse of small businesses, widening the gaps between major and minor companies and reducing market dynamism, and exacerbation of inequality; making it harder to achieve long-term sustainable development.
31 May 2021
|
External
:
The Global Risks Report 2021
The highest likelihood risks of the next decade are extreme weather, climate action failure and human-led environmental damage
Among the highest likelihood risks of the next ten years are extreme weather, climate action failure and human-led environmental damage; as well as digital power concentration, digital inequality and cybersecurity failure.
31 May 2021
|
External
:
The Global Risks Report 2021
The highest impact risk of the next decade is infectious diseases
Among the highest impact risks of the next decade, infectious diseases are in the top spot, followed by climate action failure and other environmental risks; as well as weapons of mass destruction, livelihood crises, debt crises and IT infrastructure breakdown.
31 May 2021
|
External
:
The Global Risks Report 2021
Increased use of algorithms poses risk of automation bias and manipulation
Decisions historically made by humans are increasingly being made by sophisticated algorithms that apply machine learning to large data sets. Automating these decisions
deepens biases when they depend on black-box algorithms developed using skewed historical data sets. Individuals and non-state groups have access to algorithms that can spread dangerous content with unprecedented efficiency, speed and reach. Malicious
actors are also becoming more capable of launching misinformation campaigns on a national and global scale.
1 June 2021
|
External
:
The Global Risks Report 2021
Digitization heightens risk of losing digital autonomy
At a time when a growing number of human activities are going digital, individuals and
institutions face a heightened risk of losing their digital autonomy. As social identities become more defined by online identities, users will be increasingly at risk of exposure to
targeted political manipulation, invasion of privacy, cybercrime, financial loss, and psychological or physical harm. However, the responding regulatory “techlash” risks internet restriction, information censorship and cut communications.
1 June 2021
|
External
:
The Global Risks Report 2021
States and non-state actors will engage in more dangerous and sophisticated cyberattacks
States and non-state actors alike will likely engage in more dangerous cyberattacks, and these attacks will become more sophisticated. These concerns will continue to create a difficult global trade and business environment, adding to the risk of anaemic global economic growth
1 June 2021
|
External
:
The Global Risks Report 2021
Preparation for digital disruption needs to become part of the security policies aimed at the continuation of societal processes
In a recent report it is mentioned that preparation for digital disruption needs to become part of the security policies aimed at the continuation of societal processes. Cybersecurity alone, however important, is not enough. Resilience to digital disruption requires action from all actors and stakeholders in a network or chain.
Digital disruption, whether caused by cyberattacks or not, increasingly impact vital infrastructures in our society. They bring high economic and societal costs with them. Lastly, attacks on critical infrastructures are used in geopolitical conflicts, with a blurring concept of borders and growing influences on processes and strategic positions of other countries.
24 August 2021
|
News
:
WRR report emphasizes importance of preparation for digital disruption
Large companies take more measures against cyberthreats
It can be seen that easily applicable measures against cyberthreats are both implemented by small and large companies. For example, more than 80% of all companies utilise anti-virussoftware. However, difficult measures are mostly implemented by larger companies. For example, the use of VPN is larger at big companies.
25 August 2021
|
Report
:
Cybersecuritymonitor 2020
The use of two-factor authentication has increased in the last four years
The utilisation of soft- and hardware tokens (two-factor authentication) to login at a company has increased in the last four years. The utilisation at large companies has increased from 71% in 2016 to 87% in 2019, at SME's it has increased from 29% in 2016 to 54% in 2019 and at small companies it has increased from 23% in 2017 to 42% in 2019.
25 August 2021
|
Report
:
Cybersecuritymonitor 2020
Large companies outsource their ICT-security more often than small companies
About half of the small companies in the Netherlands perform their ICT-security on their own, whilst only 20% of large companies do this on their own. Consequently, large companies have more resources which they can use to outsource their security to other companies.
25 August 2021
|
Report
:
Cybersecuritymonitor 2020
The number of Dutch domain names with DNSSEC is steadily increasing
The percentage of .nl domain names with DNSSEC is steadily increasing. Between the 1st of June 2021 and 1th of October 2020, it has increased from 0 to 56 procent.
25 August 2021
|
Report
:
Cybersecuritymonitor 2020
Large companies report more cyber-related incidents than small companies
From 2016-2019, large companies consistently report more cyber-related incidents than small companies. This has several reasons. For internal incidents, like the disruption of hard- and software, the complex infrastructure of large companies provides a bigger chance of hard- and software malfunction. For external incidents, larger companies are a more interesting target for cybercriminals, leading to potential disruption.
25 August 2021
|
Report
:
Cybersecuritymonitor 2020
Half of the ICT-incidents are not associated with additional costs
From 2016-2019, it can be seen that half of the ICT-related security incidents are not associated with additional costs. This is the case for internal as well as external incidents.
25 August 2021
|
Report
:
Cybersecuritymonitor 2020
The number of internal and external ICT related incidents has decreased
Over the years 2016-2019, the number of internal and external ICT related incidents has decreased. For example in 2016, almost 40% of large companies dealt with ICT related security incidents, whilst in 2019 this number decreased to 20%.
25 August 2021
|
Report
:
Cybersecuritymonitor 2020
In 2019 more data leakages have been reported to the Dutch Data Protection Authority
In 2019, more data leakages have been reported to the Dutch Data Protection Authority, compared to 2018. In 2019, 26956 were reported, whilst in 2018 this number was 20881. Most of the reported data leakages came from the Dutch health sector, financial sector and public administration.
25 August 2021
|
Report
:
Cybersecuritymonitor 2020
In 2020, conflict levels slightly decreased in all regions except for Africa
From 2019 to 2020, conflict levels slightly decreased in all regions except for Africa. Still, many conflicts continued unabated despite the global COVID-19 pandemic, and several took on new dimensions as actors responded to the health crisis. Because the pandemic is a unique development, it is expected that global conflict levels, locations, and agents increase significantly in 2021.
27 August 2021
|
External
:
Ten Conflicts to Worry About in 2021
Lessons learned from Citrix software vulnerabilities
On December 17, 2019, US software manufacturer Citrix made a public announcement on its website that a number of their software products contained a vulnerability. This vulnerability allowed attackers to penetrate the digital systems of organizations using these products. Citrix indicated what measures organizations could take to temporarily solve the problems, but did not yet have a definitive solution. The Dutch Safety Board investigated what lessons can be learned from the way in which the parties involved dealt with the risks of vulnerabilities in Citrix software and other incidents in which vulnerabilities in software were abused by attackers. This involved looking at both the prevention and control of such incidents.
1 February 2022
|
Report
:
Kwetsbaar Door Software
Implementing Zero Trust dampens the impact of a data breach
According to the IBM 2021 Cost of a Data Breach Report, companies who have experienced a data breach, but have implemented Zero Trust principles at a mature stage manage to preserve up to nearly 2 million dollars more than those organizations which have not implemented Zero Trust principles.
20 January 2023
|
Report
:
The What, How, and Why of Zero Trust Cybersecurity
Increase in the use of sensors, such as cameras or trackers that monitor and record your movement, to promote quality of life and safety
In the Netherlands, sensors, such as cameras or trackers that monitor and record your movement, are increasingly being used to promote quality of life and safety. Citizens
and companies have about 1.5 million security cameras, municipalities have over 3,000 surveillance cameras and the police have about 500 to 1,000. As new technology becomes smaller, more mobile and cheaper, they can be more easily built in, such as with cameras in smartphones. In addition, collection and processing of data is becoming increasingly easier, such as with smart algorithms in apps. This has created an extensive network of sensors that produces a large amount of data. This network consists not only of new sensors, but also of new actors and forms of supervision. Because citizens are not only monitored by the government and companies (surveillance), they also use sensors themselves to monitor each other (horizontal surveillance) or to keep an eye on the government and companies (sousveillance).
20 May 2021
|
Report
:
Burgers en Sensoren
Risk management of dependencies and vulnerabilities in the IT supply chain is increasingly important
Due to the increasing (digital) entanglement of (digital and physical) supply and production chains, disruptions in these chains can have a major impact. Organizations are increasingly dependent on a network of providers for the continuity and security of their processes, with whom they do not always have a contract. Risk management on all those dependencies in the supply chain is becoming increasingly important, both to provide insight into risks and to control them with possible measures.
3 June 2021
|
Report
:
TNO 2021 R10245: Vraagstukken en perspectieven voor ICT SCRM – een initiële verkenning
A broad view of supply chain risks is important but sometimes difficult to organize in practice
A broad view of supply chain risks is important but this is sometimes difficult to organize in practice and is certainly not always well invested. The complexity of supply chains means that only a part of suppliers and dependencies can be mapped. Is it a supplier's product or one of the components, such as firmware or chips, does it deal with outsourcing or even the subcontractors? They do not have the capacity to map out more than the first-line suppliers in their own IT chains and the complexity of these relationships is also too great. There is a need to get a better grip on this and to engage with sector partners.
3 June 2021
|
Report
:
TNO 2021 R10245: Vraagstukken en perspectieven voor ICT SCRM – een initiële verkenning
Increasing use of cloud services poses cybersecurity risks
Managing the risks arising from the purchase of cloud services has emerged as a challenge. The trend of migration from IT infrastructures to cloud services will play an important role in the SCRM issue. The customer of the cloud service has no insight into which suppliers contribute to product development within the cloud environment, which is precisely the strength, the knowledge lies with the supplier and the customer does not have to worry about this, but one needs more insight here. Moreover, there is a limited number of large suppliers of cloud services, as a result of which different organizations (will) purchase the same service from the same party. This results in a shared dependency, which means that a disruption of this service can manifest itself all the more extensively. On the other hand, in general, these larger suppliers are reliable in cloud services and this is also the reason that many organizations use them. When looking at what kinds of risks or challenges are seen, this ranges from general cybersecurity threats, such as data leaks, hacked data, or a vulnerability that is used as a stepping stone, to specific risks.
3 June 2021
|
Report
:
TNO 2021 R10245: Vraagstukken en perspectieven voor ICT SCRM – een initiële verkenning
Society is confronted with new risks under the influence of developments in technology, demography and climate
Society is confronted with new risks under the influence of developments in technology, demography and climate. Although risks are inherently uncertain, the uncertainty surrounding new risks is even greater, partly due to the lack of risk data and the multitude of factors that influence the risk. The new risk and crisis types are clearly different from the more regular or routine crises, such as fires and minor floods. These new or unprecedented crises are difficult to identify, are not limited to one particular sector and can escalate very quickly. New technological risks also lead to more fear and uncertainty.
8 June 2021
|
Report
:
Cyberrisico's en Veiligheidsregio's
The effectiveness of strategies against hybrid threats varies by domain of application
Modern communication technologies allow for diplomatic negotiations to take place faster as well as more frequently. Likewise, the contemporary information environment presents aggravated asymmetries between offense and defense, as the attack surface of open societies is large and vulnerable to aggressive state and criminal non-state actors. Similarly, the growing prominence of cyberspace as a domain presents new issues to traditional deterrence, given its novel asymmetries of ambiguity and relatively inexpensive offense, and expensive and rarely effective defense. Meanwhile, the military instrument remains a class of its own because it is the only one via which violence and damage can be applied directly. In contrast, the economic domain continues to grow in importance due to the ever-increasing interconnectedness of the public and private sector. In comparison to other domains, the shaping power of law is most dependent upon the perception and commitment of all parties. But even in an antagonized world, law can be a relevant instrument, if only because abiding by its tenets may convey a moral high-ground which can be capitalized on.
15 June 2021
|
Report
:
A Framework for Cross-Domain Strategies Against Hybrid Threats
Cyber specific threats within the trade sector and supply chain
There are three cyber specific threats for the trade sector and supply chain(s): stepping-stone attacks, ransomware and social engineering.
22 June 2021
|
Report
:
Cyber-Ketenweerbaarheid
Cyber specific vulnerabilities within the trade sector and supply chain
There are five vulnerabilities mentioned, the first being dependency on IT. Play during the registration, sorting and delivery of products IT processes play a central role, such as sorting systems in distribution centers and scheduling systems for the delivery of ordered products. The second vulnerability is unsafe behavior of end users. The other vulnerabilities are bad IT security of partners, a lack of contracts and deliberation about cyber security, and an inadequate datastream.
22 June 2021
|
Report
:
Cyber-Ketenweerbaarheid
Internal lessons for preventing and combating cyber incidents within the trade sector and supply chain
There are two lessons mentioned for internal security. The first lesson is internal development and maintenance of systems. Systems and databases are often developed and maintained by external parties. To reduce dependance it is important that these processes will be done internal. The second lesson is that of fully covering procedures. Internal procedures and protocols should be made about how employees should behave.
22 June 2021
|
Report
:
Cyber-Ketenweerbaarheid
Lessons for cyber security between supply chain links within the trade sector
The four lessons are separated network environments to reduce direct risk, contractual requirements and agreements in the field of cyber security, data stream to smaller chain partners, and structural deliberation between suppliers and users.
22 June 2021
|
Report
:
Cyber-Ketenweerbaarheid
Lessons for cyber security of trade sector and supply chain
There are two lessons mentioned for the security of the trade sector and supply chain. The first lesson is to monitor the threat dependence of customers and suppliers. The second lesson is that of information sharing initiatives. Sharing information within the sector has been regarded as very useful by participants.
22 June 2021
|
Report
:
Cyber-Ketenweerbaarheid
Technological opportunities and weaknesses in The Netherlands
The role of advanced technologies, such as virtual reality, augmented reality and Artificial Intelligence, is growing. Risky applications, such as deepfakes, call for vigilance to safeguard privacy and fundamental rights. In addition to risks, advanced technologies also provide opportunities for an open, prosperous society and more efficient service delivery. For example, advanced technology is helping to combat the corona crisis. Technology is also being used and further developed for the benefit of detection. Applications that are
currently under development, such as metaverse and quantum computing, will also find their way into government, business and society.
16 February 2022
|
Report
:
Strategisch Omgevingsbeeld 2021
Strategic view on national security in The Netherlands
The security of the Netherlands is constantly threatened by foreign government agencies in order to promote their own economic and political-strategic interests. They use espionage (digital) sabotage and (covert) influence. This affects the prosperity, stability and openness of our society. Government agencies also outsource operations to criminal groups. Advanced digital means are used. Classic means, such as influencing companies through investments and theft of company secrets, remain part of the modus operandi. In the Netherlands, companies and knowledge institutions are the main targets. But vital infrastructure, such as energy supplies and water management, is also targeted,
and Dutch social cohesion are increasingly under threat.
16 February 2022
|
Report
:
Strategisch Omgevingsbeeld 2021
An appropriate legal framework on AI is being considered
THe Council of Europe Ad hoc Committee on Artificial Intelligence (CAHAI) has considered the potential elements of a legal framework for the development, design an application of artificial intelligence. Outcomes involve a legally binding transversal instrument in addition to existing or future legally binding and/or non-legally binding instruments on a sectoral level.
24 February 2023
|
Report
:
Possible Elements of a Legal Framework on Artificial Intelligence
Dutch citizens believe they are well informed about digital and online security
Most Dutch people think that they are (reasonably) well informed about online safety (65%). Only a small number of people feel that they are under-informed (9%). A number of digital dangers have been presented to people in this study. Of most of these dangers, the Dutch indicate that they know what they are, especially identity fraud (89%). The high level of awareness of identity fraud may be caused by the fact that this form of fraud can also occur offline. Furthermore, about a quarter of Dutch people (23%) indicate that they have had to deal with phishing and 60% are familiar with phishing.
22 January 2021
|
Report
:
Veilig Online 2020
Two-thirds of Dutch citizens have come into contact with a digital risk in the past year. Dutch citizens have basic knowledge about how to recognize phishing messages
Almost half of Dutch citizens (45%) have received emails in the past 12 months with attempted phishing in a private situation, and 16% received such emails in a work situation. Phishing is therefore the most common digital threat. It is therefore important that Dutch citizens are familiar with phishing and can recognize phishing in order to protect themselves. More than four in five Dutch people (83%) are familiar with phishing, and of this group almost everyone knows how to recognize phishing (98%). Particular attention is paid to the e-mail address (59%), the request for personal data (52%) and the language use (50%).
To recognize phishing, the Dutch mainly look at the e-mail address of the sender (59%), whether personal information (52%) or money (40%) is requested and what the language use or writing style of the e-mail is (50%). ). Links in emails are viewed by 29%, and 34% look at the target address behind the link. Phishing is also increasingly done via SMS and WhatsApp. To unmask those phishing messages, Dutch people check whether the messages ask for certain information (55%), whether they are asked to enter login details and passwords (51%), whether money is requested (49%) and whether personal information is requested (44%).
22 January 2021
|
Report
:
Veilig Online 2020
Dutch citizens estimate that the chance that they will be harmed by digital risks is low
People's risk assessment of various digital risks is low. Risks are often abstract, so it is difficult for people to imagine. An added problem with this is that people tend to ignore risks. As a result, they often do not take preparatory measures or adjustments to their behavior to reduce their personal risk. In addition, people are often inclined to estimate risks lower or think that it is mainly other people who are at risk.
22 January 2021
|
Report
:
Veilig Online 2020
Dutch citizens have limited concerns about their digital security
46% of Dutch people indicate that they are only slightly concerned about their online security in their private situation. 6% are very concerned. Dutch people who are very concerned or somewhat concerned about their online security indicate that they are concerned because they are afraid of not being aware of cyber criminals' approach (48%), because they are afraid that people will be able to view their data (47%) and because they fear financial data will be stolen (44%). Dutch people who are not concerned about their online security say that they are not worried because they always check whether websites and links are false (43%), because they update their devices (43%) and because they regularly perform virus scans ( 42%). The degree to which Dutch people are concerned about their online security in their private situation has remained stable over the past three years (44-46% are (very) concerned).
22 January 2021
|
Report
:
Veilig Online 2020
The need among Dutch people who are lagging behind in online security to improve themselves in online security is low
Most Dutch people who are willing to take action are also those who have already taken action (61%). The need to improve their own online security in the group that has taken fewer actions for the time being is relatively low. Actions that these Dutch people may be willing to take are using antivirus software (48%), regularly performing (security) updates (43%), checking links (40%), regularly making backups ( 40%) and immediate software updates (39%).
22 January 2021
|
Report
:
Veilig Online 2020
Dutch citizens do not want to pay for better services to increase security and have difficulty with security instructions
Most obstacles Dutch citizens experience are of financial nature. 58% does not want to pay for a service (such as a password manager) and 40% thinks the price of security software / virus scanner is an obstacle. Free services for password managers and virus scanners are not trusted by a third of Dutch people (33%). Most Dutch people indicate that they have no trouble making backups (57%) and know what a good virus scanner is (45%). The Dutch have more difficulty with security instructions (35%) and constantly creating new passwords (34%). They also find it a hassle to have a different password for each device and account (44%). However, they do indicate that they handle their passwords well (69%) and use different passwords (66%).
22 January 2021
|
Report
:
Veilig Online 2020
Dutch citizens often consider their online behavior to be safe
A majority of the Dutch people consider that they deal reasonably to very safely with the various issues presented with regard to safe online behavior. For example, a majority consider that they are good at updating their software (79%), with attempts at phishing emails (73%), the use of their devices by others (61%), making backups (58%), the granting of permissions on web shops (56%) and the use of USB sticks (55%).
Furthermore, Dutch people indicate that they have often adjusted the privacy settings of their social media accounts (48%). In addition, the Dutch pay attention to locks on websites (55%). 60% think a website is safe if it has a lock on it.
The Dutch people give themselves an average of 7.0 when it comes to dealing safely with online dangers. Dutch people who give themselves an unsatisfactory score feel that they have little understanding of online dangers (37%) and indicate that they are not always aware of them (27%). Dutch people who give themselves a satisfactory score, think that they are well informed (30%) and indicate that they are alert to online dangers (20%).
22 January 2021
|
Report
:
Veilig Online 2020
Few worries about digital security in a work situation
73% say they worry very little about their online safety in a work situation. This percentage is higher than last year (66%).
22 January 2021
|
Report
:
Veilig Online 2020
Employees' home network is the weak spot for companies: Three out of ten people who work from home still have the default password on their router
The occurrence of online risks is more closely monitored and observed in the work situation than in the private situation. Companies do a lot to have online security in order. However, with a lot of people working from home due to the pandemic, the home network and home situation could well become the Achilles heel of the corporate network; router passwords are not changed and children use company hardware.
Most Dutch people also do not have a clear picture of what safe online behavior means at work (57%) or in a private situation (52%). The corona crisis has forced more people to work from home. 48% of working Dutch people indicate that they have worked from home in the past 12 months. They often use a network connection with a password at home (78%). This password still appears to be the default password of the router relatively often (29%). Employees are often unable to state what their employer has done about special measures to make working from home possible since the corona crisis (57%). 16% indicate that his / her employer has made business equipment available.
22 January 2021
|
Report
:
Veilig Online 2020
Most companies have agreements about how to behave safely online. It is not difficult to keep to work agreements, but these agreements can be communicated more clearly
Seven out of ten (69%) working Dutch people indicate that agreements have been made with their company / organization about online safe behavior. 13% indicate that no agreements have been made at their company / organization. Agreements that have been made often concern the secure sending / exchange of files (35%), the use of websites and / or e-mail (33%), that only system administrators can install software (31%) and send exchange of personal data (31%).
Those who have work agreements (69%) do not find it difficult to (always) keep those agreements (81%). About half (46%) do experience obstacles in guaranteeing agreements about safe online behavior. This is mainly due to the way of communication. This is not always clear (13%), not sufficient (13%) or unambiguous (12%).
22 January 2021
|
Report
:
Veilig Online 2020
Decreasing trend in the number of completed, failed or foiled jihadist terrorist attacks
Over the course of three years, a decreasing trend can be seen regarding the number of completed, failed or foiled jihadist terrorist attacks. Whilst in 2017, the number of jihadist related incidents was 33, respectively in 2018 and 2019 this number decreased to 24 and 21.
Furthermore, the most frequent targets of jihadist attacks are public places and military or law enforcement personnel.
12 May 2021
|
Report
:
European Union Terrorism Situation and Trend report 2020
The number of right-wing terrorist attacks increased in 2019
After a decline in the number of right-wing terrorist attacks in 2018 (one attack), six attacks were reported by EU member states in 2019. Of these six attacks, one was completed, two failed and four foiled. Only three EU member states reported these attacks, namely the United Kingdom (UK), Lithuania and Poland.
12 May 2021
|
Report
:
European Union Terrorism Situation and Trend report 2020
Varying trend regarding the number of left-wing and anarchist related terrorist attacks
The number of left-wing and anarchist related terrorist attacks has varied since 2015. Whilst in 2015 the number of incidents was 13, an increase can be seen in 2016 (27) and 2017 (24). A drop in the number incidents followed in 2018 (19), but reached the levels of 2016 and 2017 again in 2019 (26). In 2019, all of the attacks were committed in Greece (2), Italy (22) and Spain (2).
12 May 2021
|
Report
:
European Union Terrorism Situation and Trend report 2020
A slight decrease in the number of individuals that were arrested on suspicion of terrorist-related offences
In 2019, a slight decrease is seen in the number of individuals that were arrested on suspicion of terrorist-related offences. In 2019, 1004 individuals were arrested across 19 EU member states, whilst in 2018 the number of arrests was 1056. In the years before, (2017, 2016 and 2015), the arrest rates were respectively 1219, 1002 and 1077.
12 May 2021
|
Report
:
European Union Terrorism Situation and Trend report 2020
Varying trend regarding the number of right-wing related terrorism arrests
A varying trend is visible regarding the number of right-wing related terrorism arrests, from 2017 - 2019. Whilst in 2017, 20 individuals were arrested on suspicion of right-wing related terrorism, this number increased in 2018 to 44. However, in 2019, a decrease to 21 arrests can be seen.
17 May 2021
|
Report
:
European Union Terrorism Situation and Trend report 2020
The distribution of security jobs mirrors the distribution of economic activity in the Netherlands
Zuid-Holland has the greatest number of security jobs, both in terms of primary and secondary security jobs. Utrecht had the largest share of security jobs of all provinces. Generally, the distribution of security jobs mirrors the distribution of economic activity in the Netherlands. The provinces Zuid-Holland and Noord-Holland are economically large and populous, whereas this is less so for Drenthe and Zeeland.
20 May 2021
|
Report
:
Education and Labour Market in the Security Domain
In 2018 over 1.1 million employed persons were employed in a security related occupation
In 2018 over 1.1 million employed persons or 13 percent were employed in a security
related occupation. Almost 11 percent of all employed persons worked in an occupation
classified as secondary security. The remaining more than 2 percent worked in an
occupation classified as primary security. Compared to employed persons in other occupations, employed persons in security related occupations more often have a full-time job, are more often employee with a permanent contract, often fall into the middle age range (25–45) and are more often highly educated.
20 May 2021
|
Report
:
Education and Labour Market in the Security Domain
More security graduates are finding work, wages vary by province and level of education
The share of graduates of different programmes who found work after study was
marginally lower for security related programmes than the overall share. For example,
83 percent of graduates in upper secondary vocational security related programmes of
school year 2015/’16 found work within one year, whereas the share for all upper
secondary vocational programmes in that year was 85 percent. This difference was smaller
for higher professional programmes and was effectively zero for university programmes.
Over time the general trend is that more graduates are finding work. This trend is
particularly pronounced for university graduates from engineering programmes; 72 percent
of the university graduates in security related programmes of school year 2015/’16 found
work immediately and 89 percent within one year. Hourly wages varied per province. Generally, wages seem to be higher than the national median in Noord-Holland and Zuid-Holland. The level of education was however an important determinant of hourly wages per province. Wage growth was positive for all programmes in higher professional and university education.
20 May 2021
|
Report
:
Education and Labour Market in the Security Domain
Cyber-espionage threat actors adjust their tactics, techniques and procedures to embrace new technologies
Cyber-Espionage threat actors adjust their tactics, techniques, and procedures (TTPs) to embrace new technology, while keeping their tried-and-true TTPs operational. For example, Phishing (Social) and Backdoor (Malware) have served as go-to Action varieties. Downloader (Malware), Capture stored data (Malware) and Spyware/Keylogger (Malware) have all steadily declined from the 2014 DBIR to the 2020 DBIR, with Scan network (Malware) completely falling off the top 10 list by the time we get to the 2020 DBIR.
25 August 2021
|
External
:
Cyber-Espionage Report
34% of all cyber-espionage breaches occur in Europe
From 2014-2020, most cyber-espionage breaches occur in the Asia-Pacific region (42%), followed by the Europe, Middle East and Africa (EMEA) region (34%), and North America (NA) (23%) region.
This contrasts sharply with all breaches for this same timeframe, as NA (65%)
dominates, followed by APAC (17%) and EMEA (16%).
25 August 2021
|
External
:
Cyber-Espionage Report
The top compromised attribute by cyber-espionage breaches is software installation integrity
Looking at cyber-espionage breaches and the top compromised attribute varieties for the 2014-2020 DBIR timeframe, it can be seen that software installation (Integrity) (91%), alter behaviour (Integrity) (84%) and secrets (Confidentiality) (73%) as the top compromised Attribute varieties.
25 August 2021
|
External
:
Cyber-Espionage Report
The top discovery method for cyber-espionage breaches is screening suspicious traffic
In terms of top discovery methods for cyber-espionage breaches in the 2014-2020 DBIR timeframe, it can be seen that the top two methods are Suspicious traffic (48%) and Antivirus (23%), with Emergency response team a distant third (7%). This contrasts sharply with the top discovery methods for all breaches for the same timeframe, in which it can be seen that Law enforcement (28%), Fraud detection (19%) and Customer (15%), respectively, at the top.
25 August 2021
|
External
:
Cyber-Espionage Report
External actors are the most involved actors regarding cyber-espionage
From 2014-2020, external actors have been the dominant actor regarding cyber-espionage, ranging 69% to 88% over this timeframe. In contrast, internal actors range from 12% to 34% in the same timeframe.
25 August 2021
|
External
:
Cyber-Espionage Report
Financial motives are the most prominent motive for cyber-espionage breaches
Over the course of 2014-2020, the most prominent motive for cyber-espionage breaches was financially related. In this timeframe, the financial motive lay between 67% and 86%.
25 August 2021
|
External
:
Cyber-Espionage Report
50% of today's work activities could be automated by 2025
By 2025 it is estimated that 50% of today's work activities could be automated. For example, self-learning, reconfigurable robots will drive automation of physical processes beyond routine activities to include less predictable ones, leading to fewer people working in these activities and a reconfiguration of the workforce.
27 August 2021
|
External
:
Top trends in tech
Up to 80% of the global population could be reached by 5G coverage by 2030
With either high-band or low- to mid-band 5G reaching up to 80% of the global population by 2030, enhanced coverage and speed of connections across long and short distances will enable new services (for example, remote patient monitoring), business models (for example, connected services), and next-generation customer experiences (for example, live VR).
27 August 2021
|
External
:
Top trends in tech
More than 75% of enterprise-generated data will be processed by edge or cloud computing by 2025
The wide availability of IT infrastructure and services through cloud computing could shift the demand for on-premise IT infrastructure and reduce the need for IT setup and maintenance. Also, the democratization of infrastructure will help shift the competitive advantage away from IT to software development and talent.
27 August 2021
|
External
:
Top trends in tech
More than 75% of AI applied products will see improved usability, enriched personalisation and increased conversion
As AI matures and continues to scale, it will enable new applications (for example, more rapid development cycles and detailed customer insights), eliminate labor for repetitive tasks (for example, filing, document preparation, and indexing), and support the global reach of highly specialised services and talent (for example, improved telemedicine and the ability of specialised engineers to work on oil rigs from the safety of land).
27 August 2021
|
External
:
Top trends in tech
75% of the global energy will be produced by renewables in 2050
As clean technologies come down the cost curve, they become increasingly disruptive to traditional business models. Hereby they create new business-building opportunities, operational-improvement programs driven by clean technologies, and new climate-change mandates that could alter the balance sheet of carbon-intense sectors—all while providing the green energy needed to sustain exponential technology growth.
27 August 2021
|
External
:
Top trends in tech
The release and uses of the Operational Technology Cyber Attack Database (OTCAD)
OTCAD is a new cyber attack database that is unique in its size, as it is mapped to a single framework. This allows for structural analysis of the OT threat landscape. The database is publicly accessible and can be extended and adjusted through collaborative means. These factors combined form an exciting and useful new database that can open up many new areas of research in the coming years.
28 September 2021
|
Report
:
OTCAD: Operational Technology Cyber Attack Database
Cyber resilience for SME's
Cyber resilience is defined here as the ability to resist known and unknown forms of cyber
crime and recover quickly from a cyber crisis. The report investigated how SMEs in the metals sector organize their cyber-security and related security measures and how this process can be improved. It turns out that the companies surveyed are fully digitized and dependent on ICT for their primary process. The implementation and maintenance of this ICT is outsourced to external ICT suppliers. Many directors also (partially) outsource security to these ICT suppliers. As a result, these ICT suppliers implement generic technical measures without specifically looking at the organization in question and its risks. Crucial measures aimed at the organization of the company and the behavior of personnel are then often omitted.
30 November 2021
|
Report
:
Van Theorie naar Praktijk
Digitization has made society increasingly dependent on IACS and more vulnerable for large-scale incidents
Industrial Automation & Control Systems (IACS) are increasingly used in vital infrastructure and processes such as bridges, locks, water purification and energy supply. These ICT based systems are often connected to old legacy systems making it vulnerable for both unintentional incidents and attacks by malicious actors. In this way a small cybersecurity leak can lead to a large scale chain disruption.
21 May 2021
|
Report
:
Advies inzake de digitale veiligheid van Industrial Automation & Control Systems (IACS) in de vitale infrastructuur van Nederland
The Netherlands is insufficiently prepared for the consequences of the failure of IACS
Wet Beveiliging Netwerk en Informatiesystemen (WBNI) prescribes managing risks from external dependencies of third parties as the responsibility for the individual vital service provider, there is limited insight to the risks and dependencies between government and the industries active in the vital infrastructure sectors.
21 May 2021
|
Report
:
Advies inzake de digitale veiligheid van Industrial Automation & Control Systems (IACS) in de vitale infrastructuur van Nederland
The Internet of Things (IoT) is growing at a staggering rate
The Internet of Things (IoT) is growing at a staggering rate. It is forecasted that the number of connected things in use globally will surge from 8.4 billion in 2017 to 20.4 billion by 2020, with total spending on endpoints and services exceeding $2 trillion. IoT unlocks tremendous value for the individual, for organisations and for governments.
4 June 2021
|
Report
:
The IoT Security Landscape
There is a need for stronger collaboration towards tackling IoT security challenges
Many government agencies, academic institutes, industry alliances and individual vendors have made efforts towards tackling IoT security challenges; however, there is limited collaboration between these initiatives. Consequently, there exist hundreds of documents with significant duplications and possible contradictions. IoT product developers, and vendors involved in the IoT supply chain and life cycle, may find themselves overwhelmed – or they may take advantage of the lack of clarity to do nothing at all. There is an immediate need for harmonisation on security recommendations and guidelines as well as coordination on security assurances in the form of regulation and certification. Given the continuing exponential growth in the number of IoT devices, there is no time to lose.
4 June 2021
|
Report
:
The IoT Security Landscape
IoT faces two primary risks and several threats and vulnerabilities
The two primary risks facing IoT are:
1. Consumer privacy and safety are being undermined by the vulnerability of individual devices, connectivity, and back-ends; and
2. The wider economy and critical infrastructures face an increasing threat of large-scale cyber-attacks launched from massive numbers of insecure IoT devices. At this moment less than 4% of IoT devices are secure by design
Additionally, IoT faces several threats and vulnerabilities, namely: vulnerable device software, privacy threat, eavesdropping, DDoS, firmware-level attack, device cloning or substitution, data leakage, malware, and weak user/admin credentials and authentication.
4 June 2021
|
Report
:
The IoT Security Landscape
IoT security challenge: cybersecurity and privacy by design
To build cybersecurity and privacy by design into IoT, a set of security principles should be adopted and adhered to. There is currently no single set of IoT security and privacy principles that is internationally recognized and adopted. The diversity in proposed IoT security principles between different countries and initiatives illustrates a lack of collaboration, especially between governments. Due to the lack of globally-adopted principles, a language towards common understanding of shared IoT challenges and issues is lacking. Such a language is required to define a global governance process. Consumers and companies are not uniformly aware of the cybersecurity risks and may not be equipped to respond properly.
7 June 2021
|
Report
:
The IoT Security Landscape
IoT security challenge: evaluation and certification
There is a distinct lack of labels to inform end users about IoT device security and risks. However, efforts to create a labelling scheme are under way in various parts of the world. It should be ensured that these schemes are aligned in order to create a level playing field for
vendors. There are as yet no CC cPPs specifically for IoT devices. It should be determined whether these can be generic or specific to application domains. Non-CC alternatives can provide a light-touch approach to certification and should be explored.
7 June 2021
|
Report
:
The IoT Security Landscape
IoT security challenge: secure communications and infrastructure
The networking and interoperability challenge has seen extensive work as well as significant standardisation; however, an in-depth review is required of the security of these communication solutions and the security and privacy requirements on each level of the communication stack in the IoT ecosystem. Good practices are lacking regarding the technical feasibility of security controls running on resource constrained devices. Security reference architectures are required. Secure gateways can provide high-security deployments even with low-cost IoT devices.
7 June 2021
|
Report
:
The IoT Security Landscape
IoT security challenge: security monitoring and analytics
Data collection and analytics for massive numbers of IoT devices is a major challenge. New metrics and methodologies are required to support IoT infrastructure analytics given the data characteristics of resource-constrained IoT devices. Monitoring and analytics capabilities should provide input for vulnerability management programs. In case vulnerabilities are not solved by the supplier, monitoring tools should be able to detect and disconnect vulnerable devices from the internet. The industry should act as a global community when learning from incidents. This requires an open culture of sharing incidents and mutual learning where security is a joint responsibility.
7 June 2021
|
Report
:
The IoT Security Landscape
Lectoraat Cybersecurity in het mkb
Cybercrime - and along with that cybersecurity - is a huge social problem. The criminological study of cybercrime is still in a early stage. It is not just essential to exercise thorough scientific research (long-term) but also the practices and acute problems in the here and now. Technology plays an important role in cyber incidents but we are talking about men who exercise those cyber attacks, people who - known or unkown- collaborate in those cyber attacks, people who become a victim and people that conduct themselves to stopping those cyber attacks.
21 December 2021
|
Report
:
Jaarverslag 2020 - Lectoraat Cybersecurity in het mkb
Those wanting to protect cyberspace have struggled to keep up with those who want to undermine it
Those concerned with the stability of cyberspace have struggled to keep up with those who seek to undermine it, as well as keep pace with technological developments and the evolution of geopolitical conflicts. This is partly due to the fact that cyberspace has transformed the way actors pursue political and military objectives and have new technology in their toolkits.
20 May 2021
|
Report
:
Advancing Cyberstability
Cyber attacks make clear that the world needs a Cyberstability Framework
Over the last decade, the number and sophistication of cyber attacks have increased, including attacks on government systems and critical infrastructures. Cyber attacks, which are conducted by both state and non-state actors, make clear that the world needs a Cyberstability Framework. Such a framework will serve to reduce the potential for significant disruptions of cyberspace that will undermine its benefits and reduce people’s well-being, including their rights and freedoms
20 May 2021
|
Report
:
Advancing Cyberstability
Technologies such as artificial intelligence will be further implemented in the coming years, with positive and negative consequences for digital security
The coming years will be characterized by the further implementation of technologies that have been written about and discussed for some time. An example is the application of artificial intelligence. The dissemination of autonomous systems increases digital vulnerability, and smart algorithms have positive and negative effects on digital security.
13 January 2021
|
Report
:
Cybersecuritybeeld Nederland
In the coming years, digital security will be affected by the interaction between technology and other developments
1. For example, the further transition to a data-driven economy, with additional concerns about privacy and digital security, will increase the importance of digital security.
2. The COVID-19 pandemic has further increased the use of digital services and the digital space. This can be an incentive for further digitization. That also increases the importance of digital security.
The increasing dependence on foreign technology also increases the importance of digital security. This offers opportunities, but also makes it vulnerable to actions by malicious parties, especially when it concerns foreign parties assertively pursuing their own geopolitical agenda, and to dropouts. Dependence on ICT products or services from countries that have been identified as having an offensive cyber program against the Netherlands is a risk-increasing factor.
4. And rising geopolitical tensions will increase the digital threat from state actors.
13 January 2021
|
Report
:
Cybersecuritybeeld Nederland
The threat posed by ideologically motivated actor groups (hacktivists and terrorists) and actor groups acting on a personal motive (insiders, cyber vandals and script kiddies) is relatively small
No substantial attacks against the Netherlands or Dutch interests have been observed from these actor groups for years. There is no reason to assume that this will be any different in the coming years. However, polarization within society on issues such as nitrogen policy and the rollout of 5G can lead to an increase in cyber attacks by hacktivists or physical attacks with digital consequences. An example of this is the recent arson attacks in cell towers for mobile telephony and data traffic. These can lead to a breakdown of telephony and the emergency number 112.
13 January 2021
|
Report
:
Cybersecuritybeeld Nederland
Possible new forms of cooperation in top segment cyber criminals
The police see a possible new form of interaction between different groups within the top segment of cyber criminals. Previously, these groups operated fairly autonomously and carried out many process steps independently. Now there seems to be cooperation between specific groups. Both the police and a number of security companies find it plausible that some criminal actors in the top segment trade access to corporate networks among themselves, after they have compromised and judged them on the value.
13 January 2021
|
Report
:
Cybersecuritybeeld Nederland
Threat against primary targets and targets as a springboard
The annual report (= het jaarbeeld) shows that many types of organizations are targeted by attackers. It can vary by country and by type of espionage at which state actors focus their political espionage activities. For example, top sectors in the Netherlands are an obvious target for economic espionage and the national government for political espionage. Vital processes are a popular target for sabotage by state actors. Wealthy organizations are a favorite target of cyber criminals. In addition to the "primary" targets mentioned, attackers also target targets that can form a springboard to other targets. The digital space, the mostly global supplier chains and concentrations of personal data are ideally suited for this. This concerns, for example, suppliers of hardware and software, vital processes, such as those of telecom companies, or organizations that collect and process personal data on a large scale, including medical and employee data. For these "derived" targets, actors actively look for weak links in chains, as a stepping stone to (more) interesting targets. This means that sectors or organizations that seem to be of no interest to attackers can still be interesting as a stepping stone to another primary target.
The threat also exists because outages can occur at or via these targets. For example, system failure due to technical failure or failure due to human errors in implementation
13 January 2021
|
Report
:
Cybersecuritybeeld Nederland
Digital risks seem to be underestimated
Despite the potentially major impact of cyber incidents, they are difficult to put on the agenda. To be able to make a decision, parties must be aware of digital risks. The Scientific Council for Government Policy (WRR) argues that the absence of truly disruptive events makes it difficult to put disruption on the agenda, let alone underline its urgency and gain it widely accepted. investing in digital security is not easy. Ideally, an assessment is also required of the risks, possibilities and costs of increasing resilience, but that is not easy. According to the Central Planning Bureau (CPB), organizations have an incomplete picture of the costs and benefits of investing in cyber security and there are various uncertainties. The investment level can then be too high or too low. The first reason for the incomplete picture is that several advice and guidelines are circulating about the optimal level of investments and about necessary measures. A second reason is that information is lacking about the magnitude of digital risks and the financial consequences because organizations: 1) do not notice every attack, 2) do not want to make every attack public, and 3) cannot always estimate the consequences of an attack. are the long term. A third reason is that some of the consequences of inadequate cybersecurity can affect third parties, the aforementioned external effects. Scientific - especially economic - literature also points to an "information problem" for making decisions about cybersecurity.
13 January 2021
|
Report
:
Cybersecuritybeeld Nederland
Organizations are unable to cope with phishing
It is complex for organizations (and citizens) to arm themselves against phishing, which is again the most used (first step of an) attack method in the past reporting period. Nevertheless, basic measures can be used to create barriers or limit further damage. To make phishing less effective, more and more organizations are running campaigns among employees to raise awareness of the dangers of phishing. The government also started an awareness campaign. Research has shown that this has an effect: click rates in phishing exercises drop. In 2018, Google reported that, due to the use of security keys (physical hardware keys, for example USB), none of their more than 85,000 employees has been successfully phished. Due to the use of the keys, the click behavior of the user was no longer relevant. The use of security keys is not (yet) considered a basic measure, but it does show that it is possible to greatly reduce the success rate of phishing. Phishing requires constant vigilance. There is less and less clicking on wrong links, but it still happens. Attackers also adjust their working method. Phishing traditionally takes place via e-mail, but the annual report indicates that cyber criminals also use phishing via SMS (smishing). Attackers also increasingly successfully steal sensitive information via social media in order to approach someone in a targeted manner, which is so-called spear phishing. This makes it difficult for a recipient to recognize that it is phishing.
13 January 2021
|
Report
:
Cybersecuritybeeld Nederland
Resilience against digital threats is not yet in order everywhere. Parties are therefore extra vulnerable to cyber incidents.
This is certainly the case when insufficient basic measures have been taken to create initial barriers against attacks, limit damage and simplify recovery when incidents do occur.
The vast majority of cyber attacks still use simple methods. These remain effective because basic measures are insufficiently implemented. Basic measures can also help against advanced attacks.
13 January 2021
|
Report
:
Cybersecuritybeeld Nederland
Unsafe products and services are the Achilles heel of digital security
Digitally unsafe products and services are still a fundamental cause of cyber incidents. They lower the threshold for attackers because they make it easier to carry out successful attacks. The insecurity can for example arise because suppliers supply insecure configurations by default. For example, 2019 saw an increase in abuse of misconfigured cloud applications. This included publicly accessible cloud storage, unsecured databases and unprotected backup servers. Insecurity can also arise because suppliers no longer make security updates available, or because these updates are not easy to install or because update mechanisms can be compromised.
13 January 2021
|
Report
:
Cybersecuritybeeld Nederland
Complete and clear picture resilience of vital processes is (still) missing
A complete and clear picture of the digital resilience of vital processes and associated systems is (still) lacking. Gaining a complete understanding, including the extent to which measures are effective and efficient, is complex. For example, reliable methods and techniques to measure resilience for an assessment of the risks to national security are still under development. The supervision of cyber security in the context of the Wbni has not existed for very long for a number of supervisors. This year, however, the first effects are visible of better insight among regulators into the digital resilience of providers of vital processes.
13 January 2021
|
Report
:
Cybersecuritybeeld Nederland
Cyber attacks by state actors as a means of information operations
Some countries use information operations as a tool in hybrid conflicts. Through these operations, they try to sow division on subjects that are sensitive to the various target countries or allied organizations. Social polarization and the fragmentation of the political landscape in a large number of countries are a breeding ground for this. In 2019, an investigation by the MIVD brought to light information operations aimed at the Netherlands, other Western countries and allied interests.
13 January 2021
|
Report
:
Cybersecuritybeeld Nederland
Cyber attacks by state actors as a means of sabotage
The AIVD and MIVD regard the possible digital disruption and sabotage of the vital infrastructure as one of the greatest cyber threats to the Netherlands and its allies. Multiple states have demonstrated the ability and willingness to deploy digital sabotage to achieve their geopolitical goals. The AIVD has been observing for some time that some of these states are making preparations to make digital sabotage possible for future use. These preparations consist of the embedding in ICT systems of, among other things, vital infrastructure. In 2019, the MIVD also recognized various preparatory sabotage activities aimed at Western countries and allied interests. At the moment, states lack the intention to use digital sabotage against the Netherlands. However, this intention is changeable and depends on geopolitical developments.
13 January 2021
|
Report
:
Cybersecuritybeeld Nederland
Investment in innovation grows
The good news is that most organizations, on average, spend 10.9 percent of their IT budgets on cybersecurity programs. Leaders spend slightly more at 11.2 percent which is insufficient to account for their dramatically higher levels of performance. And their investments in advanced technologies, such as artificial intelligence, machine learning or robotic process automation, are rising substantially. Today, 84 percent of organizations spend more than 20 percent of their cybersecurity budgets on tools that use these three technologies as fundamental components. The finding represents a good step up from the 67 percent being spent three years ago. The increase is even more impressive with respect to the leaders. Three years ago, only 41 percent of leaders were spending more than 20 percent of their cybersecurity budgets on advanced technologies. Today, that has doubled, to 82 percent.
22 January 2021
|
Report
:
Third Annual State of Cyber Resilience
The basics seem better
The suggestion that organizations are making progress in cybersecurity is valid. In fact, more than four out of five respondents agreed that cybersecurity tools have advanced significantly over the past few years and are noticeably improving their organization’s cyber resilience.
Improvements in basic security hygiene back up this finding. Being able to accurately assess the number of cyberattacks against an organization depends on the ability of each organization to detect them. On the other hand, security breaches are real events and likely to be more precisely recorded. With this in mind, cybersecurity teams across industries and geographies deserve recognition for the improved levels of cybersecurity protection over the past year. For example, the total number of cyberattacks dropped 11 percent, from 232 to 206 targeted attacks. At the same time, we have seen a larger drop of 27 percent in the number of security breaches which indicates the basics seem to be improving. On average, organizations now face 22 security breaches per year compared with 30 in the previous year.
22 January 2021
|
Report
:
Third Annual State of Cyber Resilience
Progress masks hidden threats
Indirect attacks against weak links in the supply chain now account for 40 percent of security breaches.
A closer look at the sources of cyberattacks reveals 40 percent of security breaches are now indirect, as threat actors target the weak links in the supply chain or business ecosystem. This shift is blurring the true scale of cyberthreats. If we apply the same average number of security breaches to indirect cyberattacks, the total number—both direct and indirect—could jump to about 280, a potential increase of 20 percent over the prior year.
Organizations should look beyond their four walls to protect their business ecosystems and supply chains as well. On average, cybersecurity programs actively protect only about 60 percent of an organization’s business ecosystem. That is an issue when 40 percent of breaches come via this route. In such an environment, few organizations have the luxury of standing still. Fully 83 percent of our respondents agreed that their organizations need to think beyond securing their enterprises and take steps to secure their ecosystems to be effective.
22 January 2021
|
Report
:
Third Annual State of Cyber Resilience
Unsustainable cost increases
Another threat is cost increases beginning to reach what many respondents consider unsustainable levels. Despite rising investments in new technologies for cybersecurity programs, our research highlights many areas where the cybersecurity technologies being purchased by this spending are failing.
Looking at a broad range of 17 different components of cybersecurity protection, 60 percent of respondents reported cost increases on all 17 components over the last two years. A significant number, almost one quarter, reported cost increases of more than 25 percent a year across all 17 components. The three areas of cybersecurity protection with the largest increases in cost are network security, threat detection and security monitoring. Reflecting these trends, 69 percent of our respondents said staying ahead of attackers is a constant battle and the cost is unsustainable
22 January 2021
|
Report
:
Third Annual State of Cyber Resilience
Security investments are failing
Failures lead to gaps in protection, lower detection rates, longer business impact and more customer data loss.
More bad news is threatening organizations’ cyber resilience in several areas and causing security investments to fail. Our research identifies serious gaps in protection, very low detection rates, much longer business impact and customer data being exposed. Yet, our leaders are, once again, proving the exception in many of these areas.
With only a little more than half of their organization covered by their cybersecurity programs, non-leaders are at risk of having many areas unprotected. This contrasts with leaders who are able to cover 85 percent of their organization with their cybersecurity programs. The difference reflects a substantial gap in protection between the two groups.
22 January 2021
|
Report
:
Third Annual State of Cyber Resilience
Deadliest events recorded in 2019: summer heat waves in Europe
The deadliest natural disaster events recorded in 2019 were the summer heat waves that affected Europe, more specifically France, Belgium and the Netherlands, with over 2500 deaths. The National Oceanic and Atmospheric Administration (NOAA) ranked 2019 as the second warmest year on record. Temperature records were also shattered on individual country levels: for the first time, Belgium and the Netherlands recorded temperatures over 40°C. In general, the impact of heat waves remains grossly underestimated.
12 May 2021
|
Report
:
Natural disasters 2019
Worldwide increase in natural disasters, while their impact decreased.
In 2019, 396 natural disasters were recorded with 11,755 deaths, 95 million people affected and 103 billion US$ in economic losses across the world. In comparison to the previous decade (2009-2018), in 2019 there were more disasters compared to the annual average of 343 events, fewer deaths compared to the annual average of 45,212, fewer number of people affected compared to the annual average of 184.7 million people, and lower economic losses compared to the annual average of $176 billion.
12 May 2021
|
Report
:
Natural disasters 2019
Phishing and ransomeware campaigns are being launched to exploit the current crisis and are expected to continue to increase in scope and scale
In recent years, criminals have focused their attacks on organisations as there is a relatively high likelihood of receiving payment. The types of criminals exploiting the COVID-19 pandemic online were also active in the area of cybercrime before. However, some are believed to have intensified their activities.
- Slight increase of distributed denial-of-service (DDos) attacks following the outbreak of COVID-19.
- Initial spike in domains registered related to the words 'corona' and 'COVID', however, current figures indicate that this has stabilised. (Registered domain names form the backbone for many criminal operations).
Outlook for the future:
- The pandemic may multiply the damaging impact of a successful attack against certain institutions, which reinforces the necessity for effective cyber resilience.
- The number of phishing attempts exploiting the crisis is expected to continue to increase. However, we also expect a greater number of inexperienced cybercriminals to deploy ransomware-as-a-service.
15 May 2021
|
Report
:
Catching the Virus Cybercrime, Disinformation and the COVID-19 Pandemic
Today’s AI is driven by Machine learning
The current uptake in AI is largely due to the application of Machine Learning algorithms, whose performance change by exposing them to more data over time. These algorithms make use of (dynamic) input in order to derive machine-made patterns from the information and translate these to insights and actions
21 May 2021
|
Report
:
Making AI Work in the Netherlands
COVID-19 has made it difficult for startups to create new revenue or sustain their growth for future financing
The impacted areas are quite consistent and 84% of the COVID-19 impact is covered in three key areas: delay in customer sign ups (30%), difficulty in raising money (27%) and the loss of existing customers or business (27%). These three concerns makeup over 80% of respondents' biggest challenges and evolve around the difficulty in creating new revenue or sustaining the growth they need for future financing. On the side of cost control 85% of companies are at this stage actively cutting cost. 42% of startups anticipate they will run out of money in the next 1-3 months and another 32% anticipate they will run out of money in the following 3-6 months. 30% of startups have had funding delayed or cancelled.
10 June 2021
|
Report
:
The Dutch Tech Ecosystem and COVID-19
67% of startups indicate they need bridge funding to survive the effects of COVID-19
COVID-19 impact on startups is severe, it is still expected that its duration will be limited and as such should not present a structural issue for most startup business and financing models. 67% of startups indicate they need bridge funding for the period until the moment that things go back to ‘normal’. Basically they urgently need short-term working capital to survive the effects of COVID-19 has on their company. This need of bridge funding is by far the most frequently voiced support that startups need, and more than double of any of the other support needs. This echoes the importance of this funding for the entire startup ecosystem and this should be addressed in any measures taken.
10 June 2021
|
Report
:
The Dutch Tech Ecosystem and COVID-19
A difference can be seen regarding Dutch people who are well informed about the technical aspects of the internet and those who embrace the digital world as part of their social life
Individuals who are well informed about the technical aspects of the internet prefer not to share (too) much information about their personal life, seen that they are aware of what can be done with personal data.
Others are not always aware of digital risks or do not want to see them. Consequently, they have no problem sharing information about themselves online.
21 June 2021
|
News
:
National Cybersecurity Awareness Survey Secure Online 2020
Startups have lost significant revenue due to the COVID-19 crisis
During the COVID-19 crisis, 50% of Dutch startups have lost significant revenue. Most founders indicate the need for short term (1-3 months) bridge funding, with the amount needed ranging from €100,000 to €400,000.
21 June 2021
|
News
:
Impact of Corona on the Dutch Startup Ecosystem
The most mentioned safety and security problems for multinationals in The Hague are cybercrime, reputational damage and lack of innovation
According to research conducted by the HSD, the most mentioned safety and security problems for multinationals in The Hague are cybercrime, reputational damage and lack of innovation. Other problems that arise are: interruption of business operations, distribution or logistic failure, failure to attract or retain talent, economic slowdown, unethical behaviour, geopolitical tensions and occupational accidents.
22 June 2021
|
News
:
HSD Research: Utilization of Transactional Environment for Safety & Security within Multinationals
Most commonly feared cyberthreats amongst Dutch organisations
The most commonly feared cyberthreats among Dutch organisations are data leakages (40%), phishing attacks, malware attacks / vulnerability exploits (35%) and extortion / destruction of the organisation's data (25%). In case of a ransomware attack, 30% of Dutch organisations would pay the ransom in order to get their data back. However, opinions vary widely on this topic. For example, about 50% of the surveyed CxOs would pay the ransom, compared to the 29% of CISOs.
23 August 2021
|
News
:
Results Dutch Cyber Security Landscape Survey
92% of Dutch organisations claim to have an up-to-date cyber security strategy
92% of Dutch organisations claim to have an up-to-date cyber security strategy. On the other hand, 6% of Dutch organisations are starting to set up their strategy, while 15% are already working on a next-level strategy.
Furthermore, many success factors are cited for achieving cyber security goals. The most frequently cited factors are increased operational excellence, clear cyber security communication, cyber security awareness training and compliance.
23 August 2021
|
News
:
Results Dutch Cyber Security Landscape Survey
Researchers are collaborating on an international scale against DDoS attacks
Over forty researchers from the Netherlands and the United States are sharing knowledge, insights and experiences regarding Distributed Denial of Service (DDoS) attacks. For example regarding orphan domain names can be used for malicious content and DDoS attacks that are conducted via poorly secured IoT devices.
24 August 2021
|
News
:
International Collaboration Against DDoS Attacks
Four profiles of cyberattackers have been identified based on their motive
Out of approximately sixty major groups of attackers, 49% are state-sponsored groups often aiming to steal sensitive data from targets out of geopolitical interest. 26% are ideologically motivated hacktivists, closely followed by cybercriminals (20%) who are driven by financial gain. In fourth position, cyberterrorists account for 5% of the groups analysed.
24 August 2021
|
News
:
The Cyberthreat Handbook: 'Who's Who' of Cyberattackers
1.2 million people have fallen victim to cybercrime
8.5% of internet users in the age group of 12 years and older stated that they were a victim of digital crime in in the past twelve months in 2018. This concerns 1,2 million people. Especially young people fell victim. Financial fraud was on top of the list of crime according to a recent report.
24 August 2021
|
News
:
CBS: 1,2 Million Victims of Cybercrime
Ethiopia is at risk of multiplying conflicts stretching the capacity of the state
Several groups, driven by ethno-regional nationalism seek formal recognition, authority, and territory in Ethiopia. Administrative recognition and dominance are the basis of most conflicts that the current government confronts. Over the past year, ethnic political parties from various regions have generally become more radical in their claims for self-determination. Furthermore, armed groups are challenging federal government troops across areas of the country, while ethnic violence and killing occurs on a weekly basis.
15 February 2023
|
External
:
Ten Conflicts to Worry About in 2021
India and Pakistan are at risk of increased cross-border violence in Kashmir
In 2020, relations between India and Pakistan plummeted due to increased clashes along the disputed Jammu and Kashmir (J&K) border. India focused on deflecting opportunities for negotiation and tightening control of Kashmir, while promoting pro-Indian politics in the region. Pakistan responded by continuously casting doubt on the bilateral ceasefire agreement with India by highlighting Indian violations and human rights basuses in Kashmir at international diplomatic forums, as well as inciting violence near the Line of Control (LoC).
Cross-border violence between India and Pakistan in the Kashmir region is expected to continue increasing in 2021. With both sides adopting non-cooperative militarized strategies, bilateral attempts at resolving the Kashmir conflict remain unlikely in the near future.
15 February 2023
|
External
:
Ten Conflicts to Worry About in 2021
Myanmar is at risk of dormant conflicts reigniting
In the past few years, conflict has been on the rise in Myanmar. Most notably, the military's use of airstrikes and shelling both during combat and in civilian areas has been increasing relative to 2019. Many civilians have been injured and killed during the conflict over the past two years. While fighting has temporarily stopped, no stable solution to the conflict has been achieved.
Furthermore, anti-war demonstrations in 2020 by youth activists were met with state repression. Anti-war sentiment among the youth in Myanmar notably crosses ethnic boundaries, and the continued repression of such activism is only likely to lead to further discontent.
As 2021 progresses, in addition to the likelihood of increased disorder resulting from the military coup, the threat that dormant armed conflicts could reignite remains.
15 February 2023
|
External
:
Ten Conflicts to Worry About in 2021
There is a high risk of increased gang violence amid rising authoritarianism in Haiti
Amid a worsening political crisis, the security situation in Haiti has continued to deteriorate as levels of gang violence have increased. Throughout 2020, violence against civilians in the country rose by nearly 35% compared to 2019. Violence has been concentrated mostly in the impoverished neighborhoods of Port-au-Prince, which are divided and controlled by local gang lords.
The upsurge of violence in Haiti is largely tied to the operations of local gangs whose activities are often connected to political developments in the country. In 2020, the majority of violence against civilians was perpetrated by both known and unidentified criminal groups. The rise of gang violence is likely connected to the end of President Jovenel Moise’s constitutional mandate on 7 February 2021 and to the upcoming elections scheduled for September 2021.
15 February 2023
|
External
:
Ten Conflicts to Worry About in 2021
People Centric Security Trends
Although the 2020 pandemic changed how many people work and interact with organizations, people are still at the center of all business. And they need digitalized processes to function in today’s environment.
30 March 2021
|
External
:
Gartner Top Strategic Technology Trends for 2021
Location Independent Strategic Technology Trends
Location independence: COVID-19 has shifted where employees, customers, suppliers and organizational ecosystems physically exist. Location independence requires a technology shift to support this new version of business.
30 March 2021
|
External
:
Gartner Top Strategic Technology Trends for 2021
Avoid Supply Chain Disruptions By Tooling Its Management
The current pandemic has greatly contributed to supply chain failures and, consequently, disruption of critical services. Forrester predicts that firms will use supply chain risk intelligence solutions and mapping tools integrated with GRC solutions to mitigate supply chain risk and improve overall business resiliency.
30 March 2021
|
External
:
The Top Security Technology Trends To Watch, 2020
COVID-19 Forces Changes To Access Controls And Adoption Of New Security Tooling
COVID-19 will lead to reduced security budgets, forcing firms be more efficient in their security spend. In response, firms will use the MITRE ATT&CK framework, adopt Zero Trust-based identity-centric access controls, protect data with antisurveillance tools, and invest in securing and protecting cloud platforms and workloads.
30 March 2021
|
External
:
The Top Security Technology Trends To Watch, 2020
Doing Less With More Bolsters Security Resourcefulness And Automation
Companies facing security budget cuts will need to become more resourceful: Focusing
on automation, building in-house security technologies, and increasing customer-facing security are early areas of investment. Firms striving to be leaner will need to develop stronger business justification processes and reduce internal process complexities for easier security to keep firms protected.
30 March 2021
|
External
:
The Top Security Technology Trends To Watch, 2020
Virtual meeting platforms have become a popular medium for BEC-scams.
During the pandemic a lot more business was conducted in online work/meeting spaces. This is also abused by threat actors via a compromised business e-mail adress in combination with video/audio spoofing.
11 January 2023
|
Report
:
Internet Crime Report 2021
Confidence fraud and romance scams result in a near billion dollar loss for citizens.
Confidence fraud and romance scams is still a prominent form of internet crime. These types of fraud target people with little knowledge about scams by pretending to be a relative in need of monetary support.
11 January 2023
|
Report
:
Internet Crime Report 2021
Ransomware stays relevant amidst digitalisation of workspaces.
Ransomeware threat actors are growing in technical sophistication. Due to the rise in online work/meeting spaces the remote attack surface for the actors has increased.
11 January 2023
|
Report
:
Internet Crime Report 2021
In recent years, more focused forms of ransomware attacks have been performed
In recent years, malicious individuals have conducted more focused forms of ransomware attacks, targeting individuals and organisations which can pay larger amounts of ransom. Once a malicious individual has access to the systems of a target, an evaluation can be made of the 'worth' of the target. The asked amount of ransom is adjusted according to the estimated worth of the target.
14 April 2021
|
Report
:
Ransomware
Cybercriminals specialise in offering ransomware as a service
Within the domain of cybercrime, cybercriminals are professionalising and specialising in offering ransomware as service. Cybercriminals exploit access points to networks and other vulnerabilities, for example through ransomware attacks. The obtained information is thereby sold to other individuals or groups.
14 April 2021
|
Report
:
Ransomware
In order to prevent ransomware from infecting systems it is necessary to first protect systems against phishing attacks
Protecting organisations against phishing attacks entails multiple components. First of all, the security of e-mails can be improved through SPF, DKIM and DMARC standards. Secondly spamfilters and phishingtests can be applied to reduce the risk of phishing attacks form occurring. Lastly, the awareness of employees regarding phishing attacks can be enhanced through trainings and structured processes.
20 April 2021
|
Report
:
Ransomware
Protecting vulnerabilities against ransomware
Some variants of ransomware abuse vulnerabilities in operating systems, webbrowsers, browser plug-ins and applications. Vulnerability management (updating systems), patch management (patching systems) and network segmentation are important processes in protecting such vulnerabilities. For example, the utilisation of secure VPN connections and the identification of users through Multi-Factor Authentication (MFA) are forms of network segmentation.
20 April 2021
|
Report
:
Ransomware
The principle of zero trust is emerging
The principle of zero trust refers to an information-security framework in which zero trust is placed on the existence of a safe network. This principle essentially removes the distinction between internal and external networks. Organisations that for example apply a Bring Your Own Device (BYOD) policy can implement the zero trust principle. Also, processes such as 'micro-segmenting' and Privileged Access Management (PAM), in which a whitelist is composed of individuals that can access certain systems, are (zero trust) solutions that can mitigate risks.
20 April 2021
|
Report
:
Ransomware
Citizens, businesses and municipalities are collecting more and more sensor data
In the past twenty years, the use of digital sensors in society has grown explosively. Citizens and businesses own a thousand times as many security cameras as the police. That is without all smartphones and other sensors. In practice, these are a great many digital witnesses who can support police work.
20 May 2021
|
Report
:
Burgers en Sensoren
Private parties will carry out and enforce their own investigative work with sensor data
In addition to the police and municipalities, private parties (citizens and companies) are increasingly using sensors and sensor data to make their own living environment more liveable and safer. Citizens and companies not only collect sensor data to share with the police (witnesses), but also analyze the data themselves (detect it) and take action (enforce it). This kind of 'do-it-yourself-policing' takes place on their own initiative. We see this happening more often in the business world, but also by citizens.
20 May 2021
|
Report
:
Burgers en Sensoren
Multiple factors play a role in people's views on sensor surveillance
Citizens are not simply for or against a particular sensor application. Three personal dimensions can play a role in people's considerations, namely personal characteristics, attitudes, and the direct social environment. Additionally, three dimensions of sensor applications can play a role in people's considerations, namely:
1. Sensor technology: how sensor technology works.
2. Social practice and actors: the social practice in which the technology is applied and the actors who play a role in this.
3. Social, institutional context: the broader social, cultural and institutional context in which the sensor is applied
21 May 2021
|
Report
:
Burgers en Sensoren
Societal disruption: small chance, big consequences
social disruption is an unlikely outcome of a complex process. A lot has to go wrong before the conditions are in place that enable a process of social disruption. It is a unique combination: a widely shared fear of a long-term failure of critical facilities, a dwindling confidence in the capacity of government and society to solve the problem and collective behavior that makes the situation worse. It can happen but it rarely happens. But when a society becomes disrupted, the process is difficult to stop. That's because this dynamic process has a self-reinforcing effect (a vicious circle is created). Without timely and adequate intervention, collective behavior can develop that will promote a deepening of the disruption. Here the problem arises that local, regional and national authorities appear to be not or hardly prepared for the specific challenges they will face in such a situation. In fact, the approach and arrangements, which usually seem to work during "ordinary" crises, can be counterproductive in a situation of social disruption.
25 May 2021
|
Report
:
Naar een gezamenlijke aanpak van ongekende crises
Cyber disruptions pose specific challenges that can further fuel the process of social disruption
Cyber disruptions can lead to social disruption. Cyber disruptions entail the following specific challenges that can further fuel the process of social disruption:
-Unpredictable consequences and complexity
-Disinformation and fake news
-Lack of expertise and experience
-Cross-border reconciliation
However, the social process - which is accompanied by social disruption - is not very different from a disruption of a different nature.
25 May 2021
|
Report
:
Naar een gezamenlijke aanpak van ongekende crises
Increase in BEC, Covid-19 is still the lure in E-mail fraud campaigns
E-mail related threats have been consistently ranking high in the list of prime threats in the ETL for a number of years. Phishing aims at stealing important information like credit card numbers and passwords, through e-mails involving social engineering and deception. Business e-mail compromise (BEC) is a sophisticated scam targeting businesses and organisations, whereby criminals employ social engineering techniques to gain access to an employee’s or executive’s e-mail account to initiate bank transfers under fraudulent conditions. As expected, the COVID-19 pandemic has given rise to this category of threats, since people’s online presence and need for communication has greatly risen during this period. Moreover, the digitalisation of many traditional services grew at an unprecedented rate during the pandemic, and given e-mail’s lead role as a communications means, the increase in e-mail related threats was undeniable.
4 November 2021
|
Report
:
Enisa Threat Landscape 2021
Trends in threats against data
Threats against data form a collection of threats that target data sources with the aim of gaining unauthorised access, disclosure, misinformation, disinformation, etc. They are mainly referred to as data breaches or data leaks and refer to the release of sensitive, confidential or protected data to an untrusted environment. Threats against data consistently rank high among the leading threats of the ETL and this trend continues in the reporting period of the ETL 2021. Moreover, given the significance of data and in particular of private and sensitive data, adversaries are combining more sophisticated threats to target data, such as ransomware or supply chain attacks. We observed an increasing trend in the number of incidents reported during 2021. This observation relates primarily to the surge of data breaches in the health sector.
4 November 2021
|
Report
:
Enisa Threat Landscape 2021
Trends in DDoS and web-used attacks against availability and integrity
Availability and integrity are the target of a plethora of threats and attacks, among which the families of Distributed Denial of Service (DDoS) and Web Attacks stand out. DDoS and web-based attacks are often coordinated activities. DDoS attacks can be built on a web-based attack, which are often distributed through web applications. For instance, web-based attacks can be adopted to build a botnet that is then used to carry out a denial of service attack aimed to make a system unavailable. Both web attacks and DDoS attacks have remained stable over the years, while some interesting points on their evolution may be noted. According to EUROPOL, “the threat potential of DDoS attacks is higher than its current impact in the EU.
4 November 2021
|
Report
:
Enisa Threat Landscape 2021
CIO's lead the bold disruptors: 30% of firms will increase spend on cloud, security and risk, networks, and mobility
In 2021, 30% of businesses will continue to accelerate their spend on cloud, security and risk, networks, and mobility — including struggling businesses looking to leapfrog less wily competitors and gain advantage coming out of the pandemic.
Leading CIOs will embrace cloud-first and platform strategies for speed and adaptiveness, eschewing stovepipes for end-to-end solutions. Interviews with leading CIOs found that they are collaborating more across organisations, objectives, and budgets, extending IT-business partnerships into enterprise- level shared accountability. They will also invest aggressively in employees, breaking down old ideals and resolving resistance within the organisation.
In fact, CIOs focused on employee experience (EX) will help their businesses attract, develop, and retain talent that can provide competitive advantage in a critical year. They will make the investments to foster social collaboration, make information easier to find and use, and provide less distracting security. CIOs who are slow or unable to adapt will become mired in short- term fixes that lead to digital sameness, not differentiation, and their top talent will get frustrated and leave for more visionary pastures.
22 January 2021
|
External
:
European Predictions 2021
EU takes bold steps in regulating AI, the European Parliament will draft new AI rules and abandon e-privacy reform
We expect that the European Parliament will not only fail to adopt the e-privacy regulation proposal that’s currently on the table in 2021 but will shelve it altogether. But with Google ending support for third-party cookies in its browser and the advertising industry embracing “cookie-less” approaches, the lack of updated e-privacy rules will have limited impact.
Meanwhile, data suggests that many EU citizens find current legislation inadequate for regulating AI-based activities. In just three months, the European Commission collected more than 1,200 formal opinions for its White Paper on Artificial Intelligence. And companies such as Rolls-Royce have announced their own AI ethics frameworks.
Forrester predicts that the European Parliament will finalise a draft of a new AI regulation that will be the world’s first. Thus, companies that do business with Europeans should invest in ethical AI approaches now.
22 January 2021
|
External
:
European Predictions 2021
Critical year for cloud competition in EU, GAIA-X will not make a significant impact in 2021
Europe is buzzing about the new GAIA-X sovereign cloud initiative — but the foundation’s members must now deliver concrete services and a clear value proposition. Three US- based hyperscalers — AWS, Microsoft, and Google — are the primary public cloud vendors for 46% of respondents at European companies, and their expanding network of European data centres and compliance with national rules will help them keep growing.
Despite the invalidation of EU-US Privacy Shield, legal (standard contract clauses) and technical (encryption) measures still help when you must transfer personal data outside the EU. If GAIA-X develops sensible policies for data sharing and use, we expect all major cloud providers to engage; if your provider doesn’t, it’s time to find a new supplier.
But in 2021, satisfied clients of the “keep my data in Europe” services from non-European-headquartered cloud businesses can stick with their current suppliers.
22 January 2021
|
External
:
European Predictions 2021
Increasing attention is given to the issue of attribution in cyberspace
Attribution can be broadly defined as the process of assigning responsibility for a (malicious) cyber activity to a specific actor on the basis of the available evidence, including all-source intelligence, forensic investigation, and taking into account the political context. Given the sensitive nature of such evidence and the implications that a decision about attribution might have on bilateral relations between the accuser and the accused, states maintain their exclusive right to attribute (or not) a cyber operation based on their own methods, procedures and political interests.
the relatively short history of attribution of cyber-attacks, states have used different paths . While many initiatives hardly ever see daylight and are hidden from the scrutiny of public opinion, some states have also opted for more public forms of attribution through indictments under criminal law and political attributions – albeit with a very limited reference to international law and norms that have been violated.
14 April 2021
|
Report
:
Three tales of attribution in cyberspace
NCSC Trend List 2021: Expectations of the NCSC in the field of cybersecurity
The NCSC Trend List helps organizations to look ahead in the field of cybersecurity based on trends and expectations. Trends are things that are already happening and expectations are things that may come into play in the coming years. Depending on developments, these expectations may shift in time and/ or relevance. That is why the NCSC will regularly update the Trend List.
16 February 2022
|
External
:
NCSC Trend list 2021
Increase in state actors targeting critical infrastructure
During 2022, Ukraine saw increased threat group activity targeting its energy and critical industrial infrastructure sectors. Russia’s 2022 invasion of Ukraine provided opportunities for Russia-aligned actors to use their cyber offensive capabilities preemptively and in parallel to its kinetic attacks. As Western countries placed sanctions on Russia and indicted key members of Russian cyber operations, the U.S. government’s Cybersecurity and Infrastructure Security Agency (CISA) prepared for potential retaliation by issuing a call for “Shields Up,” which included actions to safeguard ICS and OT environments
There were eight active threat groups: BENTONITE, CHERNOVITE, ELECTRUM, ERYTHRITE, KAMACITE, KOSTOVITE, WASSONITE and XENOTIME.
28 March 2023
|
News
:
2022 ICS/OT Cybersecurity Year in Review
CHERNOVITE developer of PIPEDREAM: first ever cross-industry disruptive/destructive ICS/OT capability
CHERNOVITE is the developer of PIPEDREAM, a modular ICS attack framework and the seventh known ICS-specific malware, following STUXNET, HAVEX, BLACKENERGY2, CRASHOVERRIDE, TRISIS, and Industroyer2. CHERNOVITE’s PIPEDREAM is the first ever cross-industry disruptive/destructive ICS/ OT capability. It represents a substantial escalation in adversarial capabilities.
CHERNOVITE possesses a breadth of ICS-specific knowledge beyond what has been demonstrated by previously discovered threat groups. The ICS expertise demonstrated in the PIPEDREAM malware includes capabilities to disrupt, degrade, and potentially destroy physical processes in industrial environments. PIPEDREAM is the first scalable, cross-industry ICS attack framework known to date.
While PIPEDREAM itself is a new ICS capability, its emergence is also indicative of the trend toward more technically capable and adaptable adversaries targeting ICS/OT. In addition to implementing common ICS/ OT-specific protocols in PIPEDREAM, CHERNOVITE improved the techniques from prior ICS malware. CRASHOVERRIDE, and the associated threat group, ELECTRUM, exploited the OPC Data Access (OPC DA) protocol to manipulate breakers and electrical switchgear. CHERNOVITE, on the other hand, uses the newer but comparable OPC UA protocol. Dragos assesses with high confidence that a state actor developed PIPEDREAM intending to leverage it in future operations for disruptive or destructive purposes.
Dragos assesses with moderate confidence that CHERNOVITE represents an “effects/impact team” instead of an “access team” — meaning, that PIPEDREAM was designed to be leveraged for impact after the initial access into the target environment has been obtained by another threat group.
Most likely, CHERNOVITE developed PIPEDREAM’s capabilities for a malicious operator with the intent and motivation to access, manipulate, and disrupt OT environments and processes. PIPEDREAM’s capabilities can provide an adversary with a range of options for learning about a target’s OT network architecture and identifying its assets and processes. This information can set the stage for disruptive and destructive effects, but it also increases an adversary’s knowledge to develop even more capabilities to disrupt or destroy on a much broader scale.
In its present form, the PIPEDREAM attack framework could be leveraged to target equipment in multiple sectors and industries. Given PIPEDREAM’s modular nature, CHERNOVITE could easily adapt it to compromise and disrupt a broader set of targets.
28 March 2023
|
News
:
2022 ICS/OT Cybersecurity Year in Review
Supply chain cybersecurity: a sometimes overlooked essential to securing your business.
In today’s networked digital infrastructures, it is no longer enough to ensure the security of one’s own IT networks and systems. Incidents elsewhere in the chain can have an immense impact as they trickle down. Suppliers, vendors, contractors, and other third parties have become part of the security risk area. Meanwhile, hostile hackers no longer require to actually gain access to their main target to get to their end goal. Supply chains have essentially become supply networks. And while the challenges for protecting an organization continue to rise, the connectivity offers a learning opportunity and potential cost savings as well. For companies that have already been attacked, it is worth sharing their experiences and best practices. Those who haven’t would be wise to learn from others, because it’s improving their security posture as well as the supply network that they’re part of.
28 January 2022
|
Report
:
Als de Keten Zelf de Zwakste Schakel is
A paradigm shift in cybersecurity and a changing threat landscape in OT-security
Due to rising cybersecurity threats, the focus in cybersecurity has shifted from prevention to resilience. Moreover, as a result of increasing IT/OT convergence, the threat landscape for OT-security, including vital infrastructure, has changed.
13 January 2023
|
Report
:
Herstelvermogen binnen OT infrastructuren
Specific OT-characteristics demand a different approach
Due to its specific characteristics, OT-infrastructures demand a different approach in opposition to IT-infrastructures. These specific characteristics are the longevity of the infrastructures, the technological heterogeneity, the strong connection between the system and the process, the decentralized nature of the infrastructure and the surrounding security-culture.
13 January 2023
|
Report
:
Herstelvermogen binnen OT infrastructuren
Increasing IT/OT convergence leads to new developments
With the rise of the internet, OT-infrastructures and its threats are changing. OT-infrastructures with build-in internet communication and reprogrammable OT-infrastructures are in demand. However, according to some, these developments lead to needless exposure to the internet.
13 January 2023
|
Report
:
Herstelvermogen binnen OT infrastructuren
Despite the IT/OT risks, the urgency to take additional recovery measures is not clear.
Despite the fact that the risks surrounding IT/OT convergence are acknowledged, the urgency to take additional recovery measures is not yet clear. This is due to the fact that organizations: have not yet experienced a large system failure, are unaware of the possible impact, are uncertain on legislation, and are confused by different systems in different countries.
13 January 2023
|
Report
:
Herstelvermogen binnen OT infrastructuren
To implement secure OT, organisational awareness is needed
To ensure secure OT, organisations need awareness. This can be done through making OT part of their risk management strategy, bringing safety and security closer together, making OT a concern of management, explain OT in its context referring to primary processes, and constant monitoring and communication.
26 January 2023
|
Report
:
Succesfactoren voor digitaal veilige Operationele Technologie
Use the available measures to secure your OT
To implement secure OT, use already developed standards and measures, adapt them to the needs of your organization and start working structurally with Security-by-design. These are succes factors of secure OT.
3 February 2023
|
Report
:
Succesfactoren voor digitaal veilige Operationele Technologie
Management and maintenance are important in securing your OT
It is important that, when securing your OT, your assetmanagement is under control, you have a diversity of suppliers and in-house knowledge on OT
3 February 2023
|
Report
:
Succesfactoren voor digitaal veilige Operationele Technologie
Factors to close the gap between the IT and OT domain
To close the gap between the IT and OT domain, organisations should bring OT and IT in one team, give both domains the same wage, facilitate knowledge sharing within and outside of the organisation, use the same language and let both domains use the same equipment.
3 February 2023
|
Report
:
Succesfactoren voor digitaal veilige Operationele Technologie
Knowledge and expertise concerning OT is needed
Organisations that want secure OT need in-house expertise on OT, need people who have knowledge of both OT and IT, need to do crisis exercises, need to strengthen management's involvement and use audits to create attention.
3 February 2023
|
Report
:
Succesfactoren voor digitaal veilige Operationele Technologie
Increase in operational technology (OT) targeting incidents
According to X-Force data, a 2000 percent increase in operational technology (OT) targeting incidents in 2019 could portend the rising interest of threat actors to attack industrial systems as we move into 2020.
22 January 2021
|
External
:
X-force threat intelligence index
Over 8.5 billion records were compromised in 2019
Over 8.5 billion records were compromised in 2019, a number that’s more than 200 percent greater than the number of records lost in 2018. The inadvertent insider can largely be held responsible for this significant rise. Records exposed due to misconfigured servers (including publicly accessible cloud storage, unsecured cloud databases, and improperly secured rsync backups, or open internet connected network area storage devices) accounted for 86 percent of the records compromised in 2019.
22 January 2021
|
External
:
X-force threat intelligence index 2020
The malware landscape shifted in 2019, with threat actors returning to ransomware and building out botnets
The malware landscape shifted in 2019, with threat actors returning to ransomware and building out botnets. Throughout 2019, X-Force IRIS responded to ransomware engagements in 12 different countries in 5 different continents and across 13 different industries. Additionally, destructive malware activity shows that this potentially catastrophic malware trend continues to be a rising threat.
22 January 2021
|
External
:
X-force threat intelligence index 2020
The top three initial infection vectors were Phishing, Scan and Exploit and Stolen Credentials
The top three initial infection vectors seen in X-Force IRIS engagements in 2019 were a very close first, second, and third: Phishing (31 percent), Scan and Exploit (30 percent) and Stolen Credentials (29 percent). Phishing, most notably, went from making up nearly half of the total incidents in 2018 to less than a third in 2019. By contrast, the scanning and exploitation of vulnerabilities increased to nearly one-third of the incidents from only making up eight percent in 2018.
22 January 2021
|
External
:
X-force threat intelligence index 2020
Spam email continues to use a limited subset of vulnerabilities
X-Force analysis of global spam activity indicates that spam email continues to use a limited subset of vulnerabilities, with particular focus on just two CVEs: 2017-0199 and 2017-11882. Both of these are patched vulnerabilities that have accounted for nearly 90 percent of the vulnerabilities threat actors attempted to exploit via spam campaigns.
22 January 2021
|
External
:
X-force threat intelligence index 2020
Attack activity in Europe: RDP compromise, POS malware, insider threats
Most notable attack activity observed in X-Force incident response engagements in 2019 in Europe specifically: RDP compromise, POS malware, insider threats
22 January 2021
|
External
:
X-force threat intelligence index 2020
Europe: Mainly financially-motivated threat actors
Unlike Asia, which is mostly affected by rivaling nation states, Europe appeared to be primarily targeted by financially-motivated threat actors. This difference may be explained by the greater potential for theft from European-based companies based on currency exchange rates. Alternatively, criminal motivations could be in pursuit of intellectual property, which can be sold to competitors for significant gain.
22 January 2021
|
External
:
X-force threat intelligence index 2020
The risk surface will continue to grow in 2020
The risk surface will continue to grow in 2020, with more than 150,000 current vulnerabilities and new ones reported regularly
22 January 2021
|
External
:
X-force threat intelligence index 2020
the year 2020 could see another big number of lost records due to breaches and attacks
With over four times as many records breached in 2019 as in 2018, the year 2020 could see another big number of lost records due to breaches and attacks.
22 January 2021
|
External
:
X-force threat intelligence index 2020
Threat actors continue to shift their sights to different attack vectors in 2020
Threat actors continue to shift their sights to different attack vectors, with increased targeting of IoT devices, Operational Technology (OT), and connected industrial and medical systems, to name a few.
22 January 2021
|
External
:
X-force threat intelligence index 2020
Malware use by threat actors continues to fluctuate in 2020
Malware use by threat actors continues to fluctuate, with ransomware, cryptominers, and botnets all taking lead at different points in 2019. We expect this trend to continue in 2020, meaning organizations will need to protect themselves against varied threats that change over time.
22 January 2021
|
External
:
X-force threat intelligence index 2020
Spam activity continues unabated in 2020
Spam activity continues unabated, requiring diligent blacklisting, vulnerability patching and threat monitoring by organizations.
22 January 2021
|
External
:
X-force threat intelligence index 2020
A drop in crime statistics is visible, both nationally and internationally
Over the last couple of years a decrease in crime rates is visible, both nationally and internationally. This is known as a 'crime drop'. This trend is also evident in the police unit of Amsterdam. Compared to 2018, crime rates have been similar in 2019. However, the number of (street)robberies has slightly increased in the municipality of Amsterdam.
21 April 2021
|
Report
:
Trendbeeld 2020
Drug dealers and organised crime are thriving due to a lack of detection and prosecution
The Netherlands is known as a transit country for drugs and drug related money. The drug trade has severe consequences for the Dutch society, the legal system and the rule of law. Such consequences are the existence of a parallel drug economy, climate pollution, extortion, assassinations and threats to the civilian population. Over the last couple of years, drug dealers are thriving and organised crime has developed itself into a professional system. These trends are caused by a lack of detection and prosecution activities by the police and the judicial powers.
21 April 2021
|
Report
:
Trendbeeld 2020
Incidents in the municipality of Amsterdam, involving firearms, knives and explosives have led to an increase in concerns amongst the police
In 2019, multiple incidents have occurred involving firearms, knives and explosives in the regional area of Amsterdam. These incidents range from stabbings and shootings to violent encounters between youth groups. Both the amount of violence that is used during such incidents and gun - and knife possession seem to be increasing. Also, the utilisation of such weapons seems to be more normalised. Knives and guns are for example used by drug dealers to protect their 'stock' from being stolen.
21 April 2021
|
Report
:
Trendbeeld 2020
The illegal trade in firearms is thriving in the municipal area of Amsterdam
Currently there is a thriving illegal firearms trade in the municipal area of Amsterdam, due to a high supply and demand for firearms and munition. In particular, more gas- and alarmfirearms and deactivated firearms are being traded. The Netherlands functions as both a transit and destination country for the illegal firearms trade.
21 April 2021
|
Report
:
Trendbeeld 2020
The number of registered youth criminals is decreasing
Both nationally and internationally, the number of registered youth criminals is decreasing. In the last 10 years (2009 - 2018), the number has decreased from 44.000 to 16.000. However, the cause of this decreasing trend is not clear. A possible cause lies in the implementation of new technologies, such as mobile phones and gaming. Due to this development, youth tends to spend less time in public places.
21 April 2021
|
Report
:
Trendbeeld 2020
In the municipality of Amsterdam, the number of demonstrations has doubled over the course of two years
In 2017, the number of demonstrations was 789. In 2019 this number has almost doubled to 1444. Not only the number of demonstrations has increased, but also the size and modus operandi of demonstrations has changed. Demonstrations are larger in terms of attending people (for example during climate demonstrations) and activists have found new ways to demonstrate. For example through tractors that block traffic.
21 April 2021
|
Report
:
Trendbeeld 2020
The number of cybercrime related reports by citizens in the municipality of Amsterdam has increased in 2019
The number of cybercrime related reports has more than doubled in 2019 when compared to 2018. The most common form of cybercrime that occurs to citizens in Amsterdam is banking fraud. Other types of fraud and scams, such as purchase and sale fraud and Tech Support Scams are also regularly occurring. Lastly, most suspects of cybercrime are youth (aged 0-21 years).
21 April 2021
|
Report
:
Trendbeeld 2020
The overall number of completed, failed and foiled terrorist attacks decreased in the EU in 2019
In 2019, 119 terrorist attacks were reported in the EU. A downward trend is visible compared to 2018 (129 terrorist attacks) and 2017 (205 terrorist attacks). The decrease in completed, failed and foiled terrorist attacks is mainly caused by a downward trend in ethno-nationalist and separatist terrorist attacks. In total, 10 people died and 27 were injured as a result of terrorist attacks in 2019. All of the casualties and 26 of the injured individuals were caused by jihadist terrorist attacks. One individual was injured as result of a rightwing terrorist attack.
12 May 2021
|
Report
:
European Union Terrorism Situation and Trend report 2020
The Islamic State (IS) continues to pose a threat to the European Union
Hundreds of Europeans with links to IS remain in Syria and Iraq. IS has lost its last enclave in Syria and has now transitioned to a covert insurgency group. Whilst the main operational areas are Syria and Iraq, IS continues to maintain a global network of affiliates. Consequently, IS still poses a threat to EU member states.
12 May 2021
|
Report
:
European Union Terrorism Situation and Trend report 2020
Al-Qaeda has again displayed its intent and ambition to strike Western targets
Al-Qaeda has again outed its intent to strike Western targets. Consequently, al-Qaeda continues to pose a threat to EU member states.
However, in recent years, al-Qaeda affiliated groups have mainly attacked regional or local targets in countries in Africa, the Middle East and Asia.
12 May 2021
|
Report
:
European Union Terrorism Situation and Trend report 2020
Influence of online propaganda by jihadist and right-wing extremist groups
In 2019, online jihadist propaganda has decreased in volume, content, potency and immediacy. For example, IS has lost its dedicated online infrastructure, which forced the group to operate on regular social media platforms. Many of these platforms were hostile to the group's abuse of their services. On the other hand, right-wing extremists continue to have more freedom on social platforms. These platforms remain important vectors for the spread of right-wing extremist ideologies.
12 May 2021
|
Report
:
European Union Terrorism Situation and Trend report 2020
The number of ethno-nationalist and separatist related terrorist attacks decreased
In 2019, ethno-nationalist and separatist related terrorist attacks made up the largest proportion of all terrorist attacks (57 out of 119). Also, compared to 2018, the number of ethno-nationalist and separatist related terrorist attacks decreased (83 to 57). Most incidents were related to Dissident Republican (DR) groups in northern Ireland.
12 May 2021
|
Report
:
European Union Terrorism Situation and Trend report 2020
Increased use of violence by criminals
The use of violence by criminals involved in serious and organised crime in the EU appears
to have been increasing in terms of the frequency of use and its severity. Criminals use violence indiscriminately and target victims without regard for their involvement or standing, often accepting harm to innocent bystanders. The threat from violent incidents
has been augmented by the frequent use of firearms or explosives in public. Perpetrating violence on behalf of a criminal client is increasingly being marketed as a service, often via dark web platforms and encrypted communication applications.
17 May 2021
|
Report
:
European Union Serious and Organised Crime Threat Assessment
Corruption is a feature of most criminal activities in the EU
Corruption is a feature of most, if not all, criminal activities in the EU. Corruption takes place at all levels of society and can range from petty bribery to complex multi-million-euro corruption schemes. Corruption erodes the rule of law, weakens institutions of states and hinders economic development. Corruption is a key threat to be addressed in the fight against serious and organised crime. Almost 60 % of the criminal groups reported for the SOCTA 2021 engage in corruption.
17 May 2021
|
Report
:
European Union Serious and Organised Crime Threat Assessment
Scale and complexity of money laundering activities in the EU have previously been underestimated
The scale and complexity of money laundering activities in the EU have previously been underestimated. Serious and organised crime in the EU fundamentally relies on the ability to launder vast amounts of criminal profits. For this purpose, professional money launderers have established a parallel underground financial system to process transactions and payments isolated from any oversight mechanisms governing the legal financial system. This parallel system ensures that the criminal proceeds cannot be traced as part of a sophisticated criminal economy.
17 May 2021
|
Report
:
European Union Serious and Organised Crime Threat Assessment
Legal business structures are used to facilitate criminal activity
Legal business structures such as companies or other entities are used to facilitate virtually
all types of criminal activity with an impact on the EU. Criminals directly control or infiltrate legal business structures in order to facilitate their criminal activities. All types of legal businesses are potentially vulnerable to exploitation by serious and organised crime.
More than 80 % of the criminal networks active in the EU use legal business structures
for their criminal activities. About half of all criminal networks set up their own legal
business structures or infiltrate businesses at a high level.
17 May 2021
|
Report
:
European Union Serious and Organised Crime Threat Assessment
The use of technology is a key feature of serious and organised crime in 2021
The use of technology is a key feature of serious and organised crime in 2021. Criminals exploit encrypted communications to network among each other, use social media and instant messaging services to reach a larger audience to advertise illegal goods or to spread disinformation. The online environment and online trade provide criminals access to expertise and sophisticated tools enabling criminal activities.
17 May 2021
|
Report
:
European Union Serious and Organised Crime Threat Assessment
COVID-19 has had a significant impact on the serious and organised crime landscape in the EU
The COVID-19 pandemic has had a significant impact on the serious and organised crime
landscape in the EU. Criminals were quick to adapt illegal products, modi operandi and
narratives in order to exploit the fear and anxieties of Europeans and to capitalise on the scarcity of some vital goods during the pandemic. While some criminal activities will or have returned to their pre-pandemic state, others will be fundamentally changed by the
COVID-19 pandemic. The immediate impact of the COVID-19 crisis has been most visible in the counterfeiting and distribution of substandard goods, cybercrime, organised property crime, and various types of fraud schemes.
The COVID-19 pandemic has presented unique opportunities for fraudsters seeking to profit from the insecurity, restrictions and booming demand for certain products as a result of this crisis. Examples include investment fraud, CEO fraud, non-delivery fraud, romance fraud, fake invoice fraud, social benefit fraud, bank fraud, and subsidy fraud.
The long-term consequences of the pandemic may manifest particularly severely in the area of financial crime. Businesses operating in sectors suffering particularly negative
economic pressures, such as the hospitality, catering and tourism sectors, are becoming
more vulnerable to criminal infiltration.
17 May 2021
|
Report
:
European Union Serious and Organised Crime Threat Assessment
Serious and organised crime deeply affects all layers of society
Serious and organised crime deeply affects all layers of society; in addition to the direct
impact on the daily lives of EU citizens, it also undermines the economy, state institutions
and the rule of law.
17 May 2021
|
Report
:
European Union Serious and Organised Crime Threat Assessment
A potential economic recession following the COVID-19 pandemic will shape serious and organised crime in the EU
A potential deep economic recession following the COVID-19 pandemic will fundamentally shape serious and organised crime in the EU for the near future. Previous periods of economic stress can provide some degree of insight into how these developments might affect crime in the EU and what responses need to be formulated to counter existing and emerging threats to the EU’s internal security during this time. A global economic crisis may bring ordinary EU citizens into closer proximity to organised crime. Communities may become more tolerant of certain types of crime such as the distribution of counterfeit goods or the cultivation of cannabis.
17 May 2021
|
Report
:
European Union Serious and Organised Crime Threat Assessment
The organised crime landscape is characterised by a networked environment with a high level of adaptivity
The organised crime landscape is characterised by a networked environment where cooperation between criminals is fluid, systematic and driven by a profit-oriented focus. Similar to a business environment, the core of a criminal network is composed of managerial layers and field operators. This core is surrounded by a range of actors linked to the crime infrastructure providing support services, such as brokers, document
fraudsters, technical experts, legal and financial advisors, money launderers and other service providers. A key characteristic of criminal networks, once more confirmed by the pandemic, is their agility in adapting to and capitalising on changes in the environment in which they operate. Obstacles become criminal opportunities and may be as simple as adapting the narrative of a known modus operandi.
17 May 2021
|
Report
:
European Union Serious and Organised Crime Threat Assessment
The number of incidents of organised property crime remains high
The overall number of incidents of organised property crime remains high, especially for domestic burglaries, with more than one million cases a year, directly affecting millions of people. Mobile organised crime groups (MOCGs) continue to travel long distances from region to region and country to country committing organised property crime. The MOCGs easily shift from domestic burglaries to burglaries targeting business premises, physical ATM attacks, fraud schemes, cargo crime, pickpocketing, fencing, motor vehicle crime, illegal trade in cultural goods, shoplifting or metal theft, depending on the season or market circumstances.
17 May 2021
|
Report
:
European Union Serious and Organised Crime Threat Assessment
Steps in the human trafficking process have moved to the online domain
Several steps in the criminal process of trafficking in human beings, such as recruitment of
victims and advertisement of services, have moved almost entirely to the online domain.
The boundary between victim and accomplice has become blurred, with female victims also taking up organisational roles and with seemingly formal business agreements preventing victims from identifying as such.
17 May 2021
|
Report
:
European Union Serious and Organised Crime Threat Assessment
The market for migrant smuggling services has been sustained despite the consolidation in migration flows
The market for migrant smuggling services has been sustained despite the consolidation in migration flows reaching the EU since the height of the migratory crisis. Facilitation of entry in the EU fluctuates in line with the changing entry routes, whereas facilitation of secondary movements and legalisation of stay is less visible but equally profitable for criminal networks.The recklessness of criminal networks is clearly illustrated in this criminal activity.
Irregular migrants are exposed to high fees for services that increasingly violate their physical and psychological integrity during the journey. In addition, they are often vulnerable to further exploitation upon arrival. The COVID-19 pandemic has highlighted that global crises do not diminish the demand for smuggling services to enter, transit or reside in the EU.
17 May 2021
|
Report
:
European Union Serious and Organised Crime Threat Assessment
Increased sophistication and number of cyber-dependent attacks
The threat from cyber-dependent crime has been increasing over the last years, not only in
terms of the number of attacks reported but also in terms of the sophistication of attacks. Examples include malware, ransomware, and DDoS attacks. Cyber-dependent crime is likely significantly underreported. The rapidly progressing digitalisation of society and the economy constantly creates new opportunities for criminals involved in cyber-dependent crime. Businesses are increasingly the targets of cyberattacks. Public institutions, including critical infrastructures such as health services, continue to be targeted by cybercriminals.
Despite an increasing number of investigations into cyber-dependent crimes and other cybercrime activities, the number of criminal networks is low. One of the reasons could be that cybercrime involves many criminals operating individually and not in the framework of established networks.
17 May 2021
|
Report
:
European Union Serious and Organised Crime Threat Assessment
Increase in activities related to online child sexual abuse
There has been a continuous increase in activities related to online child sexual abuse
over recent years. This development has further intensified during the COVID-19 pandemic. Online child sexual abuse likely remains highly underreported. Many victims remain unidentified and their abusers undetected.
17 May 2021
|
Report
:
European Union Serious and Organised Crime Threat Assessment
Trade in illegal firearms and explosives
The trade in illegal firearms is a key enabler for other criminal activities such as drug trafficking and amplifies the threat they pose to the internal security of the EU. The smuggling of large weapons caches to the EU is rare. Illegal firearms available in the EU are
typically either diverted from legal supply chains, converted, reactivated or modified within the EU or originate from weapon stocks outside the EU.
18 May 2021
|
Report
:
European Union Serious and Organised Crime Threat Assessment
Customs import fraud resulted in financial losses of at least EUR 5.5 billion to the EU budget between 2016 and 2019
Customs import fraud resulted in financial losses of at least EUR 5.5 billion to the EU budget between 2016 and 2019. The evasion of duties on goods imported into the EU negatively affects the financial interests of the EU and threaten legitimate companies operating in the Member States. Dumping practices create unfair competition to legitimate businesses and their products and market distortion.
18 May 2021
|
Report
:
European Union Serious and Organised Crime Threat Assessment
VAT fraudsters continue to generate multi-billion-euro profits in the EU
Value-added tax (VAT) fraud consists of avoiding the payment of VAT or fraudulently claiming repayments of VAT from national authorities following an illicit chain of transactions. VAT fraudsters continue to generate multi-billion-euro profits in the EU. Up to EUR 50 billion are lost due to the activities of VAT fraudsters every year. By creating economic imbalances and market distortion, these criminal activities weaken the integrity of the
national and international markets and financial systems and support the growth of underground economies.
18 May 2021
|
Report
:
European Union Serious and Organised Crime Threat Assessment
Human trafficking is a core activity of crime in the EU, and it is believed to remain significantly underreported
THB is a core activity of serious and organized crime in the EU and is set to remain a threat to the EU for the foreseeable future. Trafficking in human beings is believed to remain significantly underreported. THB for labour exploitation in particular is increasing in the EU. Prevalent forms of human trafficking include sexual exploitation, labour exploitation, forced criminality, and child trafficking.
18 May 2021
|
Report
:
European Union Serious and Organised Crime Threat Assessment
Prevalence of document fraud
Document fraud is an enabler for most criminal activities. Its prevalence is partly due to the fact that it does not necessarily require sophisticated tools or excessive monetary investment. Indeed, even though advanced technologies are occasionally used, most of the production can be done with standard equipment such as computers, scanners and printers.
18 May 2021
|
Report
:
European Union Serious and Organised Crime Threat Assessment
EU Member States are progressing at different speeds in building up digital infrastructures, leading to potential vulnerabilities
- There is a risk that the exponential increase in data will overwhelm governments who are unable to manage, safeguard and effectively use this information.
- States risk ceding control over many areas of finance and the economy to the private companies that dominate the digital space
- The monopoly on data held by third parties will continue to pose increasing risks of manipulation and criminal use of personal information.
- Widespread adoption of cryptocurrencies by legitimate businesses and individuals could have a significant impact.
- As digitalisation increases, so do the challenges from the increasing spread of misinformation, fake news and conspiracy theories. The use of deepfakes will probably become a serious challenge for the digital environment.
18 May 2021
|
Report
:
European Union Serious and Organised Crime Threat Assessment
In the Netherlands, there is an increase in registered crimes for the first time in ten years
In the Netherlands (2020), the total number of registered crimes has increased for the first time in ten years. A large part of the total number of registered crimes is related to cybercrime. Also, a large increase is seen regarding the number of human trafficking reports.
20 May 2021
|
Report
:
Strategisch Omgevingsbeeld 2020
The COVID-19 crisis provides opportunities for crime
Criminals have utilised the COVID-19 crisis to conduct various crimes. For example, in 2019 the spread of child pornography has increased. Now, during the COVID-19 crisis, there are indications that the spread of child pornography has increased even further. Also, due to the economic consequences of the pandemic, individuals become vulnerable to organised crime groups.
20 May 2021
|
Report
:
Strategisch Omgevingsbeeld 2020
In the Netherlands, there is an increase in the number and scale of demonstrations
In 2020, an increase can be seen regarding the number and scale of demonstrations in the Netherlands. New movements are gaining support, partially through the use of social media. Furthermore, new forms of demonstrating have developed. Such developments can be seen in recent demonstrations by climate activists and farmers.
31 May 2021
|
Report
:
Strategisch Omgevingsbeeld 2020
The number of cybercrime related reports and criminal cases are increasing
In the Netherlands (2020), the number of cybercrime related reports and criminal cases are increasing, as well as the amount of cybercriminals. Private citizens are targeted more often than companies (8-15% of Dutch citizens are victim), however companies face greater financial loss. During the COVID-19 crisis, cybercriminals have developed new ways of utilising phishing and fraud techniques.
31 May 2021
|
Report
:
Strategisch Omgevingsbeeld 2020
Disinformation is used to spread a sense of disunity amongst the Dutch population
Various state actors spread disinformation in order to weaken European and Western multilateral institutions. Non-state actors strive to spread polarisation, create social disruption and obtain financial benefit. The COVID-19 crisis has provided an impuls to the spread of disinformation. For example, in 2020, disinformation was spread regarding 'Black Pete' and alleged damaging effects of 5G-networks. The latter has led to multiple arsons.
31 May 2021
|
Report
:
Strategisch Omgevingsbeeld 2020
The chance of the occurrence of a terrorist attack remains considerable
Jihadism remains to pose the most important terrorist threat to the Netherlands. Most of the jihadist related terrorist threats come from lone-wolfs.
In 2020, right-wing extremists and left-wing extremists have not conducted any terrorist related attacks. However, a small group with anti-government sentiments have caused some violent activities.
31 May 2021
|
Report
:
Strategisch Omgevingsbeeld 2020
Disruption, espionage and sabotage are the largest cyberthreats to the Netherlands
The Dutch society is, for a large part, dependent on digital processes. Datanetworks, data, services and systems are becoming more interconnected, making them larger and complex in nature. If digital (vital) processes are affected, the consequent disruption can lead to large-scale societal damage. The extent of the threat, especially by espionage and sabotage, and the lack of cyber resilience pose major risks to Dutch society.
4 June 2021
|
Report
:
Strategisch Omgevingsbeeld 2020
In 2018, one in six young people between the ages of 12 and 17 has committed a cyber crime
Research, conducted by Study Safer Internet Center Netherlands in 2018, shows that one in six young people between the ages of 12 and 17 has committed a cybercrime, either consciously or unconsciously. For the age group 16-17 this number is 33%. Forms of committed cyber crime are for example hacking, phishing and DDoS attacks.
22 June 2021
|
News
:
Game Changers: Keep Young People Away from Cyber Crime
The pervasive nature of software across the Internet of Things (IoT) ecosystem and it's central role in the IoT supply chain bring security risks
Systematically securing IoT software is essential. The inescapable nature of software across the IoT ecosystem and the central role it has in the entire IoT supply chain bring security risks. Software vulnerabilities may be exploited to compromise the systems as a whole. In this respect, the IoT Software Development Life Cycle (SDLC) as a whole needs to be secured and proper considerations to be taken into account by all involved stakeholders from the beginning of the software development process up to maintenance and disposal.
22 June 2021
|
Report
:
Good Practices for Security of IoT
Securing Internet of Things (IoT) can prove a difficult task for software developers
Securing IoT, and especially IoT edge-devices, can prove a difficult task for software
developers if hardware comes without basic security capabilities.
22 June 2021
|
Report
:
Good Practices for Security of IoT
Threats from nation states are becoming increasingly digitalised
The most common threats from nation states are influencing practices, espionage, information confrontation and the utilisation of economic instruments. These threats are increasingly expressed on digital platforms. Such threats target a wide variety of actors: diaspora, religious communities, the scientific community and businesses.
25 June 2021
|
Report
:
Strategisch Omgevingsbeeld 2020
The number of cyberincidents has increased during the COVID-19 crisis
During the COVID-19 crisis, a situation has emerged in both the physical and digital world in which anti-governmental extremisme can flourish. Also, the number of cyberincidents has increased during the COVID-19 crisis. According to governmental organisations, cyberincidents are currently in the top 3 threats. This is also one of the reasons why 4 out of 10 Dutch citizens worry about the occurrence of a digital attack on the Netherlands. However only 4% of Dutch citizens feel unsafe in The Netherlands.
25 June 2021
|
Report
:
Strategisch Omgevingsbeeld 2020
The digital infrastructure is critical for the functioning of society
The digital infrastructure of a society must remain in order, just like air, water, road and rail. If digital processes do not work properly, this can have major impact on society. Organisations can be unable to do their work, personal data can be exposed and facilities may stop functioning. For example: a hack at a cheese packaging company, a data leak at an ICT service providers for car companies and an ICT malfunction at an hospital can lead to such an impact.
In the past year, a great difference can be seen in the cyber security resilience of companies and organisations. Experts are concerned that this gap will expand in the future. Also, due to the Covid-19 pandemic, more processes have been digitised, thereby increasing the importance of digital security even further.
23 August 2021
|
News
:
Cyber Attacks Affect the Nervous System of Society
In Europe, more supply chain attacks have taken place since 2020
Supply chain attackers managed to have significant impacts in terms of the downtime of systems, monetary losses and reputational damages in 2020. Based on previously observed trends and patterns, supply chain attacks will continue to pose risks in 2021. It is estimated that there will be four times more supply chain attacks in 2021 than in 2020. With half of the attacks being attributed to Advanced Persistence Threat (APT) actors, their complexity and resources greatly exceed the more common non-targeted attacks, and, therefore, there is an increasing need for new protective methods that incorporate suppliers in order to guarantee that organisations remain secure.
26 August 2021
|
Report
:
ENISA Threat Landscape for Supply Chain Attacks
Most common attack techniques and targeted assets in supply chain attacks
Most attack techniques that are used to compromise a supplier in a supply chain attack are unknown (66%), or conducted through exploiting software vulnerabilities (16%). Most assets that are targeted are code (66%), data (20%) and processes (12%). Furthermore, the compromised suppliers' assets are used as an attack vector to compromise customers. Those attacks are most done by abusing the trust of the customers (62%) or by using malware (62%).
26 August 2021
|
Report
:
ENISA Threat Landscape for Supply Chain Attacks
Current state of cyber security landscape
Where are we now? Three things are being presented in this section: an increase in cyber attacks; a rise in security investment and the complexity with the shift to the cloud.
12 November 2021
|
Report
:
State of Cybersecurity Resilience 2021
How to be a cyber champion
With the following three steps you create alignment between the business and cyber security strategy:
1. Give CISOs a seat at the top table
2. Be threat-centric and business aligned
3. Get the most out of secure cloud
15 November 2021
|
Report
:
State of Cybersecurity Resilience 2021
Software supply chain attacks remain a major problem in 2021 cybersecurity
Throughout 2021, software supply chain attacks grew in both frequency and scale. Researchers concluded that software supply-chain attacks increased by no less than 650% throughout the year. A study issued by the European Union Agency for Cybersecurity (ENISA) reviewed two dozen incidents and found that 66% of supply chain attacks were committed by exploiting an unknown vulnerability, while only 16% leveraged known software flaws. Most attacks actually targeted software code. This year, it seems that organizations were once again caught largely unprepared, as a survey concluded that 82% of companies designate the third party vendors that make up their software supply chain with highly privileged roles. 76% provide roles that could allow account takeover, and, worst of all, over 90% of designated security teams were not aware that such permissions were even granted.
21 March 2022
|
Report
:
Cloud services increasingly under attack in 2021
In 2020, the global pandemic brought significant changes to the corporate work environment as well as corporate network architecture. Within those changes, both the shift to cloud-based architecture – meant to address the need for hybrid, remotely- managed networks – and the preference for as-a-service providers over traditional suppliers, have really stood out in terms of the scale of their adoption. Subsequently, in 2021, it became clear that cloud environments were also growing in popularity among end users. By mid-year, Gartner had released its forecast stating that end-user spending on public cloud services was estimated to grow by 23% in 2021 to over US$ 332 billion, compared to US$ 270 billion in 2020 and US$ 242.7 billion in 2019. Enterprises are now allocating large-scale funds to multi-cloud architectures, with Microsoft Azure and AWS leading in popularity, and Google Cloud Platform, IBM, VMWare and others dominating a respectable share of the market.
21 March 2022
|
Report
:
Ransomware changed in 2021
Gone are the days when ransomware operators negotiated a ransom of US$ 200 for your family photos. Today’s ransomware economy is a complex operation extorting millions
of dollars per ransom, holding entire organizations captive under the threat of total
system shutdown. The evolution of the ransomware business model is at the core of this phenomenon. Ransomware-as-a-Service (RaaS) introduces affiliate programs at low onboarding costs, enabling any attacker to easily join the trend. The attacker selects one of the leading ransomware “projects” and follows the detailed, easy to follow complimentary operations manual, which contains complete instructions for every stage of the attack. If the intrusion was successful, the ransomware operators and affiliates share a percentage of the victim’s ransom payment. This extremely profitable scheme allows attackers to reach a wider range of victims and offers higher returns to all involved.
21 March 2022
|
Report
:
Check Point Cloud Security Report 2022
The return of Emotet malware in 2021
Emotet, one of the most dangerous and infamous botnets in history, is back, despite the long and synchronized efforts of the international community and law enforcement agencies worldwide that resulted in its take down in January 2021. Emotet, the banking Trojan turned modular botnet, is known for its massive reach of over 1.5 million infected computers worldwide, across thousands of compromised corporate networks. Emotet was used as a distribution platform to deliver other notorious malware families such as TrickBot, Qbot and Dridex, often resulting in network-wide ransomware attacks that crippled entire organizations. Inflicted damages were estimated at around US$ 2.5 billion, before it was forcibly shut down.
21 March 2022
|
Report
:
DDoS attacks and Ransomware were most reported forms of attacks.
In the following figure it can be seen that for another year ransomware and DDoS attacks were the most reported forms of attacks during the reporting period and accounted for more than half of the observed events followed by threats related to data. In several cases incidents involved more than one threat category and were thus analysed in the context of all respective categories.
27 September 2024
|
Report
:
ENISA Threat Landscape 2024
Mostly public administration, transport and finance sectors faced cyber threats.
During this reporting period (July, 2023 - June 2024) in the overall global landscape, we have again observed a large number of events (Figure 6) targeting organisations in the public administration (19%), transport (11%) and finance (9%) sectors. Events targeting digital infrastructure (8%) and business services form a substantial portion of the events observed. We also observed a considerable number of events targeting civil society and not necessarily a particular sector (these are labelled as ‘General Public’ and amount to 8% of the events observed). They consist of social engineering or information manipulation campaigns.
27 September 2024
|
Report
:
ENISA Threat Landscape 2024
DDoS attacks most used in ideological-driven cyber threats
The motivation of threat actors per threat category for cyber threats. DDoS attacks are most used in ideological-driven threats while financially-driven threat actors mostly utilise ransomware, threats against data and Foreign Information Manipulation & Interference.
27 September 2024
|
Report
:
ENISA Threat Landscape 2024
Organisations and businesses should consider using XDR solutions
In order to provide better overall security outcomes and simplify and streamline security in general, organisations should consider using extended detection and response (XDR) technology for 2020 and 2021. By using this technology, the platform-level integration occurs at the point of deployment rather than being added in later.
30 March 2021
|
External
:
Gartner Top 10 Security Projects for 2020-2021
Improve cloud security approaches
There needs to be more uniformity regarding control systems across IaaS and PaaS in order to improve and enhance cloud security approaches. Also the controls need to be simplified, for example through the use of cloud access security brokers (CASBs).
30 March 2021
|
External
:
Gartner Top 10 Security Projects for 2020-2021
The risk of accidental war
An inter-state skirmish escalates to war as governments fail to control action in the absence of accurate information. Weakened multilateralism leads to failure to contain.
1 June 2021
|
External
:
The Global Risks Report 2021
The risk of anarchic uprising
Young activists, fed up with corruption, inequality and suffering, mobilize against elites. AI-powered social media is exploited to spread disinformation, fomenting social chaos.
1 June 2021
|
External
:
The Global Risks Report 2021
The risk of brain-machine interface being exploited
Companies, governments or individuals utilize burgeoning “mind-reading” technology to extract data from individuals for commercial or repressive purposes.
1 June 2021
|
External
:
The Global Risks Report 2021
The risk of geomagnetic disruption
A rapid reversal of the Earth’s geomagnetic poles generates destabilizing consequences for the biosphere and human activity.
1 June 2021
|
External
:
The Global Risks Report 2021
The risk of gene editing for human enhancement
Governments begin classified genetic engineering programmes. A class of people is born with genetic capabilities better suited for space, Arctic, or deep-sea survival, setting off a genetic arms race between geopolitical rivals with undetermined ethical consequences
1 June 2021
|
External
:
The Global Risks Report 2021
The risk of permafrost melt releasing ancient microorganisms
A warming planet leads to permafrost melt in the Arctic. An ancient virus, unknown in modern science, is released into the air, soil, and water systems
1 June 2021
|
External
:
The Global Risks Report 2021
The risk of the deployment of small-scale nuclear weapons
New technology allows for proliferation of low-yield warheads, blurring deterrence frameworks and leading to global nuclear war.
1 June 2021
|
External
:
The Global Risks Report 2021
Technological developments ask for new knowledge and skills
There are worries about the preparation of the youth for a digital future. New technological developments, such as artificial intelligence, ask for new knowledge and skills. Specialists working in those areas of technology are heavily needed and will continue to be needed. One way in which we can work on those new knowledge and skills is through education at universities, but also in secondary or primary education by implementing new curriculum.
23 May 2021
|
Report
:
CSR Magazine
A terrorist attack in the Netherlands is imaginable
A terrorist attack in the Netherlands is imaginable, seen that there are individuals that are radicalising or have been radicalised and pose possible threats. Especially 'lone wolfs', individuals that commit crimes by themselves, pose possible threats. In recent years, attacks have mostly been committed by 'lone wolfs'.
14 April 2021
|
Report
:
Dreigingsbeeld Terrorisme Nederland 53
Threats from Dutch jihadist movements have decreased
Direct threats to Dutch society, coming from Dutch jihadist movements, appear to have decreased in quantity. The movement is fragmented, both socially and ideologically. Also, structure, hierarchy and leadership are lacking amongst the movement. Lastly, repressive governmental actions has led to a decrease in motivation to commit attacks.
14 April 2021
|
Report
:
Dreigingsbeeld Terrorisme Nederland 53
In the first half of 2020 more terrorist attacks have taken place in Europe, but the number of casualties has decreased
Compared to 2019, in the first half of 2020 more terrorist attacks have taken place in Europe. However, the number of casualties is half as low. Current attacks are mostly provisional in nature. It is plausible that terrorist attacks with a relatively low impact on society keep occurring in Europe and the Netherlands.
14 April 2021
|
Report
:
Dreigingsbeeld Terrorisme Nederland 53
The distribution of jobs in the security domain across branches of industry is relatively constant over time
The largest branches, in terms of the number of security jobs (both primary and secondary) are, in order, Health and social work, Public administration and services and Information and communication and this order remained relatively constant since 2013. There is slightly more variation over time in the percentage of security workers within a branch. For example, between 2016 and 2018, the share of security workers in the ‘electricity and gas supply’ branch has become greater than the share of security workers in the ‘Health and social work’ branch). But again, the situation remains relatively constant over time.
19 May 2021
|
Report
:
Education and Labour Market in the Security Domain
The application of Artificial Intelligence is widespread
Artificial Intelligence can be applied to almost every sector and domain. For example, AI can be used for the development of self-driving cars, intelligent search engines, navigation systems and chatbots. 86% of companies therefore say that AI will have a big impact in their sector.
11 August 2021
|
Report
:
Strategisch Actieplan voor Artificiële Intelligentie
Cross-cutting crime facilitators and challenges to criminal investigations: Social engineering
Social engineering remains a top threat to facilitate other types of cybercrime.
22 January 2021
|
Report
:
Internet Organised Crime Threat Assessment 2020
Cross-cutting crime facilitators and challenges to criminal investigations: cryptocurrencies
Crypto currencies continue to facilitate payments for various forms of cybercrime, as developments evolve with respect to privacy oriented crypto coins and services.
22 January 2021
|
Report
:
Internet Organised Crime Threat Assessment 2020
Cross-cutting crime facilitators and challenges to criminal investigations: crime reporting
Challenges with reporting hinder the ability to create an accurate overview of crime prevalence across the EU.
22 January 2021
|
Report
:
Internet Organised Crime Threat Assessment 2020
Cyber-dependent crime: ransomware
Ransomware remains the most dominant threat as criminals increase pressure by threatening publication of data if victims do not pay. Ransomware on third-party providers also creates potential significant damage for other organisations in the supply chain and critical infrastructure.
22 January 2021
|
Report
:
Internet Organised Crime Threat Assessment 2020
Cyber-dependent crime: emotet
Emotet is omnipresent given its versatile use and leads the way as the benchmark of modern malware.
22 January 2021
|
Report
:
Internet Organised Crime Threat Assessment 2020
Cyber-dependent crime: DDoS attacks
The threat potential of DDoS attacks is higher than its current impact in the EU.
22 January 2021
|
Report
:
Internet Organised Crime Threat Assessment 2020
Child sexual exploitation online
The amount of online CSAM detected continues to increase, further exacerbated by the COVID-19 crisis, which has serious consequences for the capacity of law enforcement authorities. The use of encrypted chat apps and industry proposals to expand this market pose a substantial risk for abuse and make it more difficult for law enforcement to detect and investigate online CSE activities. Online offender communities exhibit considerable resilience and are continuously evolving. Livestreaming of child sexual abuse continues to increase and became even more prevalent during the COVID-19 crisis. The commercialisation of online CSE is becoming a more widespread issue, with individuals uploading material to hosting sites and subsequently acquiring credit on the basis of the number of downloads.
22 January 2021
|
Report
:
Internet Organised Crime Threat Assessment 2020
Payment fraud: SIM swapping
SIM swapping is a key trend that allows perpetrators to take over accounts and has demonstrated a steep rise over the last year.
22 January 2021
|
Report
:
Internet Organised Crime Threat Assessment 2020
Payment fraud: BEC
BEC remains an area of concern as it has increased, grown in sophistication, and become more targeted.
22 January 2021
|
Report
:
Internet Organised Crime Threat Assessment 2020
Payment fraud: online investment fraud
Online investment fraud is one of the fastest growing crimes, generating millions in losses and affecting thousands of victims.
22 January 2021
|
Report
:
Internet Organised Crime Threat Assessment 2020
Payment fraud: card-not-present (CNP) fraud
Card-not-present (CNP) fraud continues to increase as criminals diversify in terms of target sectors and electronic skimming (e-skimming) modi operandi.
22 January 2021
|
Report
:
Internet Organised Crime Threat Assessment 2020
The criminal abuse of the Darkweb: the Darkweb environment has remained volatile
The Darkweb environment has remained volatile, lifecycles of Darkweb market places have shortened, and no clear dominant market has risen over the past year compared to previous years to fill the vacuum left by the takedowns in 2019.
The nature of the Darkweb community at administrator-level shows how adaptive it is under challenging times, including more effective cooperation in the search for better security solutions and safe Darkweb interaction.
22 January 2021
|
Report
:
Internet Organised Crime Threat Assessment 2020
The criminal abuse of the Darkweb: Privacy-enhanced cryptocurrencies and privacy-enhanced coinjoin concepts
There has been an increase in the use of privacy-enhanced cryptocurrencies and an emergence of privacy-enhanced coinjoin concepts, such as Wasabi and Samurai.
22 January 2021
|
Report
:
Internet Organised Crime Threat Assessment 2020
The criminal abuse of the Darkweb: surface web e-commerce sites and encrypted communication platforms
Surface web e-commerce sites and encrypted communication platforms offer an additional dimension to Darkweb trading to enhance the overall business model.
22 January 2021
|
Report
:
Internet Organised Crime Threat Assessment 2020
Key transformative technology that will contribute to the changing dynamics of cyberspace: Ubiquitous connectivity
Devices, networks and services are increasingly hyperconnected and interdependent, operating on sophisticated shared infrastructures. Factors such as the speed, reliability, low latency, agility and intelligence of communications architectures are leading to significant changes in the way in which they are used and relied upon pervasively throughout our environments.
Systemic risks related to this development:
-Scale and criticality: The sheer scale of the connected ecosystem means that the potential attack surface is expanding rapidly. As previously unconnected systems become connected to each other and to the internet, there is an increased risk to the confidentiality, integrity and availability of digital assets – whether it’s data, information, algorithms or digital services. The potential implications in terms of compromise for industry and society are becoming more severe.
-Interdependency: A range of new entangled relationships between actors in the digital ecosystem is evolving. The emergence
of new products and growth of new service-based models is creating complex interdependencies between organizations, supply chains, sectors and individuals. This interdependency creates a risk of unforeseen cascade effects: Incidents occurring in one part of the ecosystem could harm those actors and systems dependent on it. Imbalance in perceptions of risk could lead to situations where high-value business., assets are connected to third-party systems whose owners assess them to be low risk and that therefore do not have the appropriate levels of protection. A failure to maintain the visibility and assign the accountability that is needed to assure end-to-end processes across multiple parts of the ecosystem could lead to gaps in security and heightened risk.
-Shared resources: Many entities are sharing a growing dependence on a concentrated underpinning infrastructure and set of shared services, including cloud, internet service providers, hardware, software and the equipment supply chain. This creates an attack
surface of high-value shared resources with a high probability of attack, and the potential for compromise to have severe and systemic
impacts. The homogeneity of the shared technology infrastructure that results from its being delivered by a small pool of providers may result in systemic risk, as the exploitation of a vulnerability found in a widely used resource could affect vast swathes of the ecosystem. Similarly, there is a risk of collateral damage occurring as a result of targeted attacks against a single client via this shared infrastructure. Identifying the critical shared resources, who owns them and their key dependencies is a complex task.
22 January 2021
|
Report
:
Cybersecurity, emerging technology and systemic risk
Key transformative technology that will contribute to the changing dynamics of cyberspace: Quantum
Quantum computers will demonstrate an advantage over classical computers in solving a range of computational and modelling problems (although predictions of the timelines on which this will happen vary). Some problems may become tractable for the first time, enabling new functionalities and presenting new risks to conventional security measures.
Risks:
Disrupting cryptographic infrastructures:
The principal cybersecurity risk is posed by the impact quantum computing will have on currently widely adopted asymmetric cryptography. A sufficiently powerful and error-corrected quantum computer would solve some of the classical mathematical problems on the intractability of which many of these cryptography methods rely. It would therefore have the potential to break the cryptographic security on which enterprises and the wider digital economy rely.
‘Download now, decrypt later’:
The potential future quantum threat to cryptography is relevant to the risk decisions being made today. There is a “download now, decrypt later” risk for datasets with extended periods of sensitivity: data that exists now could be harvested by adversaries for decryption in the future.
Novel and secondary security risks arising from broader economic and industrial transformation:
As organizations face a need to outsource quantum computations on their most valuable IP to third- party services, they could face risks of adversarial interference. There is also a risk that unintended functionalities arising from quantum algorithms. There are also several shared infrastructures that depend on the collective application of quantum-vulnerable cryptography. This includes the interconnected systems and interdependent business models of the industrial internet of things (IIoT), and the distributed-ledger technologies being rolled out across a range of industrial applications. In many cases, “ownership” of these shared infrastructures is highly distributed, and it is not necessarily clear who is responsible for ensuring that they are made quantum-safe.
Geopolitical risk and equitable access:
The potential concentration of the first sovereign quantum capabilities (technologies and experts) in a small number of advanced nations has geopolitical implications. As with all new technologies that raise the bar in terms of competitiveness, there is a global risk that competition and protectionism will interfere with international collaboration and equitable access. This could act as a major barrier to unlocking the full potential economic and societal benefits of quantum technology to the wider economy, and widen asymmetries in terms of security and industrial capability. If equitable access to the technologies is not ensured, nations that have sovereign quantum capabilities may use them to create a strategic advantage, while other nations fall into “quantum poverty”.
22 January 2021
|
Report
:
Cybersecurity, emerging technology and systemic risk
Key transformative technology that will contribute to the changing dynamics of cyberspace: identity and access management
Emerging next-generation approaches to identity and access management will enable new services, applications and operating models, with efficiency and low friction that can support the fast speed and large scale of the emerging cyberspace.
The risks to the security of emerging identity systems can be considered in terms of their confidentiality, integrity and availability.
• There will be a major confidentiality risk to the large amounts of personal information managed by identity systems (including personally identifiable information [PII], and biometric, behavioural and locational data). Minimizing the risk to this data will be critical.
• There is a risk that the integrity of the identity ecosystem will be subverted, reducing the confidence of participants in it. For participating actors, there are challenges to establishing the integrity of the components they depend on (particularly in cases where there is a trust deficit), and establishing their competence in protecting their part of the ecosystem against abuse.
• There is an availability risk: that attackers will attempt to prevent access to or use of identity infrastructure. If the infrastructure does not have the necessary resilience and fallback modes, then attacks on the availability of systems on which services depend critically could have grave consequences. Achieving resilience will be particularly challenging in those elements of society where infrastructure (both technical and governance) is weak.
22 January 2021
|
Report
:
Cybersecurity, emerging technology and systemic risk
Opportunities for safety from emerging technologies
Advances in robotics are creating opportunities to remove humans from hazardous environments (e.g. in manufacturing) and to remove human error from safety-critical decisions. Advances in sensing and analytics could help predict natural disasters.
22 January 2021
|
Report
:
Cybersecurity, emerging technology and systemic risk
Hidden cyber-resilience deficit
It is a fact that even today many organizations can find themselves unknowingly dependent on components of the ecosystem due to a lack of transparency downstream and upstream in supply chains. Without intervention, this may simply grow in complexity: Dependencies will become increasingly unmanageable and opaque as the ecosystem becomes more entangled. This means that it will not be possible to account for the aggregation of cyber risk, and where there is a lack of resilience within organizations, we may be developing a growing and hidden cyber-resilience deficit.
22 January 2021
|
Report
:
Cybersecurity, emerging technology and systemic risk
Widening cybersecurity skills gap
There is already a global capacity shortage in cybersecurity (both specialists and across the wider workforce), and as new technologies emerge, the existing skills gap in delivering cybersecurity is likely to grow. Unless education and training are accelerated significantly, the workforce will not have the necessary cybersecurity capacity and mindset. A lack of cyber literacy among leaders and innovators will prevent appreciation of the risks to organizations and the ecosystem, and prevent the necessary investments being made for cyber resilience.
22 January 2021
|
Report
:
Cybersecurity, emerging technology and systemic risk
Fragmentation of technical and policy approaches
Emerging technologies are driving an increasing interdependence and entanglement at a time when global governance of cyberspace is weak. Many of the relevant technical standards and governance principles are divided into jurisdictional and sectoral siloes. There is a risk of further divergence at the public policy level; geopolitical divergence and protectionist stances make this difficult to reconcile. A lack of interoperability at a governance level could lead to: a failure to realize the potential value of a secure global digital ecosystem: incompatible security-compliance requirements; and suboptimal (and thus costly) security in parts of the ecosystem.
22 January 2021
|
Report
:
Cybersecurity, emerging technology and systemic risk
Existing operational-security capabilities and technologies not fit for purpose
Mitigating threats and responding to incidents individually and collaboratively will require new approaches. Existing operational capabilities are not sufficient technically to address new technologies and data formats and will not deliver the pace and scale
of collaborative operations (including information sharing, collective response, and detection, disruption and deterrence of cybercrime) that will be needed to address the emerging risks. There is a need to increase the level of automation within cyber-defence capabilities, ensure that the cybersecurity tools developed can interoperate effectively, and support enriched intelligence sharing at the pace necessary to address emerging threats.
22 January 2021
|
Report
:
Cybersecurity, emerging technology and systemic risk
Underinvestment in support (knowledge, guidance, research investment) and incentives (market forces, regulation) for developing emerging technologies securely
Security is not being considered an integral component of technology innovations. This means it is likely that technologies will be developed with little or no consideration for malicious threats, as has happened in the past. Without the right incentives to prevent this, there is a risk of insufficient security functionality and later costly retrofit. Further, the complexity of supply chains and systems may mean that innovators will make false assumptions about the security inherent in the systems upon which their solutions are layered, causing hidden risk. This hidden risk may also manifest where organizations exploit machine learning without an ability to determine the integrity of and absence of bias in the algorithms.
22 January 2021
|
Report
:
Cybersecurity, emerging technology and systemic risk
Ambiguous accountability
While shared dependence widens the pool of actors affected by the resilience of a part of the ecosystem, it can also create ambiguity in the accountability for ensuring this resilience. Complexity and entanglement are exacerbating a lack of clarity about accountability and where the liability lies for assuring end-to-end services and shared critical infrastructures. Risk transfer (e.g. via contracts or via tech E&O [errors and omissions] insurance) cannot cover the full scope of sideways exposure.
22 January 2021
|
Report
:
Cybersecurity, emerging technology and systemic risk
Key transformative technology that will contribute to the changing dynamics of cyberspace: Artificial intelligence/advanced machine learning
As it becomes possible to automate increasingly sophisticated calculations, activities can be carried out in cyberspace faster and on a larger scale – and most importantly, using huge datasets for training. The ability to aggregate and process such data will lead to huge increases in the predictive powers of algorithms. Substantial investments are being made in AI research and development globally, in particular using machine learning techniques. Global spending on AI was estimated to be $37.5 billion in 2019, and is forecast to reach $97.9 billion in 2023,35 with China and the US dominating global AI funding.36 The emerging technologies are capable of faster, more precise analytics and decision-making, and of deriving insights from big data, outperforming traditional digital approaches and some aspects of human capabilities in diverse fields such as transport, manufacturing, finance, commerce and healthcare. Large corporations in every industry are seeking to create value by taking advantage of new means of data exploitation, business-process improvements (e.g. in sales, production and supply-chain management), cost-efficiency gains and the ability to enhance customer experiences.37 It is anticipated that within the next 5–10 years, AI systems will play an increasingly critical and unsupervised role within organizations, including the use of robotics in physical manufacturing tasks, for example.
22 January 2021
|
Report
:
Cybersecurity, emerging technology and systemic risk
Actors and their roles differ per phase in Smart City initiatives
On average fewer actors are involved in the implementation phase (average 7) than in the innovation phase (average 13) of Smart City initiatives. In addition, the diversity in the types of actors involved also decreases in the implementation phase, as for example citizens and knowledge institutes are no longer involved. In the innovation phase, a relatively large number of roles are divided among several parties. In the implementation phase however, this is no longer the case. local and national public parties (mainly municipalities and the police) have many roles in both phases, divided over departments within these organizations.
20 May 2021
|
Report
:
Van Innovatie Naar Implementatie In Smart Cities: Aanbevelingen Voor Succes
Growing use of algorithms in making employment decisions by private companies
In several EU countries the recruitment processes are becoming automated. Algorithmic indication is behind the pre-selecting, rejecting of employees and behind the potential termination of their contracts.
29 May 2021
|
Report
:
Algorithmic discrimination in Europe
The involvement of human beings bears risk in relation to algorithmic decision making
The involvement of human beings bears risk in relation to algorithmic decision making, especially from a perspective of equality and non-discrimination. Human reasoning is flawed and includes bias, logical errors and fallacies. These human shortcomings can become encoded within the algorithms.
29 May 2021
|
Report
:
Algorithmic discrimination in Europe
Cognitive biases are at play when humans are assisted by algorithms
Humans involved in decision making seem to blindly trust the outcomes of an algorithm. This is called 'automation bias' and can lead to error as humans aren't critical of the machine output.
29 May 2021
|
Report
:
Algorithmic discrimination in Europe
Data problems are very likely to occur in the planning and development stage of algorithms
There are several problems that can occur in the planning and development phase of an algorithm. First, an algorithmic system may be fed with incorrect information. Another inaccuracy is that the training data is unrepresentative of the general population. And finally, if a self-learning algorithm is fed with unbalanced or biased data the output will be equally unbalanced and biased. Because of the human factors present, these data problems are likely to occur in the planning and development stage.
29 May 2021
|
Report
:
Algorithmic discrimination in Europe
Algorithms may reproduce and strengthen existing patterns of inequality by reifying discriminatory correlations
Algorithms today can be used for pattern recognition. They are often very good at detecting correlations and patterns between data points in large volumes of data. However, as correlation doesn't necessarily equal causation, this can pose a challenge, the correlation challenge. This challenge is worsened by the fact that algorithms are excellent at detecting proxies within data. Due to the prevalence of proxies there might still be some space for indirect discrimination, even when omitting personal details such as gender or race. This is called the proxy challenge.
29 May 2021
|
Report
:
Algorithmic discrimination in Europe
Complexity of algorithms poses a problem for human decision makers
Algorithms can be opaque and hard to explain to non-experts or even experts themselves. A lack of transparency and the difficulty of explaining how the algorithm works makes it hard for human decision makers to identify flaws, biases or ill-qualified correlations that might be a part of the algorithmic process and can thus influence output. This opacity makes discrimination and bias difficult to bring to light.
29 May 2021
|
Report
:
Algorithmic discrimination in Europe
Algorithms allow for high-speed and automated decision making on a very large scale
The speed at which algorithms can make decisions can enable extensive decision making in the public sector. In the private sector these algorithms are also increasingly used to automate the decision making processes. This innovation in scale and speed poses a new challenge from a perspective of non-discrimination as bias and other flaws can influence the design, development and use of algorithms.
29 May 2021
|
Report
:
Algorithmic discrimination in Europe
Due to plurality of actors involved in the design and use of algorithms, responsibility is a challenge
There are a wide range of actors involved in the design and implementation of algorithms. This might make it difficult for the victims of discrimination or for supervisory/monitoring bodies to know whom to hold responsible, liable/accountable for discriminatory outcomes.
29 May 2021
|
Report
:
Algorithmic discrimination in Europe
The lack of specifications on human involvement in the General Data Protection Regulation is problematic when taking into account algorithmic bias
The General Data Protection Regulation (GDPR) sees the presence of a human in the algorithmic loop as a form of preventive safeguard (Recital 71). However, the form of human supervision involved is not mentioned. This forms a problem in view of the existence of automation biases where human flaws can become (unintentionally) encoded within the algorithms used in systems.
29 May 2021
|
Report
:
Algorithmic discrimination in Europe
Media has reported an increasing number of cases of discrimination by algorithms
The media has reported an increasing number of cases involving discrimination by algorithmic application over recent years. A lot of examples of algorithmic discrimination have been noted in relation to protected grounds, such gender (Apple Card algorithm, Amazon's hiring prototype) or race.
30 May 2021
|
Report
:
Algorithmic discrimination in Europe
The increasing use of algorithms in human resource recruitment processes means that algorithmic discrimination could present a risk for the labour market
If algorithms that are trained on past data about promotions and recruitment are not corrected before they are deployed, they will reproduce the current (discriminatory) status quo. This means legally protected groups are still being disadvantaged.
30 May 2021
|
Report
:
Algorithmic discrimination in Europe
The use of algorithmic profiling and targeting in job-related advertising might reinforce existing patterns of discrimination in the labour market
An empirical study showed that job-related ads distributed on Facebook with a neutral distribution ended up targeting specific groups for specific jobs (example: audience for a cashier position in a supermarket reached an audience of 85% women). The lack of, or reduced, advertising of given jobs to a protected group can be considered discriminatory if the effects of this process undermine the objective of EU law (in term of guaranteeing equal access to the labour market).
30 May 2021
|
Report
:
Algorithmic discrimination in Europe
The algorithmic decision-making chain is complicated when discrimination arises from technology that combines algorithms and enabling technologies
The fragmented algorithmic decision-making chain is further complicated when discrimination arises from a technology that integrates multiple algorithms and combines them with enabling technologies, for example Internet of Things. AI applications are often complex and are made up of various algorithmic and data-generating components. This creates risks and problems. If one system fails, this may cause other systems to fail as well. The interconnected nature of technologies and the fragmented nature of decision-making processes cause an increase in the actors involved, making the distribution of responsibility and liability even vaguer.
4 June 2021
|
Report
:
Algorithmic discrimination in Europe
Algorithms are actively used in many private sectors all over Europe
Algorithms are actively used in many private sectors all over Europe. The purposes of algorithms are more varied in the private sector than in the public sector. Algorithms are used in the private sector for employment and platform work as they can be convenient in making employment decisions. Predictive algorithms can also be useful in making creditworthiness assessments and identifying risk groups, meaning algorithms are used within banking and insurance. The use of algorithmic application has also become increasingly popular in the sectors of retail and advertising.
4 June 2021
|
Report
:
Algorithmic discrimination in Europe
Difficulties in detecting and identifying algorithmic discrimination on national level
It's not always obvious that an algorithm is discriminatory or that is generates any discriminatory effects.
4 June 2021
|
Report
:
Algorithmic discrimination in Europe
In several countries relevant legislation has been adopted for specific algorithmic applications
In several countries legislation has been put in order to deal with specific algorithmic applications. This legislation does not focus on equality. and non-discrimination or provide protection against algorithmic discrimination, but such legislation is used to make sure that AI and algorithms are designed with certain ethical principles in mind.
4 June 2021
|
Report
:
Algorithmic discrimination in Europe
New technologies have potential applications in counterterrorism
TNO has identified eight technologies with potential applications in counter terrorism.
Behavioral analysis, behavioral influence technologies, physical security technologies, integrated sensor technologies, cyber technologies, data technologies, decision support and coordination technologies and finally learning and anticipation technologies.
These technologies have a potential impact on the capabilities of organizations to counter terrorism in the broadest sense, from preventing and protecting from terrorism to reacting, capturing and restoring from terrorism.
14 April 2021
|
Report
:
Technologie Voor Terrorisme Bestrijding
Growing world market for Intruder Alarm/Perimeter Protection (IA/PP) products
The world market for IA/PP products reached $6.98Bn in 2019 and will grow to $8.83Bn in 2024 at a CAGR of approximately 4.8%, the highest growth we have recorded in the last 11 years. Perimeter security has become a much more important issue in critical infrastructures such as utilities, transportation, government and defense establishments because of the increasing number of threats, which could disrupt operations and lead to huge losses across the whole economy. Demand for IA/PP systems has grown at a faster pace through the integration with Video Surveillance and Access Control. Demand for intruder sensors and alarm products being the staple products of this business have had only a marginal impact on growth in demand. IA/PP is now pushing forward by applying and connecting; radar, thermal / multi-sensor cameras, advanced sensor technologies, wireless technology and also deeper integration with video surveillance & access control. The main driver for growth in the next five years will be the increase in investment in industrial complexes particularly in Asia and the BRIC countries and advances in sensor technologies microwave, active infrared, passive infrared, fiber optics and acoustic sensors. These sensors usually cover large areas and offer volumetric protection by detecting the motion of the intruder within the protected space.
12 May 2021
|
External
:
Major Trends in the Intruder/Perimeter Protection Market 2020
NIS-2 shows: chain and network dependencies are increasingly important in risk management
It has become clear that the protection and security of network- and information systems are extremely network dependent. There are certain risks attached to being involved in an ecosystem and being dependent on chains for important processes. In the EU NIS-2 Regulation, more and more sectors are being designated as vital, so that those organisations and sectors will have to take more steps to ensure the safety of their network- and information systems.
10 November 2022
|
Report
:
NCSC Onderzoeksagenda 2023 - 2026
The Difficulty of Security by Design & Future Internet
The technical foundation of the internet has changed throughout the years. Due to large-scale use it is impossible to make fundamental changes.This makes it really difficult to implement security by design on the internet. Various initiatives exist to develop an alternative Future Internet. This is something that the NCSC wants to research and explore its role in.
11 November 2022
|
Report
:
NCSC Onderzoeksagenda 2023 - 2026
Technology and cybersecurity
Engineering and technology in cybersecurity plays a dual role: on the one hand, this is the level on which threats are concretely manifested. On the other hand, it is a tool to ensure security. This is shown in three ways:
1) Information surrounding vulnerabilities. Experience shows that it is important to collect and understand threat intelligence, but also to exchange it. Various parts of this process are being automated. but human input remains necessary to interpret the information and to make sure it gets to the right person. Therefore, research needs to be carried that takes into account technology, and organizational and human factors of cybersecurity.
2) The impact of encryption. Encryption is a tool to improve integrity and confidentiality. It offers possibilities to shield data, which can be used in a positive and negative manner. The ongoing developments of the quantum computer make it necessary to use new ways of encryption. The NCSC aims to contribute to the discussion on such new methods of, for example, post-quantum encryption.
3) The foundation of the internet. The foundation of the internet is slowly becoming more robust and secure. Examples include additions to DNS and improvements to routing the internet (BGP). The NCSC wants to contribute to research by discussing best practices and set the discussion for standards.
11 November 2022
|
Report
:
NCSC Onderzoeksagenda 2023 - 2026
A strict national and international approach to cybercriminals, whereby cybercrime will be less lucrative
The government, together with the business community, has a view
on the digital threat from home and abroad. The Netherlands is above all capable of limiting digital attacks by state and non-state actors through the deployment of broad attribution and response mechanisms, preferably in cooperation and coalitions with EU and NATO partners and other like-minded countries.
11 January 2023
|
Report
:
Nederlandse Cybersecuritystrategie 2022-2028
Development of the national covering system
The purpose of the system is
enabling organizations (public and private) to build their resilience
level and thus their effectiveness
increase through information about cybersecurity
widely, efficiently and effectively
11 January 2023
|
Report
:
Nederlandse Cybersecuritystrategie 2022-2028
Cyber security requirements for a larger group of companies (NIB2)
Cyber incidents do not stop at national borders.
The EU is therefore also involved in strengthening the digital security and resilience within the Union.
11 January 2023
|
Report
:
Nederlandse Cybersecuritystrategie 2022-2028
Organizations respond, recover and learn quickly on and from cyber incidents and crises.
For a response to a national cyber crisis, a
efficient cooperation between government organisations, industry, science and
social organizations of great importance ─
also across local, regional and national borders.
12 January 2023
|
Report
:
Nederlandse Cybersecuritystrategie 2022-2028
The Netherlands has a strong cybersecurity knowledge and innovation chain
To be able to take measures now and in the future
taking action against digital threats must involve the development and application of Dutch knowledge and expertise
in the field of cybersecurity are continuously strengthened.
12 January 2023
|
Report
:
Nederlandse Cybersecuritystrategie 2022-2028
The Netherlands has a grip on cybersecurity threats from states and criminals
In the coming years, the Dutch government will focus on reinforced
information exchange and increasing resilience, which contributes to limiting digital
threats.
12 January 2023
|
Report
:
Nederlandse Cybersecuritystrategie 2022-2028
States adhere to the normative framework for responsible state behavior in the digital space
Given the current geopolitical tensions,
cyber threats and attacks in the coming period
will only increase. The best way eliminate that threat is
to make the geopolitical arena more to our liking,
by promoting the international rule of law in the digital area.
12 January 2023
|
Report
:
Nederlandse Cybersecuritystrategie 2022-2028
It is necessary to make international agreements in order to counter the threat of destabilizing cyber attacks.
The need for stability has led to the
establishing of a normative framework for responsible state behavior in the digital
space, which the UN member states have reconfirmed by consensus in 2021.
12 January 2023
|
Report
:
Nederlandse Cybersecuritystrategie 2022-2028
Alert overload
Organisations worldwide use on average about 29 security monitoring software systems. This can result in an alert overload which causes security teams to wrongly prioritise and maintain cybersecurity risks
23 January 2023
|
Report
:
KPN Cyber Security Perspectives 2021
Citizens respond quickly and adequately to cyber incidents
It is important that citizens are enabled to respond quickly and effectively to digital threats, attacks and disruptions. This can be done by being informed at an early stage about current threats that are relevant to them and, in particular, about what they themselves can do to stay safe from them.
26 January 2023
|
Report
:
Nederlandse Cybersecuritystrategie 2022-2028
Governance, direction and cooperation
Within the cabinet, the ministers involved work closely together under the responsibility of the Minister of Justice and Security as the coordinating minister for cybersecurity.
26 January 2023
|
Report
:
Nederlandse Cybersecuritystrategie 2022-2028
Financial substantiation for digital resilience.
This government is investing an additional 111 million euros structurally in cybersecurity, the breakdown per department is shown below. These resources are part of a broader structural investment of 300 million that will strengthen the AIVD and MIVD, among other things, and investments will be made in the field of economic security and vital infrastructure.
26 January 2023
|
Report
:
Nederlandse Cybersecuritystrategie 2022-2028
Protect domains against email spoofing and phishing by implementing email authentication with SPF, DKIM and DMARC.
The NCSC advises organisations to protect their domains against email spoofing and phishing by implementing email authentication using SPF, DKIM and DMARC. SPF allows domain owners to specify which mail servers are authorised to send email on their behalf, DKIM allows them to digitally sign emails, and DMARC enables them to publish a policy on how receiving mail servers should handle emails that fail SPF or DKIM checks. For government organizstions, the use of these email authentication techniques is mandatory, while for other organisations it is strongly recommended as an effective way to combat email-based attacks. The implementation of email authentication is considered a best practice that has already been widely adopted.
3 April 2024
|
Report
:
Handreiking 'Bescherm domeinen tegen phishing'
Technologische ontwikkelingen zorgen voor betere beveiliging, maar ook meer kwetsbaarheden
Door technologische ontwikkelingen zoals AI en quantum computing, kunnen de Nederlandse maatschappij en economie beter worden beveiligd. Het zorgt echter ook voor een toenemende mate van afhankelijkheid van digitale processen, wat leidt tot kwetsbaarheid voor cyberincidenten en -aanvallen. Het is daarom van cruciaal belang om effectieve cybersecuritymaatregelen te ontwikkelen en daarmee de scheefgroei tussen dreiging en weerbaarheid te verminderen.
17 September 2024
|
Report
:
Agenda Cybersecurity Technologies
De digitale dreiging voor de Nederlandse samenleving neemt sterk toe
De digitale dreiging voor de Nederlandse samenleving groeit door toenemende cyberaanvallen van statelijke actoren die inzetten op beïnvloeding, espionage, verstoring en sabotage. Sectoren zoals de gezondheidszorg, hightech, energievoorziening, vervoer en defensie lopen ernstige risico’s.
17 September 2024
|
Report
:
Agenda Cybersecurity Technologies
Smart City initiatives rarely formulate concrete criteria for success
A recent report shows that Smart City initiatives rarely formulate concrete criteria for success. This is attributed to the difficulty of measuring the impact of the initiative on the level of urban security. Nevertheless, several initiatives still regard it as important to formulate criteria but caution to not get too hung up on formal measurements. The level of satisfaction from stakeholders is often chosen as a good alternative.
24 August 2021
|
News
:
Critical Success Factors for Smart Safety & Security Initiatives
Physical safety feeling decreases, but people do feel safe digitally
Ten years ago, 33% of the Dutch sometimes felt unsafe. Now that is 45%. The Dutch have started to feel somewhat less safe in the past 10 years. Online people do feel safe. The Dutch are increasingly aware of their own responsibility in online security, and they take it too. Almost half of the people are even willing to sacrifice privacy if it benefits the fight against crime. We are concerned about the influence of social media on the information we read, for example regarding the elections.
20 January 2021
|
Report
:
Trends in Veiligheid 2020
Quantum computers: a major breach of confidentiality
The quantum computer is a new type of computer that is going to change the world. Its unparalleled computing power offers all kinds of new possibilities. Quantum computers can perform certain types of calculations much faster than the computers we know today.
• This computing power can be used to crack certain types of encryption.
• Measures must already be taken now for data that must be protected for a long time.
• Conduct an impact analysis to determine which measures your organization should take.
20 January 2021
|
Report
:
Trends in Veiligheid 2020
Digital resilience and decentralization require citizen participation and support
• There are many innovations that can be used in the interest of digital resilience, but we must not forget what this security is for.
• The Digiwacht are volunteers who guarantee local digital resilience.
• A municipal cybersheriff, elected by citizens to ensure their digital resilience.
• National artificial intelligence to protect the digital Netherlands, trained throughout the Netherlands.
20 January 2021
|
Report
:
Trends in Veiligheid 2020
We must ensure that the Netherlands is well prepared for socially disruptive cyber incidents:
• The biggest threats are espionage, disruption and sabotage.
• The government does not have sufficient resources to deal with an incident adequately.
• Increasing digitization and geopolitical tensions are causing an increase in the scale, spread and impact of cyber incidents.
• Improvisation based on mandate and cooperation prevails.
• By practicing and experiencing a simulated cyber incident, we work on better preparation.
20 January 2021
|
Report
:
Trends in Veiligheid 2020
Armament against advanced cybercrime
• Fighting cybercrime requires an offensive security strategy.
• Detection of cyber criminals' communications is the key to cybercrime prevention and detection.
• Resilience to cybercrime requires concrete observation
and attack simulations.
20 January 2021
|
Report
:
Trends in Veiligheid 2020
There is a continuing strong relationship between executives and security professionals
Over the years in our survey, we’ve measured four critical practices for fostering a mutually beneficial relationship between executives and the security organization . This exercise evaluates top-down security buy-in, where we’ve found a slight downward trend from last year . Looking at these results:
• Eighty nine percent of respondents said that their executive leadership still considers security a high priority; however, this is down slightly (7%) across the preceding four years.
• The percentage of organizations who have clarified the security roles and responsibilities within the executive team has fluctuated over the past few years – landing at 89% this year. Considering cybersecurity’s growing visibility and the dire need for security leaders at top levels, clarifying roles and responsibilities needs to remain high.
• The incorporation of cyber risk assessments into overall risk assessment processes is down by 5% from last year, but is still high with 91% of respondents saying they use them.
• Although down by 6% from last year, executive teams establishing clear metrics for assessing the effectiveness of security programs is still rather high with 90% of our respondents doing so.
Over four years, these responses are slightly down, which may indicate: 1) that the scope of security responsibility is changing, 2) that communication with the executive team isn’t as clear as it used to be, 3) that executive management has other business priorities, or 4) that CISOs and executives are re-evaluating their metrics.
And although these numbers are down, they are still very high . Perhaps this is because security has now become operationalized, but requires a greater voice at the executive table. The fact that the numbers are still very high indicates a continuing strong relationship between executives and security professionals.
22 January 2021
|
Report
:
Securing What's Now and What's Next
time-to-detect and time-to remediate are important metrics for assessing the effectiveness of an organization's security program
90% agreed their organization’s executives had established clear metrics for assessing the effectiveness of their security program. IT decision-makers responding to our survey rated time-to-detect highest as a key performance indicator (KPI). Establishing clear metrics is an integral activity for a security framework, and it isn't an easy task to agree across multiple executives and security teams how to measure operational improvement and security outcomes .
IT decision-makers responding to our survey rated time-to-detect highest as a key performance indicator (KPI). However, when you’re reporting to the C-suite or board of directors, time-to-remediate ranks just as important, as it represents an aggregate of total impact that may include: system downtime, records affected, cost of investigation, lost revenue, lost customers, lost opportunities, and out-of-pocket costs. It can also be a proxy metric for the overall effectiveness of the IT organization, as remediation can require a lot of collaborative work across departments .
22 January 2021
|
Report
:
Securing What's Now and What's Next
the best way to allocate security spend is through outcome-based objectives and metrics
Sixty one percent are using this planning method, a 10% increase from the previous year and an encouraging trend. ‘Percent of revenue’ and ‘outsourcing costs’ were the least used factors to determine security budgets. Fifty-four percent base spending on the previous years’ budget. Although this may not seem like a precise way to quantify security costs – especially when the average cost of a data breach globally ($3 .92M) is rarely factored in – if your budget is flat year over year or you have predictable SaaS subscriptions, your forecasted budget will probably see very little change .
22 January 2021
|
Report
:
Securing What's Now and What's Next
Organizations are spending more on prevention versus being reactive in their cybersecurity posture
In exploring how security budgets are spent, we surveyed our respondents on five categories (Identify, Protect, Detect, Respond, and Recover) that describe the lifecycle of cybersecurity defense and breach management:
• The category Identify saw a rise in expenditures from 21% to 27% from 2019 to 2020
• Protect and Detect remained basically the same at 25% and 18% respectively
• Spending in the Respond and Recover categories declined somewhat in the same timeframe to 15% and 14% respectively
Enterprises are always trying to find the right balance between being proactive and being responsive and resilient, and that pendulum swings back and forth every year. Last year, organizations may have been concentrating their efforts on the basics (asset inventory, discovery, etc.). And theoretically, if you spend right on Identify, Protect and Detect up front, you shouldn't need to spend as much on Respond and Recover, as they aren’t needed as often.
22 January 2021
|
Report
:
Securing What's Now and What's Next
The business impacts of security breaches
Organizations having more than 100,000 records impacted from their most severe data breach rose from 15% last year to beyond 19% this year.
Large enterprises (10K or more employees) are more likely to have less downtime (0-4 hours), as they will likely have more resources available to help respond and recover . Small to mid-sized organizations dominated the 5-16 hour recovery timespan, and catastrophic downtimes of 17-48 hours were similarly low for organizations of all sizes.
The most impacted business areas were operations and brand reputation.
the number of respondents experiencing a hit to brand reputation from major breaches has risen from 26% to 33% in three years. With the impact to the overall brand on the rise, it’s crucial to include crisis communications planning into your overall incidence response plan.
22 January 2021
|
Report
:
Securing What's Now and What's Next
At 61%, the percentage of survey respondents reporting that they voluntarily disclosed a breach last year is at the highest level in the previous four years
This shows that, overall, organizations are proactively reporting breaches, perhaps as a result of new legislation – or maybe from increased social consciousness and a desire to maintain customer trust.
The upside to this is that more than double the number of organizations that experienced a breach that lasted over 17 hours disclosed the breach voluntarily versus those that disclosed the breach involuntarily or due to reporting requirements.
More than half of all breaches (51%) put organizations on the defensive, having
to manage the public scrutiny that comes with a breach. But while governmental reporting requirements have increased, involuntary disclosure remains largely the same at just over a quarter (27%) of breaches. And 61% of respondents are now finding that their credibility rises when they voluntarily disclose a major breach, thus preserving their brand reputation.
22 January 2021
|
Report
:
Securing What's Now and What's Next
Outsourcing of security has increased significantly
Compared to last year’s report, outsourcing has increased significantly, possibly indicating a historical trend as vendor landscapes become so complex to manage in-house. Interestingly, organizations reported that they’re expecting their outsourcing to decrease in the future.
Our respondents are outsourcing for a variety of core reasons, and it’s not only cost. Cost efficiency is marginally ahead as the number one reason at 55%. However, it's quickly followed by security teams that want more timely responses to incidents (53%).
We found that 34% of you are outsourcing incident response services, and 36% are using external/third-party services to analyze compromised systems, which has risen from last year. Using an incident response service has become an efficient approach for protecting assets, mitigating risk, and maintaining compliance. It can help your organization protect against the unknown by having proactive planning and expertise to coordinate and carry out a response.
22 January 2021
|
Report
:
Securing What's Now and What's Next
Patching is critical in breach defense, as 46% of organizations (up from 30% in last year’s report) had an incident caused by an unpatched vulnerability
In addition, those that had a major breach due to an unpatched vulnerability last year experienced higher levels of data loss. For example, 68% of organizations breached from an unpatched vulnerability suffered losses of 10,000 data records or more last year. For those who said they suffered a breach from other causes, only 41% lost 10,000 or more records in the same timeframe.
It’s well known that patching can be difficult and cause disruptions. However, these results show that there is a tangible ROI in implementing a minimum baseline policy for the most recently released patches. Organizations should maintain an up-to- date inventory of all devices in their environment and perform a risk analysis for any missing patches. Then, create a change management process to enforce version control and documentation.
22 January 2021
|
Report
:
Securing What's Now and What's Next
The most common causes of downtime are malware and malicious spam
Interestingly, the third cause diverges depending on the length of downtime . For breaches with downtime between 0-4 hours, phishing is the third most common cause . For downtime between 4-24 hours, it’s spyware. For anything over 24 hours, it’s ransomware. Significantly, ransomware doesn’t discriminate; it was the most destructive threat for both small and enterprise organizations in terms of downtime. The large amounts of resultant downtime may be due to the depth of investigation needed to assess the damage, attempt to restore backups, and fix the entry vectors.
22 January 2021
|
Report
:
Securing What's Now and What's Next
More than half (52%) told us that mobile devices are now very or extremely challenging to defend
They’ve overtaken user behavior, which was the biggest challenge from last year’s report .
With a zero-trust framework, you can identify and verify every person and device trying to access your infrastructure. Zero trust is a pragmatic and future-proof framework that can help bring effective security across your architecture – spanning the workforce, workload, and workplace.
A zero-trust framework achieves these three success metrics, among others:
• The user is known and authenticated
• The device is checked and found to be adequate
• The user is limited to where they can go within your environment
Having zero trust in place removes much of the guesswork in protecting your infrastructure from all potential threats, including mobile devices.
22 January 2021
|
Report
:
Securing What's Now and What's Next
Only 27% of organizations are currently using multi-factor authentication (MFA)
This number is low for such a valuable zero-trust technology. Survey respondents from the following countries showed the highest adoption rates of MFA in this order: USA, China, Italy, India, Germany, and the UK. The industries with the highest adoption rates (in this order) are software development, financial services, government, retail, manufacturing, and telecommunications.
22 January 2021
|
Report
:
Securing What's Now and What's Next
Private cloud infrastructure is a top security challenge for organizations
Private cloud infrastructure is a top security challenge for organizations. (Fifty percent of organizations find it very or extremely difficult to defend).
22 January 2021
|
Report
:
Securing What's Now and What's Next
In 2020, we continued to see more than 83% of organizations managing more than 20% of their IT infrastructure in the cloud (whether internally or externally)
Through our research, we’ve found that increased effectiveness, efficiency, and visibility are some of the main drivers for organizations to move their security (88%) and infrastructure (89%) to the cloud. And it’s not surprising to see that 86% say utilizing cloud security has increased visibility into their networks.
22 January 2021
|
Report
:
Securing What's Now and What's Next
The overwhelming number of security alerts is having an impact on cybersecurity fatigue
Of those who say they are suffering from cyber fatigue, 93% of them receive more than 5,000 alerts every day.
Defined as virtually giving up on proactively defending against malicious actors, 42% of respondents are suffering from cybersecurity fatigue.
The overall number of daily alerts you are dealing with has increased over previous years. In 2017, 50% of organizations were receiving 5,000 or fewer daily alerts; now only 36% are in this category. And the amount of organizations who receive 100,000 or more daily alerts has grown from 11% in 2017 to 17% in 2020.
Perhaps because of this increase in volume and the processing resources needed, alert investigation is at its lowest level in over four years at just under 48%. (The number was 56% in 2017, and it’s been decreasing every year since.) The rate of legitimate incidents at 26% is consistent year-over-year and suggests that many investigations are turning up false positives.
On a positive note, the number of legitimate threats that are remediated has improved since last year’s report, and we’re now back to 2017 levels at 50%. However, this still means that half of all real incidents are being left unattended.
To deal with the increasing noise and volume of alerts, we advocate for an approach that has automation at its heart. Automation enables policies to be enforced more consistently, quickly, and efficiently. When a device is determined to be infected or vulnerable, it’s automatically quarantined or denied access with no action required from an administrator.
22 January 2021
|
Report
:
Securing What's Now and What's Next
Shift in focus towards industry
We have seen a shift in the hackers’ behaviour in the last six to 12 months as they focus more on industries such as energy and manufacturing. We believe there are three reasons for this. Firstly, reliance on automation (i.e. managed by computers). Secondly low maturity in cyber resilience (e.g. poor back-ups, limited disaster recovery planning or testing). Finally, low tolerance to what is often a high-impact outage. This offers rich pickings for ransomware attacks.
14 April 2021
|
Report
:
Evolved ransomware techniques
We are seeing hackers’ ransomware techniques evolve. Typically in larger attacks there are two distinct phases after the initial infection. The first phase is lateral movement. This is where attackers look for valuable assets (e.g. finance data) and assess the size of the target to set the ransom amount. The second phase is ransomware attack. This often happens at the weekend when there is less chance to react and when hackers can cause the most damage. There can typically be a period of one to three weeks between these two phases. Companies with good detection capabilities can stop the attack in this time and therefore suffer shorter outages, lower overall costs and less impact to business.
14 April 2021
|
Report
:
Two commonly seen types of ransomware attack
We commonly see two types of ransomware attack. The first is targeted attacks. These are focused on larger organisations (so called ‘big game ransomware’) where a hacker group will specifically target key individuals with highly personalised phishing scams. The second
is mass scanning. This is where hackers will look for key weaknesses in servers exposed on the internet (e.g. remote access and VPN servers). In these cases, the attacks are mostly indiscriminate, and the attackers will infect any company they find vulnerable.
14 April 2021
|
Report
:
Standalone cyber insurance
As a cyber insurer, it is only natural that we would promote standalone cyber insurance. But it is important to point out that standalone cyber insurance is dedicated to getting businesses back up and running quickly after a cyber attack. Cyber insurance provides a range of services like IT forensic response, crisis communication, legal advice and, if necessary, credit card monitoring. Coverage in other policies rarely provides all these specialised services, and, in some cases, may not respond at all.
14 April 2021
|
Report
:
The illegal use of grenades and explosives has increased in 2018 and 2019
Over the course of 2018 and 2019, the illegal use of grenades and explosives has increased. For example, grenades and explosives are dropped off in front of various buildings and objects, such as company buildings, residential houses and ATMs. Many of these incidents occur in and around the city of Amsterdam.
21 April 2021
|
Report
:
Trendbeeld 2020
More organisations are choosing to use Zero-Trust principles for securing their IT-infrastructure
More and more organisations are choosing to use Zero-Trust principles for securing their IT-infrastructure. Zero-Trust principles provide organisations with new possibilities to minimise (unknown) risks. With the number of malware and ransomware attacks increasing, a new vision on securing IT-infrastructures is necessary.
26 August 2021
|
Report
:
Factsheet 'Bereid u voor op Zero Trust'
Successful implementation of Zero Trust leads to minimal exposure of cyber attacks
When Zero Trust principles are implemented successfully into an IT-infrastructure this leads to minimal exposure of cyber attacks, a higher continuity of critical processes, an increased and cost-effective compliance and a 'future-proof' architecture.
26 August 2021
|
Report
:
Factsheet 'Bereid u voor op Zero Trust'
Ransomware negotiation economics; an increasingly relevant topic
Paying a ransom or negotiating with criminals is problematic to say the least. Still, a significant percentage of ransomware-affected businesses see no other option than to negotiate and in the end pay the ransom. But not much is known about the economic backgrounds of digital extortion and about the negotiation strategies in the case of digital extortion. That gap prompted the researchers to investigate negotiations that take place after the decision has been made to pay a ransom after a successful ransomware attack.
20 December 2021
|
Report
:
“We Wait, Because We Know You” Inside the Ransomware Negotiation Economics
Rogue In-Flight Data Load (RIDL)
Rogue In-flight Data Load (RIDL) is a new class of unprivileged speculative execution attacks to leak arbitrary data across address spaces and privilege boundaries (e.g., process, kernel, SGX, and even CPU-internal operations).
30 March 2021
|
Report
:
RIDL: Rogue In-Flight Data Load
Digital experience, analytics, and cloud as enabling technologies that have proven their value
Digital experience is one of the 9 macro technology forces and a pillar of innovation. Digital experience is an enabling technology that has proven its value. It continues to be a critical driver of enterprise transformation. 64% of participants in Deloitte's 2018 global CIO survey say digital technologies will affect their business in the next three years.
Analytics includes foundational capabilities and tools that generate powerful
insights. Data management, data governance, and supporting architecture are age- old problems that not only are critical building blocks for AI programs but are tactical concerns as organizations work in a dynamic and complex regulatory environment with mandates on data residency, privacy, and usage. CIOs understand what’s at stake: 60 percent of them say that data and analytics will affect their businesses in the next three years.
Cloud's takeover of the enterprise is nearly complete: 90% of organizations use cloud-based services. cloud investments are expected to double as a percentage of IT budget over the next three years.
17 May 2021
|
Report
:
Tech Trends 2020
Digital reality, cognitive technologies, and blockchain as disruptive technology
As the change agents of the coming decade, these newer trends may no longer be considered novel, but they’re on the cusp of becoming as familiar and significant as their predecessors.
- Digital reality technologies have the goal to promote more natural user engagement by seamlessly extending a human-centric experience beyond the confines of keyboards and screens. Commercial application is growing, for example: many companies are using digital reality technologies to deepen emotional connections and empathy among customers and employees.
- Cognitive technologies have the potential to transform nearly every industry. These technologies personalize and contextualize the human-technology interaction, allowing businesses to provide tailored language- and image-based information and services, with
minimal or no human involvement. Demand for these technologies is skyrocketing.
- Financial services and fintech companies continue to lead blockchain development, but other sectors are also advancing blockchain initiatives.
17 May 2021
|
Report
:
Tech Trends 2020
To carry the weight of technology driven transformation foundational technologies need to be stable, strong and sustainable
Three foundational technologies
- Business of technology:
- Risk
- Core modernization
The business of technology, risk, and core modernization are foundational technologies. To carry the weight of technology-driven transformation and innovation initiatives, they need to be stable, strong, and sustainable.
The business of technology, risk, and core modernization may seem prosaic and dull, but these forces are undeniably the heart of the business. And companies continue to make considerable investments and advances in these well-established domains. Combined, they provide a reliable, scalable foundation for digital transformation, innovation, and growth, and are a requirement for successful investments in analytics, cognitive, blockchain, and other disruptive technologies.
17 May 2021
|
Report
:
Tech Trends 2020
Emerging forces on the horizon: ambient experience, exponential intelligence, and quantum
Three technology developments and innovations—the horizon next—are waiting in the
wings. We will begin to feel their impact toward the end of the 2020s.
- Ambient experience: technology as part of the environment. As devices become seamless and ubiquitous, they and we are becoming increasingly inseparable.
- Exponential intelligence: will build on today's cognitive capabilities. Today, AI lacks the ability to recognize and respond to the nuances of human interaction and emotion. The future promises more.
-Quantum: harnesses the counterintuitive properties of subatomic particles to process information and perform new types of computation, communicate “unhackably,” miniaturize tech, and more
17 May 2021
|
Report
:
Tech Trends 2020
Earning trust in a time of constant tech disruption as a challenge and opportunity
With the advent of digital technology, businesses have been asking customers to trust them in new and deeper ways, from asking for personal information to tracking online behavior. In what is recognized as an emerging trend, some companies are approaching trust not as a compliance or public relations issue, but as a business-critical goal that must be pursued.
18 May 2021
|
Report
:
Tech Trends 2020
It and finance leaders work together to develop flexible approaches for funding innovation
An obstacle for innovation ambitions slowing innovation efforts is the sourcing and distribution of funds. IT's operations and development processes are becoming nimbler and product-focused while the finance function continues to budget, fund, and report in the same way as it has been doing for decades, leading to tension between IT needs and finance procedures.
Over the next 18 to 25 months, there is the expectation to see more It and finance leaders working together to develop flexible approaches for funding innovation at the speed of agile.
18 May 2021
|
Report
:
Tech Trends 2020
Leveraging next-generation digital twin capabilities to design, optimize, and transform the enterprise
Companies are using digital twin capabilities in a variety of ways. Digital twins can simulate any aspect of a physical object or process. They may take many forms, but they all capture and utilize data that represents the physical world. As the digital twins trend accelerates in the coming years, more organizations may explore opportunities to use digital twins to optimize processes, make data-driven decision in real time, and design new products, services, and business models. Sectors that have capital-intensive assets and processes like manufacturing, utilities, and energy are pioneering digital twin use cases already. Others will follow as early adopters demonstrate first-mover advantage in their respective sectors. Longer term, realizing digital twins' full promise may require integrating systems and data across entire ecosystems.
Recent MarketsandMarkets research suggests efforts are already underway: The digital twins market had an estimated worth of US$3.8 billion in 2019 and is projected to reach US$35.8 billion in value by 2025. Over the course of the last decade, deployment of digital twin capabilities has accelerated due to a number of factors:
- Simulation: tools for building digital twins are growing in power and sophistication.
- New sources of data
- Interoperability: the ability to integrate digital technology with the real world has improved dramatically.
- Visualization: The sheer volume of data required to create digital twin simulations can complicate analysis and make efforts to gain meaningful insights challenging. Advanced data visualization can help meet this challenge by filtering and distilling information in real time.
- Instrumentation: IoT sensors, both embedded and external, are becoming smaller, more accurate, cheaper, and more powerful.
- Platform: Increased availability of and access to powerful and inexpensive computing power, network, and storage are key enablers of digital twins.
18 May 2021
|
Report
:
Tech Trends 2020
Annual investments in the region of South-Holland and its effect on the Netherlands
For the next decade, an annual investment of €1.4 billion will be made in order to improve the region of South-Holland. This investment is made in order to combat the effects of the COVID-19 crisis, high unemployment, lagging economic growth and CO2 emissions. Besides, this investment provides an impulse to the current housing challenges and accessibility and liveability of the region. Besides regional impact, the investments will also have cascading effects for the Netherlands as a whole.
18 May 2021
|
News
:
Governments, Businesses and Knowledge Institutions in South Holland Invest € 1.4 Billion in Economy
Reshaping human-machine connections through AI, neuroscience, and human-centered design
The way we experience technology will be changed with a growing class of AI-powered solutions (referred to as affective computing or emotion AI). As part of the emerging human experience platforms trend, during the next 18 to 24 months more companies will ramp up their responses to a growing demand for technology to better understand humans and to respond to us more appropriately.
Early trend participants recognize that the stakes are high. The ability to leverage emotionally intelligent platforms to recognize and use emotional data at scale will be one of the biggest, most important opportunities for companies going forward. The human experience platforms trend reverses traditional design approaches by starting with the human and emotion-led experience we want to achieve, and then determining which combination of affective and AI technologies can deliver them. The big challenge that companies will face is identifying the specific responses and behaviors that will resonate with—and elicit an emotional response from—a diverse group of customers, employees, and other stakeholders, and then developing the emotional technologies that can recognize and replicate those traits in an experience.
In the coming months, we expect growing demand for technologies to become more human. We’ve reached a point in the digital revolution at which everyone’s connected to technology but not necessarily to each other
The human experiences platforms trend is fueled by a growing demand from system users that technologies engage us in more meaningful, human-like ways. In the coming years, we expect this demand to become a nonnegotiable expectation. Today, trend pioneers are integrating affective computing, AI, and neuroscientific research into their strategies and systems to transform the rules of user engagement. In the near future, “emotionally intelligent” technologies and tactics will likely give rise to new business models and ways of working.
18 May 2021
|
Report
:
Tech Trends 2020
Evolve the role of architects to transform systems architecture and support the speed of business
The 'architecture awakens' trend is a direct response to external pressures many CIOs face today as established organizations are struggling to keep pace with the changing technology landscape. In the coming months we expect to see more organizations move architects out of their traditional ivory towers and into the trenches with the goal to move the most experienced architect to software development teams that are designing complex technology. Once redeployed and empowered to drive change, architects can help simplify technical stacks and create technical agility that currently gives younger competitors a market advantage.
The role of the architect will be redefined to be more collaborative, creative, and responsive to stakeholder needs. Going forward, their mission will be to do bold new things not only with traditional architectural components but with disruptive forces (blockchain, AI, Machine learning).
18 May 2021
|
Report
:
Tech Trends 2020
Blockchain has great disruptive potential
Blockchain is believed to have great disruptive potential, whether applied alone or in combination with other capabilities. Interest in DLT has exploded, with blockchain- and cryptocurrency-focused startups collecting almost $3.9 billion in investments in the first three quarters of 2018 – that’s nearly three times the total for all of 2017. The World Economic Forum also predicts that blockchain technology will account for 10 percent of the global GDP by 2027. With all the attention on blockchain technology, we’ve also seen great progress in this field – this is mainly driven by smaller open-source parties, rather than bigger technology companies.
28 May 2021
|
External
:
Technology Trend Report 2020
The COVID-19 crisis has increased the urgency and impact on the cybersecurity talent shortage
Various analyses show that there has been a shortage of cyber security talent at both a national and international level for a long time. For example, in 2018 an imminent shortage of cybersecurity personnel was identified. Also on the European level, almost three-quarters of organisations do not have a sufficient cybersecurity team, and a shortage of about 140,000 cybersecurity specialists is visible. The COVID-19 crisis has increased the urgency and impact on the cybersecurity talent shortage, seen that the number of cyberattacks has increased and societies have become increasingly dependent on digital security.
22 June 2021
|
News
:
Opportunities For Cybersecurity Talent in Times of COVID-19
BEC fraud is increasingly occurring in the Netherlands
CEO- and digital invoice fraud, also known as BEC fraud is amongst the top three forms of cybercrime that cause the most financial damage. According to the FBI, between 2016 and 2019, BEC fraud caused 26 billion-dollars in financial damages worldwide. BEC fraud is also increasingly occurring in the Netherlands.
22 June 2021
|
News
:
New Approach Against CEO- and Digital Invoice Fraud to Oppose Cyber Criminals
Twee derde bedrijven wereldwijd slachtoffer Ransomware
Een lucratieve business met veel slachtoffers. Volgens
beveiligingsbedrijf Sophos werd in 2021 twee derde van de
bedrijven wereldwijd aangevallen met ransomware. De geëiste
losgeldbedragen variëren van een paar duizend euro tot
vele miljoenen. Maar het losgeld is slechts een fractie van de
totale kosten. Vaak gaat er werk verloren. Ook kan het weken
duren voordat een bedrijf weer volledig operationeel is. Dat
leidt tot productiviteitsverlies, misgelopen inkomsten en
reputatieschade.
24 March 2023
|
Report
:
Ransomware-ready?
Annual visual Ransomware 2023
This report gives a brief overview of all the ransomware-incidents reported to the National Cyber Security Centrum and the National Police. The focus is put on how ransomware incidents are reported, who the victims are, how organisations initially respond to them, who the victims are, and the broad variety of ransomware threats.
27 March 2024
|
Report
:
Jaarbeeld Ransomware 2023
Worldwide crime patterns are affected by the COVID-19 crisis
The COVID-19 crisis has affected crime patterns across the world, both positively and negatively. On the one hand, nigh-time assaults, domestic burglary, calls for service to the police and shoplifting have decreased due to social movement restrictions. On the other hand, the pandemic has led to an increase in online offences (such as scams and fraud) and domestic violence.
30 April 2021
|
Report
:
The future challenges facing criminal justice systems
In the biological, physical and digital domain, new technologies are rapidly developing
Many new technologies are developing in the biological, physical and digital domain. In particular, the development of Artificial Intelligence (AI) and the emergence cyber-physical systems are important. The latter technology provides a link between the physical and the digital world. Such technologies can provide new ways of delivering services, but can also facilitate new forms of crime. For example, AI can be utilised in order to commit identity forgery, AI snooping and vehicle hacking.
30 April 2021
|
Report
:
The future challenges facing criminal justice systems
Developments such as artificial intelligence and blockchain will influence the way data is shared dramatically
Developments such as artificial intelligence and blockchain are underway and will dramatically influence the way data is shared in the coming years. For example, new possibilities are emerging to transfer data from the source so that citizens and companies themselves can keep a firm grip on their data.
23 May 2021
|
Report
:
De Overheid als Partner bij Datadelen
OT reliance threatens secure operations due to increasing cyber risk
There is a wide range of reliance on operational technology (OT) systems ranging from purely manual to highly automated processes. OT is hardware and software that monitors or controls industrial equipment, assets, processes and events. This OT reliance threatens secure operations due to increasing cyber risk. The operational technology domain culturally has been more safety-aware than security-aware compared with IT, challenging effective security governance and policy in integrated IT/OT environments. Additionally, from a security perspective, OT networks have been unmanaged for many years. They are a mix of OT protocols, unidentified assets, legacy systems and devices with unsecure communications. Third, applying a “one-size-fits-all” security controls methodology across IT and OT, as well as not fully accounting for differing security requirements, lead to decreased security efficacy from a cyber security perspective.
1 June 2021
|
Report
:
HSD Report: Implications of OT and IT Integration for Cyber Security
The interconnectivity between IT and OT increases risk of cyber-attacks in both environments
With the raise of technologies such as Big Data, Data Analytics and the Internet of Things, organisations have increasing business needs to integrate OT with IT networks via connections to the internet. This interconnectivity is mostly used for the exchange of data for the purpose of management information and to provide access for suppliers and maintenance personnel. This development introduces the IT personnel as stakeholders in the OT field. Due to the interconnectivity between IT and OT both environments are more conducive to cyber-attacks.
3 June 2021
|
Report
:
HSD Report: Implications of OT and IT Integration for Cyber Security
There is no clear concept of an 'OT security person'
There is no clear concept of an ‘OT security person’. Whereas there is a general consensus on IT roles and functions with their according tasks and responsibilities, these functions are lacking for OT. This hiatus shows for example through the scarcity of OT security job vacancies. Also, the OT counterpart of IT security study programmes is not established. Young professionals in OT usually have a solid basic knowledge, but universities and schools embed little attention to security in their programmes.
3 June 2021
|
Report
:
HSD Report: Implications of OT and IT Integration for Cyber Security
Unclarity regarding OT security responsibilities
Who is, or should be, in charge of OT security? Is it someone in the operational part of the organisation? Or an IT or HSE officer? Maybe OT is a shared responsibility, that can not be attributed to one person. OT security often comes down to the IT manager as a side task; but the IT manager also does not have the appropriate knowledge. This may result in a wrong approach to OT security.
3 June 2021
|
Report
:
HSD Report: Implications of OT and IT Integration for Cyber Security
Lack of OT security awareness on boardroom level
The general awareness at boardroom level is not sufficient yet. Boardroom members usually do not have a technical background: explaining to them why OT security is important, is therefore a challenge. At the same time, organisations are willing to learn. Internally, stakeholders see that employees at all levels are increasingly open to OT security training and awareness sessions.
3 June 2021
|
Report
:
HSD Report: Implications of OT and IT Integration for Cyber Security
Lack of organisational communication about cyber attacks
The general tendency in companies is to not communicate about cyber attacks that they have endured, due to not knowing about the attack, feelings of embarrassment, or fear of reputational damage. The persistent silence about cyber attacks counteracts the learning process. Severe cyber incidents must be connected with business continuity management and crisis management.
3 June 2021
|
Report
:
HSD Report: Implications of OT and IT Integration for Cyber Security
Asset management and validation is lacking in OT environments
In OT environments asset validation is lacking – at least on the Dutch market. The problem here is that the source code of OT assets is often not provided by the supplier. As a result, companies possibly use these assets without being able to test these components for security.
3 June 2021
|
Report
:
HSD Report: Implications of OT and IT Integration for Cyber Security
Patching is a challenge in OT environments
Patching, the installation of software updates, is a challenge in OT environments. A patch can result in unforeseen incompatibility with connected systems, thereby disturbing the production process. This is even more of a challenge because organisations cannot simply put their systems on hold for a couple of hours. To prevent compatibility issues, organisations usually wait for vendor approval for a patch. Dependent on the vendor, it can
take some time before a patch can be installed, possibly leaving the system vulnerable in the meantime.
3 June 2021
|
Report
:
HSD Report: Implications of OT and IT Integration for Cyber Security
Testing OT environments is challenging
Testing within OT environments is not as trivial as testing within IT environments. Testing on the production environment can cause undesired, or severe, disruptions in the production
process. Because, whereas the simulation of IT environments can be done relatively easily and cost effective by cloning the IT environment on a separate network or to the cloud, you cannot ‘copy-paste’ an OT environment with its the physical components. Regarding the latter, the development of OT simulation software is evolving; this software enables so-called digital twins.
3 June 2021
|
Report
:
HSD Report: Implications of OT and IT Integration for Cyber Security
Lack of Root Cause Analysis in OT security
A lack of, or unjust, root cause analysis is a problem in OT environments. When a defect or an unplanned disruption in the system happens, it is sometimes classified as a maintenance issue such as ‘component is defect – must be replaced’, while the actual cause could be a hack. In this case, there is a wrongly diagnosed root cause and a solution that will not solve the problem.
3 June 2021
|
Report
:
HSD Report: Implications of OT and IT Integration for Cyber Security
Difficulty in the detection of OT cyber attacks
OT systems are usually protected by safety systems, that detect whether the operations of the system are still showing common behaviour. Through manipulating safety systems first, hackers can attack the operational system without the organisation being able to detect
this at first hand. While the hackers can go on disrupting the operations, the safety system keeps communicating normal values.
3 June 2021
|
Report
:
HSD Report: Implications of OT and IT Integration for Cyber Security
Dynamic important for Ministry of Justice: increasing dependency on the digital domain and shift towards cybercrime
Analyses over the past years have made clear that many societal developments are being influenced by technology. This impacts the tasks and challenges for the Ministry of Justice. These technological developments include: increasing dependence on the digital domain and shifts in crime to the digital domain. Furthermore, extremist content is spread more easily and is more often on the forefront.
13 January 2023
|
Report
:
TechnologieAgenda JenV
Digital Security cluster contains various technologies crucial to a nation's security (JenV)
The cluster Digital Security in the TechAgenda of JenV contains various technologies that are crucial in securing society. These are technologies that impact the security of data-exchange, communication, identification, data storage and use of networks and infrastructure. These include: cybersecurity and post-quantum cryptography, but also blockchain. Important terms and developments within blockchain are privacy enhancing technologies (PETs), self sovereign identity (SSI), smart contracts. Within cybersecurity, automated vulnerability scanning and automated response are crucial and need to be implemented into the ministry.
Digital security is not only important for society, but it is also something that the ministry itself needs to work on.
13 January 2023
|
Report
:
TechnologieAgenda JenV
More Legal Framework is Needed for Large Language Models in the Netherlands
De toepassing van taalmodellen biedt kansen maar kan ook tot destructieve gevolgen leiden.
20 December 2023
|
News
:
Trendanalyse Taalmodellen
In the US there is a huge need for privacy advice and compliance management
"During my visit in 2018, I saw that the security and compliance market in the US is or can be enormous. That is when I thought, this is the place to be for us!”. We noticed that in the US there is a huge need for privacy advice, also with the CCPA (California Consumer Privacy Act) coming in effect in 2020, and our compliance management framework (software-tooling). In 2020, we have managed to interest the first four partners and are going to be in the US before the phase of a final offer. We extended our lease contract with Bwtech. At the beginning of 2020, we want to go back to the US. We are currently preparing for this.
18 May 2021
|
News
:
How Audittrail Entered the US Market Through Soft-Landing Programme
Iran carries out preparatory acts for digital sabotage
Especially with regards to the oil and gas industry. The impact of the political and economic competition with Saudi Arabia is one where the impact of these preparatory actions on the Netherlands should be regarded as collateral damage.
5 June 2021
|
Report
:
Dreigingsbeeld Statelijke Actoren
Dutch dependency on Chinese technology forms a danger for society
Dutch dependence on Chinese technology and services brings the risk that it offers Chinese (state) actors opportunities for (preparatory actions for) digital sabotage.
5 June 2021
|
Report
:
Dreigingsbeeld Statelijke Actoren
The Chinese use of both legal and illegal economic resources and (digital) espionage poses the greatest threat to the Dutch economy
The Chinese use of both legal and illegal economic resources and (digital) espionage poses the greatest threat to the Dutch economic security. The Chinese activities are extensive and structural. In particular, the Dutch top sectors and knowledge institutions are interesting because of the high-quality infrastructure, technology and knowledge they possess. A large part of the China's (digital) espionage activities are over aimed at improving Chinese competitiveness.
6 June 2021
|
Report
:
Dreigingsbeeld Statelijke Actoren
The dismantling of the EncroChat network has provided important information for law enforcement agencies
On the 2nd of July, the dismantling of the EncroChat network was announced. The encrypted phone network is widely used by criminal networks, making it an important source of information for law enforcement agencies. The access to millions of messages has already been relevant in a large number of ongoing criminal investigations, resulting in the disruption of criminal activities including violent attacks, corruption, attempted murders and large-scale drug transports.
22 June 2021
|
News
:
Encrypted Network EncroChat Dismantled
Cross-cutting crimes and challenges
The continued increase of cyber- and computer-related crime is to a large degree enabled through the evolution and maturation of the criminal markets that provide all the necessary tools, goods and services to novice and established criminals. Network intrusions and social engineering are components of a multitude of attack vectors.
9 December 2021
|
Report
:
Internet Organised Crime Threat Assessment (IOCTA) 2021
Developments in cyber-dependent crimes
During the last 12 months, a number of developments pertaining to the dominant threats within the cyber-dependent crime threat landscape have emerged. Malware operators, especially those associated with ransomware affiliate programs, have improved their attack modi operandi and their malware functionalities. Mobile banking trojans have made a break-through thanks to the increasing number of users preferring to conduct their financial activities via mobile devices. Criminals also seem to have realised the increased impact that DDoS attacks have on their targets’ systems if there is a lack of physical alternatives, which has brought about a re- emergence of financially motivated DDoS attacks.
15 December 2021
|
Report
:
Internet Organised Crime Threat Assessment (IOCTA) 2021
Ransomware attacks still prove profitable
Despite technology enabling threat actors to become even more sophisticated, there are still active and evolving risks from tried and tested ransomware techniques. And there is consistency of ranking for the top targeted industries throughout Q3 of calendar year 2021,
with ransomware threat actors proving most successful against the manufacturing industry, followed by financial services, healthcare, technology and construction.
30 March 2022
|
Report
:
Cyber Threat Intelligence Report
Infostealers boost the malware market
Based on intrusion data Accenture collected from incident response engagements, the combined infostealer and credential stealer category made up approximately 10% of malware observed during intrusions in 2021
30 March 2022
|
Report
:
Cyber Threat Intelligence Report
Vulnerability exploits see high volume buying and selling
Accenture has observed a huge growth in the underground market for vulnerability exploits, especially for those that enable adversaries to gain unauthorized access to a corporate network. The ransomware and unauthorized network access markets almost certainly significantly affect exploit markets, as unauthorized network access is fundamental
to successful ransomware operations
30 March 2022
|
Report
:
Cyber Threat Intelligence Report
Cyber attacks by state actors as a means of espionage
Countries spy to achieve their own political, military, economic and / or ideological goals. Research by the AIVD shows that more and more countries are spying politically and / or economically.
State actors remain very successful in compromising (government) systems within and outside the Netherlands. This despite investments in the digital resilience of public institutions. In 2019, the MIVD also recognized various cyber espionage activities against the Netherlands, other Western countries and allied interests.
The intelligence obtained through political espionage serves as inside information for states to prepare for political or social developments. This intelligence can also be used to influence decision-making and elections or to get a grip on the diaspora. For example, intelligence is gathered to play countries off against each other in order to undermine unity and international cooperation within the North Atlantic Treaty Organization and the European Union.
The Netherlands is a target of economic espionage. After all, the Dutch economy is highly developed, innovative and internationally oriented. Espionage activities are aimed, for example, at improving their own economic development or to gain knowledge from countries that are facing sanctions.
13 January 2021
|
Report
:
Cybersecuritybeeld Nederland
Cyber attacks by criminal actors: Use of ransomware as a means of extortion
It is increasingly observed that criminal actors use ransomware in such a way that they can put the victim under pressure to pay a ransom. The actors are mainly organizations that have the ability to pay larger amounts of money and / or for which business continuity and valuable unique data play an important role. Characteristic of the method is the extensive exploration of the company network. This allows the actor to estimate the value of the data and the damage to the victim and to place the ransomware in the most effective way. Based on that insight, the ransom demanded varies from a few tens of thousands to millions of euros. There seems to be an increase in ransomware attacks in which data is not only encrypted, but also copied. When an organization refused to pay the ransom, criminals in some cases published the data.
In early February 2020, cybersecurity experts published about new ransomware, called EKANS, which focuses on industrial control systems (ICS) and allegedly developed by criminals. These systems are used for, for example, drinking water and energy supply. The attack method is relatively simple, but the ransomware appears to be specially designed to attack ICS. EKANS's victims are likely to include Bahrain's state oil company and manufacturing companies. EKANS may be the first ICS-targeted ransomware to be the work of a criminal actor.
13 January 2021
|
Report
:
Cybersecuritybeeld Nederland
State actors and criminal actors respond to current events
Actors respond to current events, by:
- Responding to the Covid-19 pandemic. Soon after the outbreak of the Covid-19 pandemic, there were indications that actors were (opportunistically) abusing the situation to carry out "thematic" cyber attacks.
- Active abuse of various vulnerabilities: In 2019 and early 2020, active abuse of various vulnerabilities by state and criminal actors was observed. The AIVD and MIVD confirm that state actors have exploited vulnerabilities in Fortigate and Pulse secure VPN software. Therefore, the AIVD and MIVD have also advised companies and other organizations about measures. The vulnerabilities in Citrix ADC and Citrix Gateway servers were actively exploited by actors soon after the available exploit - which was published on January 9, 2020.
13 January 2021
|
Report
:
Cybersecuritybeeld Nederland
Changing DNS settings as an attack technique
Incidents indicate (renewed) interest in changing Domain Name System (DNS) settings as an attack technique, also known as a DNS hijack. By changing DNS settings of organizations, for example by hacking a registrar, incoming network traffic can be temporarily diverted and intercepted. This can be used for espionage purposes, among other things. Cyber attacks against DNS can have a significant impact on the integrity of the Internet.
13 January 2021
|
Report
:
Cybersecuritybeeld Nederland
Increase in phishing via messaging apps such as SMS and Whatsapp
Phishing has for years been a common way for cyber criminals (among others) to attack targets, and it is again the most used - first step of an - attack method this year. Incidents show that criminals also use a new form of phishing, namely phishing via SMS (smishing) or via WhatsApp. They are also responding to an increasing use of apps for payment requests between private individuals via a messaging app. It cannot be ruled out that this technique is used more widely than just for fraud, for example for taking over accounts as a stepping stone for a larger attack. Other actors could also use this technique.
13 January 2021
|
Report
:
Cybersecuritybeeld Nederland
Abuse of Dutch ICT infrastructure for cyber attacks
The Dutch ICT infrastructure is also abused by state actors in cyber attacks on other countries. The Netherlands is attractive for this because the digital infrastructure is of high quality and ICT capacity can be rented relatively easily. This form of abuse can damage the international image of the Netherlands and it can be bad for allied interests and the integrity of the Dutch ICT infrastructure.
As in previous years, the Dutch ICT infrastructure was also abused for various forms of cybercrime, including for facilitating cyber attacks. Dutch servers are also abused for botnet spam. Of all servers that cyber criminals worldwide use for spamming via botnets, approximately 6.3 percent are located in the Netherlands.
13 January 2021
|
Report
:
Cybersecuritybeeld Nederland
Hardware vulnerabilities with (potentially) major consequences announced
The past year saw further growth in the number of vulnerabilities in hardware. A certain type of attack (transient execution attack) again led to changes this year in all Intel processors and all popular operating systems. SSDs with hardware encryption contain such serious vulnerabilities that the encryption is of no value. Even newly released memory chips (DRAM) appear to have known vulnerabilities. The "DRAM vulnerability" is particularly worrying because there is no solution for it and will remain for years to come. There are currently no alternatives.
13 January 2021
|
Report
:
Cybersecuritybeeld Nederland
New technologies, whilst threatening on the short term, can enhance cyberresilience on the long term.
Quantum computing, Artificial intelligence and other upcoming technologies stand to change the world. In the short term quantum computing will undermine pre-quantum encryption drastically. AI can be applied to offensively detect and weaponize 0-days and attack systems. On the longer term, quantum encryption and automated 0-day patching can enhance resilience. These are just two concrete examples where these technologies will be in a position to enhance cyber security and resilience on the longer term.
29 March 2021
|
Report
:
Advies ‘Naar structurele inzet van innovatieve toepassingen van nieuwe technologieën voor de cyberweerbaarheid van Nederland’
Strategic technological dependence on foreign actors is undermining the national autonomy of the Netherlands and Europe at large
Upcoming technologies, their applications, but also the systems necessary to run them, think about the computing power needed for certain AI applications, are being developed by both domestic and foreign actors. On certain themes the foreign actors are in the lead. If this lead is not shrunk or reversed there is a risk of a wider dependence on that foreign actor and its government. This could undermine the strategic autonomy of Dutch organizations and the government, but also threaten the geopolitical security of European Data for instance. The current technological armsrace has wider political and economic dependency issues, but could also undermine the competitive edge of Europe.
29 March 2021
|
Report
:
Advies ‘Naar structurele inzet van innovatieve toepassingen van nieuwe technologieën voor de cyberweerbaarheid van Nederland’
Four cybersecurity risks to national security according to Cyber Security Assessment Netherlands 2021
A cyber incident affects digital processes and the functioning of technology. Moreover it affects the functioning of organisations and leads to social disruption. Cyber threats keep evolving as actors continue to develop and adapt. Government and riskmanagement are the instruments to resolve the cyber threat and resilience question.
8 September 2021
|
Report
:
Cyber Security Assessment Netherlands
Cyber incidents that occurred in The Netherlands from March 2020 to March 2021
A retrospective on cyber incidents that occurred in The Netherlands, in the period from March 2020 to March 2021, with both intentional and unintentional causes. Cyber incidents not only have an impact on direct victims, but also on (chains of) suppliers, customers and members of the public who use the services of (public) organisations. The following are recurring themes in an open source summary of incidents: COVID-19 as an opportunity for malicious actors; targeting facilities for remote working; deliberately denying access to processes; attacks on organisations in supply chains; data breaches, and finally, process outages.
8 September 2021
|
Report
:
Cyber Security Assessment Netherlands
The cybercriminal ecosystem
A description of the current cybercriminal mature economy. Specified trough cybercriminal service providers; dependent perpetrators and autonomous groups.
9 September 2021
|
Report
:
Cyber Security Assessment Netherlands
Ransomware as a solid revenue model and how to break the chain
Ransomware offers cybercriminals of all categories a solid and attractive revenue model. Cryptocurrencies offer ransomware attackers the opportunity to have the victim transfer money in a fast, irreversible and relatively anonymous way. Moreover, there is no monitoring of transactions and payouts, which makes it extremely attractive for criminal use. This revenue model was further strengthened by the Revenue-as-a-Service (RaaS) Phenomenon.
9 September 2021
|
Report
:
Cyber Security Assessment Netherlands
How violation of cyberspace affects national security
Violation of (the security of) cyberspace poses a risk to national security. After all, important elements for the functioning of cyberspace are vulnerable to system failure and/or misuse. Boosting resilience to this is a limited possibility for individual states and organisations. The complexity of this global ICT chain is explained within the report.
10 September 2021
|
Report
:
Cyber Security Assessment Netherlands
Risk management as instrument in boosting resilience
Experts point to major differences in resilience between and within sectors and chains. Organisations that seem to be in a better position have, in addition to taking basic measures, also focused on a risk-based way of working. There are a number of widely applicable basic principles that can also be applied by smaller organisations. It is ultimately up to public administrators and leaders of organisations, whether in the private sector, central government or politics, to manage risks. The concept of risk management is described in three processes. From the requirement of constant attention for risk, to the wide application of risk management and the commitment of directors to buy-in on risk management.
14 September 2021
|
Report
:
Cyber Security Assessment Netherlands
Understanding the Risks and Opportunities of AI for Businesses
There is still a lot of confusion over what AI is, how we are using it and how we might be affected by AI-enhanced cyber attacks. This paper addresses the risks and opportunities of AI for businesses.
5 December 2023
|
Report
:
The AI Arms Race
53% of cybersecurity attacks cause over US$500,000 in damage
53% of cybersecurity attacks cause over US$500,000 in damage
22 January 2021
|
Report
:
2020 Global Networking Trends Report
Increased mobility causes cybersecurity risks
According to the Cisco “VNI Forecast Highlights Tool,” global business mobile data traffic will grow sixfold from 2017 to 2022 at an annual growth rate of 42%.12 Business mobile users will continue to expect immediate and high- performance connectivity anywhere, anytime, and on any device over Wi-Fi and public 4G and 5G networks. At the same time, wireless IoT devices will become increasingly ubiquitous in all aspects of our lives.
Employees accessing cloud applications from corporate and private devices when off network is creating a lack of visibility and control that network and security administrators haven’t faced. And a wave of IoT devices will add to wireless networking requirements in terms of scale, different traffic patterns, and security.
22 January 2021
|
Report
:
2020 Global Networking Trends Report
Cybersecurity threats are becoming increasingly sophisticated and dangerous across a broader attack surface that is no longer contained within well-defined and defended perimeters
Cybersecurity threats are becoming increasingly sophisticated and dangerous across a broader attack surface that is no longer contained within well-defined and defended perimeters.
In particular, as workloads move off-premises, there is a danger that IT will lose visibility.
While the network will continue to be a powerful ally in identifying and containing threats, network and security operations need to share data and integrate tools and workflows to best combat the continued rise in number and sophistication of attacks. In addition, the network can extend the reach of IT into cloud environments to help protect applications and data even when not directly under their control.
22 January 2021
|
Report
:
2020 Global Networking Trends Report
Changing role of network security
Key findings
• Network strategists identified security as a top investment area, second only to AI.
• 43% of network teams identified improved embedded network security capabilities as a priority.
• In 2019, 48% of CISOs identified “time to remediation” as a main key performance indicator (KPI), up from 30% in 2018.
• Almost 75% of network leaders were confident they will have AI-enabled adaptive or automated policy definition and enforcement in two years.
22 January 2021
|
Report
:
2020 Global Networking Trends Report
IT talent survey: Top skills and expertise are needed
Data from our IT talent survey reveals that across IT in general, advanced technologies such as cloud expertise, enterprise architecture, big data and analytics, DevOps, and cybersecurity top the list of technical skills and expertise in need.
Our own IT talent survey reveals that a lack of business acumen is the number-one skills gap in IT today. Filling this gap will be critical as organizations transition to intent-based networks. By speaking the language of the business, IT can effectively translate business objectives, or intent, into high-level IT policies, which in turn can determine infrastructure and device configurations.
22 January 2021
|
Report
:
2020 Global Networking Trends Report
Smaller organizations faced about the same level of public scrutiny as their larger counterparts.
One common myth is that the media only wants to talk about massive and devastating corporate or governmental data breaches. This could lead some smaller organizations into believing that they won’t face much, if any, public scrutiny when they suffer a cyberattack. This is false. Last year, smaller organizations faced about the same level of public scrutiny as their larger counterparts.
30 March 2021
|
Report
:
Big Security in a Small Business World
Downtime
When an SMB gets hit by a cyberattack that results in a level of downtime (loss of business hours), the myth suggests that they don’t have the resources to rebound nearly as fast as their larger counterparts.
This is false. Data suggests that there is very little difference in the amount of downtime suffered by SMBs and larger organizations.
30 March 2021
|
Report
:
Big Security in a Small Business World
Lack of dedicated security personnel
With everyone pitching in wherever necessary in SMBs, there’s an assumption that cybersecurity is just one aspect of someone’s job. And that this person is also balancing other aspects of IT management such as managing data centers and evaluating new hardware. The myth is that SMBs have few, if any, dedicated resources for cybersecurity.
This is false. While this may be the case for some, SMBs overwhelmingly told us that they do have dedicated employees for cybersecurity. In fact, less than 1% of SMBs told us that they didn’t have anyone dedicated to security. Perhaps even more surprising, 60% said they had over 20 people dedicated to security – although we didn’t specify what level of involvement that dedication may entail or if the employees were outsourced with a managed security service provider (MSSP).
30 March 2021
|
Report
:
Big Security in a Small Business World
Keeping infrastructure up-to-date
With the frequency of consumers upgrading to the latest smartphone, it may seem that larger organizations can afford to replace each element of their security infrastructure. But what about smaller businesses, where that cycled investment might have greater impact on their annual IT budget?
This is partially true. When asked to describe their infrastructures, and their strategy for investing and replacing key security technologies, here’s what SMBs told us: Almost all SMBs are diligent about keeping their infrastructure up to date.
30 March 2021
|
Report
:
Big Security in a Small Business World
Difference in threats between SME's and Corporates
Cyber criminals want the biggest prize, so they’ll use their most stealth and dangerous tactics against the larger businesses, right?
This is partially true. We compared the types of cyberattacks that SMBs and large enterprises reported they’ve experienced in the past year, with how much downtime (loss of business hours) the attacks caused. We did this using four categories based on organizational number of employees and ranked the events most likely to create more than 24 hours of downtime.
30 March 2021
|
Report
:
The future challenges facing criminal justice systems
Threat hunting
Threat hunting is a proactive security exercise, with the intent of finding and rooting out attackers that have penetrated your environment and haven’t raised any alerts. This contrasts with traditional investigations and responses that stem from alerts that appear after potentially malicious activity has been detected.
The whole concept of threat hunting sounds like it involves a mysterious crime scene investigation, with its nuances and complexity out of reach for smaller businesses. SMBs have their hands full trying to investigate alerts; they don’t have time to go hunting for other threats, right?
FALSE: From our survey data, not only do 72% of SMBs have employees dedicated to threat hunting, but this is also close to the percentage of large organizations who have a threat hunting department.
Although their levels of maturity may differ from larger organizations due to less resources, our data suggests that SMBs recognize the value of, and are embracing a proactive approach towards cybersecurity.
30 March 2021
|
Report
:
Big Security in a Small Business World
Testing incident response plans with drills/exercises
As Mike Tyson often said, “Everyone has a plan until they get punched in the face.” Until you know how your incident response plan performs in action, it’s only worth the words on the page.
But smaller businesses don’t have the luxury of time and resources to test their plans, right? Surely that would cause more disruption than it would be worth.
FALSE: This myth is simply not true. Only one percent of SMBs never test their plan, and four percent rarely test. Twelve percent test every two years, 36% test annually, and the largest percentage (45%) test every 6 months.
30 March 2021
|
Report
:
Big Security in a Small Business World
SME Leadership Taking Security and Data Privacy Seriously
Here’s the big one – the one that the collective industry has unfortunately been peddling for years. As an SMB, you’re in the dark on how much danger you’re in – and haven’t nurtured an organizational culture around security and data privacy.
FALSE: Our data proves that this myth is very far removed from the actual truth. And there are three ways to prove this from our survey of IT decision-makers from different sized organizations.
30 March 2021
|
Report
:
The future challenges facing criminal justice systems
SME's patching vulnerabilities
Patching often falls under the basics of cybersecurity, but in practice, it can be challenging to implement. One myth suggests that SMBs would rather use their resources elsewhere than find ways to minimize the disruption caused by patching.
This is false: Fifty-six percent of SMBs patch daily or weekly, compared to 58% of large businesses – showing that for the very regular patching routines, all business sizes approach it the same.
30 March 2021
|
Report
:
The future challenges facing criminal justice systems
Measure the efficacy of security programs
Assumptions have been made that smaller businesses employ more of a ‘spray and pray’ approach to cybersecurity. The implication is that they don’t have the measures in place to be able to monitor and measure what’s really working, and therefore can’t optimize what they have.
This is false. An impressive 86% of SMBs say they have clear metrics for assessing the effectiveness of their security program, compared to 90% of larger organizations.
30 March 2021
|
Report
:
Big Security in a Small Business World
Strategic Roadmap for Artificial Intelligence
In order to utilize the social and economic opportunities of AI in the Netherlands, three roads of action are taken: 1) stimulating AI entrepreneurship and using AI in government, 2) creating the right conditions for research, education, the use of data and connectivity, 3) protecting safety, human rights, ethical values, public and consumer trust.
30 March 2021
|
Report
:
Strategisch Actieplan voor Artificiële Intelligentie
Investments are made into research and development of AI applications
This year, €23.5 million is invested in the NL AI Coalition in order to enhance the R&D of AI applications. Within the coalition, a specific focus is laid on the following subjects: Automated Security Operations Lab, AI for IoT, Operational Technology Security and AI for the Dutch language.
18 May 2021
|
News
:
Data Science Initiative Recap
In an increasingly digitised economy, companies need to increase their cyber resilience
Cybersecurity is more relevant than ever before. In an increasingly digitised economy, accelerated by the COVID-19 pandemic, companies need to increase their resilience against cyber threats. The Dutch cybersecurity sector has a strong reputation internationally and a growing number of Dutch scale-ups are successfully expanding internationally.
18 May 2021
|
News
:
Selected Scale-ups Announced for Cybersecurity Globaliser 2021
Dutch companies and knowledge institutions working together to position the Netherlands in Japan
Different Dutch companies and knowledge institutions linked to HSD are working together in a consortium to position the Netherlands as a country that can ensure the digital safety of Japan's vital infrastructure, especially during the 2020 Olympic and Paralympic Games in Tokyo. Key points are protecting energy, drinking water, and the telecom sector. This is part of the larger programmatic approach of a Partners International Business (PIB) Japan. Participation in such a program requires a commitment and trust.
12 June 2021
|
News
:
Doing Business in Japan
Noticable disaster developing around data leaks
The impact of data leaks is huge and it i noticable that there is a disaster developing concerning leaks. Experts (Bird & Bird, Compumatica) tell us that working with security and privacy in practice is always a balancing act. Business awareness with regards to privacy is very important and that it is important to get clarity of security requirements at an early stage. Adjustments to security will always have to be made to take into account a flexible structure of databases.
14 June 2021
|
News
:
Recap HSD Café Security & Privacy: Noticeable Disaster Developing Around Data Leaks
The number of attacks with ransomware and the damage resulting from such attacks are increasing
There are all kinds of solutions on the market in order to detect suspicious activity. However, some solutions are working insufficiently. For example one network sensor, only recognised 4% of all phishing attempts and was unable to stop ransomware. Also, traffic to the dark web was not considered to be suspicious.
21 June 2021
|
News
:
Research by EYE: Cyber Products For SMEs Are Often Ineffective
Each year, around 100 young people are arrested for a cyber-related offence
The Dutch public prosecutor reports that each year around 100 young people, aged between 12 and 23, are arrested for a cyber-related offence. The true figure could be much higher, however – the authorities estimate it between 100 and 200 offenders. In order to discourage cybercrime and encourage young offenders to move to legal activity, such as ethical hacking, Hack_Right was founded.
22 June 2021
|
News
:
International Attention for Hack_Right
AI technologies provide opportunities in the Healthcare, Agriculture and Energy sectors
AI technologies can be utilised to improve various issues. For example in the healthcare sector, AI is used to precisely analyse cells, read röntgen images or establish diagnostics. In the agriculture domain, AI is used for 'precision agriculture', the selection of new crop strains and system integration. Lastly, the energy sector uses AI to reduce traffic jams, reduce emissions and the automatic detection of flaws in power grids.
11 August 2021
|
Report
:
Strategisch Actieplan voor Artificiële Intelligentie
Tools have the possibility to increase cyber resilience in OT environments
Business operations of most organisations today are heavily dependent on automation and control systems. However, organisations are often not aware of this dependency. With the current trend of digitalisation, this unawareness is increasing even further. Unfortunately, this also increases the chance of the occurrence of a cyber incident. A new tool, called the Security Check Process Automation, allows organisations to quickly identify potential risks, and consequently the protective measures they can take against them. The security check, which can also be used without technical or IT knowledge, offers organisations a practical tool to increase their cyber resilience.
"I am particularly pleased to be able to offer a practical self-scan to organisations that use ICS or OT devices. There is great diversity in security maturity within the ICS domain. There are organisations that are very mature, but there are also organisations that need to significantly increase the digital resilience of their ICS landscape, but unfortunately lack the knowledge to do so. I hope that with this tool we can provide help to all of them."
11 August 2021
|
News
:
Launched: Tool to Increase Cyber Resilience in OT Environments
Access to talent is a crucial prerequisite for the creation of innovative security solutions and the growth of the security sector
Currently, a discrepancy exists between the demand and supply of personnel in many security sectors. In order to tackle this discrepancy, access to new talent and personnel is necessary. Access to talent is a crucial prerequisite for the creation of innovative security solutions and the growth of the security sector.
12 August 2021
|
News
:
Launched: Human Capital Agenda Security 2019-2022
Future trends and developments in the field of biometric techniques
The technological advancements of recent years in particular in data analytics and AI but also in terms of hardware (fast processing computers, high resolution cameras and IoT) have elevated the potential of biometric techniques and expanded their field of application.
Latest technological advances include improved sensors, enabling the capture of entirely new types of bio-signals.
22 September 2021
|
Report
:
Biometric Recognition and Behavioural Detection
Ethical aspects of biometric identification, categorisation and detection
A description of different issues with biometric recognition, discussed are the face of enrolment and application in public spaces. Multiple issues are faced concerning stigmatisation, riks of total surveilance and on other steps involved in recogntion.
4 October 2021
|
Report
:
Biometric Recognition and Behavioural Detection
Cybersecurity can only be tackled in a holistic way
According to ANSSI, the French counterpart to the NCSC, there are various actions needed to make a country more cyber resilient. First, strengthen prevent and respons capacities. Second, one needs to be able to rely on private partners. Third, the EU Competence Centre for industry, technology and research should work together with national coordination centers to increase knowledge on key technologies. Lastly, we need to facilitate response incident support across EU borders.
2 January 2023
|
Report
:
Cybersecurity threats are increasing and attacks are becoming more sophisticated and complex
Every day we experience the consequences of malfunctioning, unsafe technology or its unsafe use. The consequences can be economic, social, societal, technical, legal and political. The threat from professional criminals and state actors in the cyber domain is increasing, while the attacks are also increasingly sophisticated and complex. In 2012, the damage to Dutch society from cybercrime was already estimated to be at least 10 billion euros annually. At the time, it concerned industrial espionage, fraud, extortion and phishing, among other things. However, the situation in 2020 is much more complex and urgent. The corona pandemic, and the accompanying massive teleworking, shows once again how great the dependence is on a secure and privacy-guaranteeing digital infrastructure for all citizens.
24 May 2021
|
Report
:
Dcypher: Nationale Cyber Security Educatie Agenda
The BIACS functions as intermediate step for organizations in which the primary proces is depending on OT
The comprehensive IEC 62433 has been transformed into the 'Cyber Security Implementatie Richtlijn (CSIR)' by the Dutch department of Waterworks. Now, a coalition of organizations has created the 'Basismaatregeln voor cybersecurity van IACS (BIACS)', which functions as stepping stone towards the CSIR and is specifically for organizations that are dependent on OT and are not mature in their cybersecurity.
26 January 2023
|
Report
:
Basismaatregelen voor cybersecurity van IACS
QR codes are gaining popularity in the Netherlands, but users are still insufficiently aware of the security risks
63% of the Dutch indicate that QR codes make life easier in a "contactless" world. At the same time, 55% of the Dutch say they cannot tell the difference between a legitimate and malicious QR code. Moreover, the security of the mobile device is insufficient for a large part of the respondents, 43% have no security software installed, or do not know whether this is the case.
21 May 2021
|
External
:
Ik verwacht dat we binnenkort ook aanvallen zullen zien via QR-codes
COVID-19 accelerates the increase in use of mobile phones and QR codes
Mobile devices have become even more important during the COVID-19 pandemic and are an integral part of our lives. More than half of the Dutch (52%) notice an increase in the use of QR codes. Employees use their mobile device for applications in their private situation, but also to connect to business applications and cloud services, thus being productive for their employer. This often involves the use of their own, unsecured devices. By also using these mobile devices to scan QR codes, users endanger themselves and their employer.
The data below shows the very fast growing popularity of QR codes in our country during the pandemic:
- 78% have scanned a QR code at some point, of which 47% in the past week and 25% in the past month.
- In the past six months, 39% scanned a QR code in a catering establishment, 29% in a store and 26% scanned a QR code on a product.
- 56% of the respondents are in favor of wider application of QR codes in the future.
- 55% of respondents plan to use a QR code as a payment method in the near future.
- 49% of the respondents would vote via a QR code if that option was offered.
21 May 2021
|
External
:
Ik verwacht dat we binnenkort ook aanvallen zullen zien via QR-codes
Mobile phones are attractive targets for hackers, cyber attacks via QR codes are expected
During the pandemic, hackers are looking for security holes and are increasingly targeting mobile devices with advanced attacks. Mobile devices are attractive targets for hackers because the interface forces users to take quick action, while only limited information is available. Users are also often more likely to be distracted while on their mobile device, making them more likely to fall victim to an attack. Hackers attack mobile devices in various ways such as via email, text messages, instant messages, social media and other communication methods. Soon we will also see attacks via QR codes.
21 May 2021
|
External
:
Ik verwacht dat we binnenkort ook aanvallen zullen zien via QR-codes
Money laundering and criminal finances are the engines of organised crime
Economic and financial crimes are a highly complex and a significant threat affecting millions of individual EU citizens and thousands of companies in the EU every year. In addition: money laundering and criminal finances are the engines of organised crime, without them criminals would not be able to make use of the illicit profits they generate with the various serious and organised crime activities carried out in the EU. According to previous reports by Europol, 98.9% of estimated criminal profits are not confiscated and remain at the disposal of criminals.
Furthermore, the COVID-19 pandemic in Europe has provided ample evidence that criminals are quick to adapt their criminal schemes to changing conditions to exploit fears and vulnerabilities. Economic stimuli such as those proposed in the wake of the COVID-19 pandemic will be targeted by criminals seeking to defraud public funding. To effectively disrupt and deter criminals involved in serious and organised crime, law enforcement authorities need to follow the money trail as a regular part of their criminal investigations with the objective of seizing criminal profits.
22 June 2021
|
News
:
Europol Launches European Financial and Economic Crime Centre
The exploitation of vulnerabilities due to teleworking during the COVID-19 pandemic
The growth in teleworking during the COVID-19 pandemic has led people to forget basic and essential security rules, helping cyber-criminals in their search for information.
13 May 2021
|
External
:
What are the cybersecurity trends for 2021?
Threats driven by Artificial Intelligence
The use of Artificial Intelligence poses threats to physical systems and in the future to the same extent to digital systems.
-The year 2021 should be a year in which AI is adopted on a large scale by companies
- By 2025, the market of AI software will be worth 37 billion dollers
13 May 2021
|
External
:
What are the cybersecurity trends for 2021?
5G and the IoT will accelerate and multiply cyber-attacks
The roll-out of 5G has started in Europe which opens the way to the development of a real Internet of things (IoT). The nature and applications of IoT will be varied and change the geography of company's networks. this will also increase the attack surface for actors with ill-intent. It has to be said that the distributed nature of 5G networks, to which a multitude of connected objects with dubious security will be connected, further reduces the visibility of threats
13 May 2021
|
External
:
What are the cybersecurity trends for 2021?
EU citizens' awareness of the risks and challenges of cyber space
European Commission prepared a special Eurobarometer survey in 2019 with the aim of understanding EU citizens’ awareness, experiences and perceptions of cybersecurity. The results of this survey show that Internet use in Europe continues to grow, particularly via smartphones, and citizens are more aware of the potential dangers when going online. According to the survey’s findings, concerns about online privacy and security have already led more than 9 in 10 Internet users to change their online behaviour – most often by not opening e-mails from unknown people, installing antivirus software, visiting only known and trusted websites and using only their own computers. While these results are quite encouraging, many users still fall into online fraud and e-mail phishing baits. This reveals that malicious actors are using sophisticated attacks that are harder to detect and avoid. Hence, mitigation strategies have to be updated regularly to accommodate the latest available intelligence (CTI) on attack techniques.
22 January 2021
|
Report
:
The Year in Review
Nation-state actors: Online attacks against electoral processes of foreign countries
Nation-state sponsored actors are likely to Continue using cyberspace to issue attacks against electoral processes of foreign countries threatening democratic systems and human rights.
22 January 2021
|
Report
:
The Year in Review
Nation-state actors: Harassing oppositions and monitoring citizens through manipulation of information on social networks, coupled with spyware campaigns
Nation-state sponsored actors are likely to continue harassing oppositions and monitor their citizens through manipulation of information on social networks, coupled with spyware campaigns.
22 January 2021
|
Report
:
The Year in Review
Nation-state actors: disinformation campaigns
Nation-state sponsored actors are likely to Launch sophisticated disinformation campaigns designed to influence perceptions or manipulate opinions in favour of a certain political agenda or financial speculation goals.
22 January 2021
|
Report
:
The Year in Review
Nation-state actors: Pursuing strategic objectives
Nation-state sponsored actors are likely to Pursue strategic objectives such as: obtaining industrial secrets through espionage, obtain leverage over political decision making, fund the regime through financial fraud, conduct cyber-enabled information operations and finally, weaken or demoralise the adversary through disruptive or destructive activities.
22 January 2021
|
Report
:
The Year in Review
Cyber-offenders: Sextortion attacks
Cyber-offenders are likely to Continue targeting teenagers and young adults with sextortion attacks (webcam blackmail) affecting psychologically and ultimately physically the victims.
22 January 2021
|
Report
:
The Year in Review
Cyber-offenders: Cyberbullying attacks
Cyber-offenders are likely to Increase the number of cyberbullying attacks during and after the COVID-19 pandemic with adolescents using digital platforms even more for personal or educational purposes.
22 January 2021
|
Report
:
The Year in Review
Cyber-criminals: AI-based tools to create deep fakes
Cyber-criminals are likely to Increase the use AI-based tools to create highly believable counterfeits (image, audio and video format) – commonly known as deep-fakes – to defraud companies.
22 January 2021
|
Report
:
The Year in Review
Cyber-criminals: Business Process Compromise (BPC)
Cyber-criminals are likely to Improve the tactics that compromise business processes to obtain financial advantage. The threat = Business process compromise (BPC)
22 January 2021
|
Report
:
The Year in Review
Cyber-criminals: Business e-mail compromise (BEC)
Cyber-criminals are likely to lower one level in the organisation - below executive – to compromise business emails. Business e-mail compromise (BEC)
22 January 2021
|
Report
:
The Year in Review
Cyber-criminals: Managed service providers (MSPs) to distribute malware
Cyber-criminals are likely to increase the use of managed service providers (MSPs) to distribute malware.
22 January 2021
|
Report
:
The Year in Review
Cybersecurity challenge: Dealing with systemic and complex risks
Cyber risk is characterised by the speed and scale of its propagation as well as the potential intent of threat actors. The interconnectedness of various systems and networks enables cyber incidents to spread quickly and widely, making cyber risks harder to assess and mitigate.
22 January 2021
|
Report
:
Emerging Trends
Cybersecurity challenge: widespread of adversarial AI detection
The detection of threats exploiting AI to launch an attack or avoid detection will constitute a major challenge for the future of cyber defence systems.
22 January 2021
|
Report
:
Emerging Trends
Cybersecurity challenge: security orchestration and automation
Cyber threat intelligence and behavioural analytics will gain importance with the automation of processes and analysis. Investing in automation and orchestration will allow cybersecurity professionals to invest in the design of more robust cybersecurity strategies.
22 January 2021
|
Report
:
Emerging Trends
Cybersecurity challenge: reduction of false positives
This long waited promise is key in the future of the cybersecurity industry and in the fight against the alarm fatigue.
22 January 2021
|
Report
:
Emerging Trends
Cybersecurity challenge: zero-trust security strategies
With an increasing pressure on IT systems from new business requirements such as remote working, digitalization of the business model and data sprawl, zero trust is seen by many decision makers as the solution de facto to secure corporate assets.
22 January 2021
|
Report
:
Emerging Trends
Cybersecurity challenge: enterprise cloud migration errors
With many businesses migrating their data to cloud-based solutions, the number of configuration errors will increase exposing data to a potential breach. Cloud service providers will address the issue by implementing systems that identify these type of errors automatically.
22 January 2021
|
Report
:
Emerging Trends
Cybersecurity challenge: hybrid threats
New modus operandi adopt virtual and physical world threats. The spread of disinformation or fake news for example, is a key fixture of the hybrid threat landscape. The EUvsDisinfo15 is a flagship project of the European External Action Service’s East StratCom Task Force established to address the disinformation threat.
22 January 2021
|
Report
:
Emerging Trends
Cybersecurity challenge: the attractiveness of the cloud infrastructure as a target will grow.
The increasing reliance on public cloud infrastructure will surge the risk of outages. Misconfiguration of cloud resources is still the number one cause for cloud attacks, but attacks aiming directly at the cloud services providers gaining popularity among hackers.
22 January 2021
|
Report
:
Emerging Trends
Cybersecurity spending
According to Gartner, many boards of directors will demand improved data and understanding of the returns after years of intensive investment in cybersecurity. This is mainly due to a growing spend in cybersecurity proportionately to the investment made in new technologies. According to a report from IDC22, spending on cybersecurity reached $103 billion (ca. €87,5 billion) in 2019, which is 9.4% higher than the previous year. Security managers will soon be scrutinised for the results obtained from years of investment and are essential to maintain improved data about the results obtained.
22 January 2021
|
Report
:
Emerging Trends
Cyber threat intelligence will help defining cybersecurity strategies
Cyber threat intelligence (CTI) aims at helping organisations becoming better prepared by improving their knowledge about the threat landscape. Instead of relying exclusively on information generated by internal systems or feeds (what is known about the known), the effectiveness of CTI will be determined by the knowledge about the why, the how and the what that is unknown to the cybersecurity team. The value proposition of any CTI capability or program is to improve the preparedness of the organisation to protect its critical assets from unknown threats. "With more cybersecurity automation and orchestration seen as a growing trend, cybersecurity teams will spend less time in monitoring activities and more in readiness and preparedness tasks.
22 January 2021
|
Report
:
Emerging Trends
Shortage in cybersecurity skills
The lack of highly-skilled tech professionals is already issue for Europe’s digitalisation ambition. According to a study, over 70% of European firms report that lack of skills is hampering their investment strategies, while 46% of firms report difficulties in filling vacancies due to skills shortages in key areas such cybersecurity.
22 January 2021
|
Report
:
Emerging Trends
Malware is getting an upgrade
Malware family strains are being upgraded into new versions with additional features, distribution and propagation mechanisms. Emotet for example, a malware originally designed as a banking Trojan back in 2014, has become one of the most effective malware distributors of 2019.
22 January 2021
|
Report
:
Emerging Trends
Threats will become fully mobile
Users are increasingly dependent on mobile devices to secure their most sensitive accounts. The use of 2fa tied to an app authenticator or via a text message is one of the examples. With more malware going fully mobile, fraudulent apps, SIMJacking and operating systems exploits make these devices the weakest link and therefore, extremely vulnerable to attacks.
22 January 2021
|
Report
:
Emerging Trends
Attackers are using new file types such as disc image files (ISO and IMG) for spreading malware.
DOC, PDF, ZIP and XLS files are still the most commonly used attachment type for spreading malware but other types are getting popular. A few campaigns distributing AgentTesla InfoStealer and NanoCore RAT were found using image file type in 2019.
22 January 2021
|
Report
:
Emerging Trends
Credential-stuffing attacks will widespread
Credential stuffing - the automated injection of stolen username and password combinations through large-scale automated login requests directed against a web application - will proliferate as a result from a decade of an abnormal number of data breaches and trillions of personal data records stolen.
22 January 2021
|
Report
:
Emerging Trends
Emerging trend in attack vectors: attacks will be massively distributed with a short duration and a wider impact
These attacks are meant to affect the highest number of devices possible to steal personal information or block the access to data by encrypting the files.
22 January 2021
|
Report
:
Emerging Trends
Emerging trend in attack vectors: finely targeted and persistent attacks will be meticulously planned with well-defined and long-term objectives
Malicious actors plan this type of attacks to reach high value data such as financial information, intellectual and industrial property, trade secrets, classified information, etc.
22 January 2021
|
Report
:
Emerging Trends
Emerging trend in attack vectors: malicious actors will use digital platforms in targeted attacks
Malicious actors will explore the potential of digital platforms to support targeted attacks (e.g. social media, gaming, messaging, streaming, etc.). From personal data theft for spear-phishing attacks to broad malware distribution, digital platforms with a high number of subscribers are efficient attack vectors increasingly popular among malicious actors.
22 January 2021
|
Report
:
Emerging Trends
Emerging trend in attack vectors: the exploitation of business processes will increase
With more automation and less human intervention, business processes can be maliciously altered to generate profit for an attacker. Commonly known as Business Process Compromise (BPC) this technique is often undervalued by process engineering specialists due to the lack of a proper risk assessment.
22 January 2021
|
Report
:
Emerging Trends
Emerging trend in attack vectors: the attack surface will continue expanding
E-mail is no longer the prime and only tool and top attack vector for phishing. Malicious actors are now using other platforms to communicate and attract victims to open compromised web pages. A new trend is emerging with the use of SMS, WhatsApp, SnapChat and social media messengers.
22 January 2021
|
Report
:
Emerging Trends
Emerging trend in attack vectors: teleworking will be exploited through home devices
With more people in teleworking and connecting their devices to corporate networks, the risk of opening new entry points for attackers will increase. With the COVID-19 pandemic, this trend will urge IT Managers to tighten security policies and make urgent changes in the IT infrastructure.
22 January 2021
|
Report
:
Emerging Trends
Emerging trend in attack vectors: obfuscation techniques will sophisticate
Threat actors are continuously innovating to make threats more effective and less susceptible to detections. The Anibus, an Android banking Trojan and bot, has been distributed by masquerading as innocuous app, primarily through Google Play Store.
22 January 2021
|
Report
:
Emerging Trends
Emerging trend in attack vectors: the automated exploitation of unpatched systems and discontinued applications will increase
The abnormal increase in Telnet traffic to port 445 observed in 2019 unveiled the expansion of worms and exploits such as Eternal Blue. Telnet, which is no longer used except in the realm of IoT devices, saw the greatest volumes during the period.
22 January 2021
|
Report
:
Emerging Trends
Emerging trend in attack vectors: cyber threats are moving to the edge
Edge devices are deployed at the boundaries between interconnected networks. We have seen a growing trend with attacks targeting these devices — such as routers, switches, and firewalls — having a significant impact to an enterprise and to the connected digital ecosystem.
22 January 2021
|
Report
:
Emerging Trends
Increase in collaborative innovation to tackle societal challenges
The world around us is constantly changing, partly due to rapid technological developments, social media and international connections. More and more challenges arise that are too large for one party to tackle. Think of the climate issue and the climate goals of Paris, or the debt problem. Collaboration with the market, government and science (triple helix) and even with society (quadruple helix) is increasingly taking place to solve these issues and create value together. On both social issues and technological developments. Investing in common ground, formal and informal structures, solidarity and honesty, in independence, is key for successful collaborative innovation
9 June 2021
|
Report
:
Innoveren over grenzen heen
AI will affect all sectors, tackling challenges together is crucial
AI will affect all sectors, if this is not already the case. Many parties run into the same problems, and it is best to tackle them jointly. Then companies can compete on their best propositions
9 June 2021
|
Report
:
Innoveren over grenzen heen
Creating a network in which organizations provide attributes that confirm reliability is key for data security
Data is increasingly taking on a leading role in our society. How do you ensure that that data can be trusted – and at the same time prevent your information from being endlessly double-checked? Collaboration is the key to success. By not placing the verification of data with one party, but by constructing a connection network in which several organizations provide attributes that confirm the reliability.
9 June 2021
|
Report
:
Innoveren over grenzen heen
Trends en ontwikkelingen digitale veiligheid
Nieuwe uitdagingen door versnelde digitalisering mede door pandemie: we brengen bestaande ICT-systemen voor beschikbaarheid over naar de cloud, persoonsgegevens die door grootschalig test- en contactonderzoek worden verzameld vormen privacyrisico, werknemers moeten kunnen inloggen vanuit huis met hun eigen apparatuur.
Nieuw inzicht in lokale vitale processen door lockdown: stedelijke functies zoals het onderwijs, gezondheidszorg, lokale distributie van levensmiddelen en de detailhandel worden (deel) opgeschort of moeten online plaatsvinden. Het is zichtbaar geworden wat de stad nodig heeft voor basisniveau van functioneren en belang digitale continuïteit en veiligheid is.
Aanvallen van statelijke actoren: samenleving afhankelijk van grote (buitenlandse) techbedrijven en statelijke actoren vallen grote organisaties aan voor geopolitieke belangen. Zowel medewerkers als toeleveranciers kwetsbaar, systemen worden gemanipuleerd of gesaboteerd.
Digitale criminaliteit: niet alleen statelijke actoren die aanvallen uitvoeren. Ook criminelen voeren voor financieel gewin aanvallen uit. Afgelopen jaar in Nederland talrijke aanvallen met ‘gijzelsoftware’ en aanvallen waarbij een groot aantal persoonsgegevens illegaal werd verhandeld. Door de pandemie is er sprake van een verschuiving van traditionele naar digitale criminaliteit: verkoopfraude, valsheid in geschrifte en hacken. Voor online criminaliteit is sprake van een toename van 54% in vergelijking met 2019. Voor de Eenheid Den Haag was er sprake van een toename van 42%.
4 April 2022
|
Report
:
Agenda Digitaal Veilig Den Haag
Extended detection and response capabilities emerge to improve accuracy and productivity
Extended detection and response (XDR) solutions are emerging that automatically collect and correlate data from multiple security products to improve threat detection and provide an incident response capability. For example, an attack that caused alerts on email, endpoint and network can be combined into a single incident. The primary goals of an XDR solution are to increase detection accuracy and improve security operations efficiency and productivity.
21 January 2021
|
Report
:
Gartner Top 9 Security and Risk Trends for 2020
Security process automation emerges to eliminate repetitive tasks
The shortage of skilled security practitioners and the availability of automation within security tools have driven the use of more security process automation. This technology automates computer-centric security operations tasks based on predefined rules and templates.
Automated security tasks can be performed much faster, in a scalable way and with fewer errors. However, there are diminishing returns to building and maintaining automation. SRM leaders must invest in automation projects that help to eliminate repetitive tasks that consume a lot of time, leaving more time to focus on more critical security functions.
21 January 2021
|
Report
:
Gartner Top 9 Security and Risk Trends for 2020
AI creates new security responsibilities for protecting digital business initiatives
AI, and especially machine learning (ML), continues to automate and augment human decision making across a broad set of use cases in security and digital business. However, these technologies require security expertise to address three key challenges: Protect AI-powered digital business systems, leverage AI with packaged security products to enhance security defense and anticipate nefarious use of AI by attackers.
21 January 2021
|
Report
:
Gartner Top 9 Security and Risk Trends for 2020
Enterprise-level chief security officers (CSO's) emerge to bring together multiple security-oriented silos
In 2019, incidents, threats and vulnerability disclosures outside of traditional enterprise IT systems increased, and pushed leading organizations to rethink security across the cyber and physical worlds. Emerging threats such as ransomware attacks on business processes, potential siegeware attacks on building management systems, GPS spoofing and continuing OT/IOT system vulnerabilities straddle the cyber-physical world. Organizations primarily focused on information-security-centric efforts are not equipped to deal with the effect of security failures on physical safety.
As a result, leading organizations that deploy cyber-physical systems are implementing enterprise-level CSOs to bring together multiple security-oriented silos both for defensive purposes and, in some cases, to be a business enabler. The CSO can aggregate IT security, OT security, physical security, supply chain security, product management security, and health, safety and environmental programs into a centralized organization and governance model.
21 January 2021
|
Report
:
Gartner Top 9 Security and Risk Trends for 2020
Privacy is becoming a discipline of it's own
No longer “just a part of” compliance, legal or auditing, privacy is becoming an increasingly influential, defined discipline of its own, affecting almost all aspects of an organization.
As a rapidly growing stand-alone discipline, privacy needs to be more integrated throughout the organization. Specifically, the privacy discipline co-directs the corporate strategy, and as such needs to closely align with security, IT/OT/IoT, procurement, HR, legal, governance and more.
21 January 2021
|
Report
:
Gartner Top 9 Security and Risk Trends for 2020
New "digital trust and safety" teams focus on maintaining the integrity of all interactions where consumer meets the brand
Consumers interact with brands through an increasing variety of touchpoints, from social media to retail. How secure the consumer feels within that touchpoint is a business differentiator. Security for these touchpoints is often managed by discrete groups, with specific business units focusing on areas they run. However, companies are increasingly moving toward cross-functional trust and safety teams to oversee all the interactions, ensuring a standard level of safety across each space where consumers interact with the business.
21 January 2021
|
Report
:
Gartner Top 9 Security and Risk Trends for 2020
Network security transforms from the focus on LAN-based appliance models to SASE
Cloud-delivered security services are growing increasingly popular with the evolution of remote office technology. Secure access service edge (SASE) technology allows organizations to better protect mobile workers and cloud applications by routing traffic through a cloud-based security stack, versus backhauling the traffic so it flows through a physical security system in a data center.
21 January 2021
|
Report
:
Gartner Top 9 Security and Risk Trends for 2020
A full life cycle approach for protection of the dynamic requirements of cloud-native applications
Many organizations use the same security product on end-user-facing endpoints as they did for server workloads, a technique that often continued on during “lift and shift” cloud migrations. But cloud-native applications require different rules and techniques, leading to the development of cloud workload protection (CWPP). But as the applications grow increasingly dynamic, the security options need to shift as well. Combining CWPP with the emerging cloud security posture management (CSPM) accounts for all evolution in security needs.
21 January 2021
|
Report
:
Gartner Top 9 Security and Risk Trends for 2020
Zero-trust network access technology begins to replace VPN's
The COVID pandemic has highlighted many of the problems with traditional VPNs. Emerging zero-trust network access (ZTNA) enables enterprises to control remote access to specific applications. This is a more secure option, as it “hides” applications from the internet — ZTNA only communicates to the ZTNA service provider, and can only be accessed via the ZTNA provider’s cloud service.
This reduces the risk of an attacker piggybacking on the VPN connection to attack other applications. Full-scale ZTNA adoption does require enterprises to have an accurate mapping of which users need access to what applications, which will slow adoption.
21 January 2021
|
Report
:
Gartner Top 9 Security and Risk Trends for 2020
Multiple trends are identified in the domain of safety and security
Multiple trends can be identified in the domain of safety and security:
- The use of multi-party computation (MPC) for secure information sharing is becoming more prevalent.
- The applications of AI, such as AI-drive decision making and the related risks of biases.
- The use of DNA technology provides opportunities for the detection of perpetrators of various crimes. However this technology also presents privacy risks.
21 June 2021
|
News
:
Recap HSD Café: Discussing Trends in Security
Evolutie van ransomware
De ontwikkeling van ransomware het laatste decennium wordt beschreven in deze tekst, evenals een verandering in doelwitten.
17 September 2021
|
Report
:
Whitepaper Ransomware
Quantum computing can have a major impact on the healthcare, energy and logistics sector
“A quantum computer can, for example, calculate the various states of large molecules extremely quickly. This enables researchers to simulate the interaction between substances and cells much more accurately. This enables medicinal drugs to be developed specifically for any given individual who has a particular disease. In addition, quantum technology can contribute to advances in batteries and solar cells. It can also clarify and solve logistical problems much more swiftly.” The quantum computer can, therefore, have a major impact on the healthcare, energy and logistics sectors, to name but a few. “But that’s not all. Every sector can benefit from a computer with more computational power. Consequently, the economic impact is bound to be enormous.”
22 June 2021
|
News
:
First Quantum Network in NL Released by End of 2020 Between Delft and The Hague
The TU Delft and the FIOD are collaborating to combat digital and financial crime
Students of the TU Delft developed a new way of accurately calculating the revenue made by sellers on 'dark markets', enabling the FIOD to apply an evidence-based approach to seizing criminal assets. Another method they developed helps to identify key players in these markets, making it easier to effectively and efficiently track down facilitators, such as money-launderers.
22 June 2021
|
News
:
FIOD and TU Delft Join Forces in Investigating Digital and Financial Crime
A growing number of organizations have CISO's
The importance of information security in the highly digitized world has increased significantly in recent decades and will continue to rise in the next decade. A continuous stream of examples of cyber attacks that paralyze entire institutions underlines this importance. It is therefore not surprising that more and more companies and institutions have a CISO (Chief Information Security Officer) or even an entire Information Security Office
27 May 2021
|
Report
:
HSD CISO Whitepaper: een robuustere cybersecurity
In recent years there has been a change in the role of the CISO
In recent years there has been a change in the role of the CISO, from a minimal realization of the role, to a more mature, full realization of the role. For example, the focus of the CISO has moved from technology to the organisation, the CISO has shifted from being difficult to being supportive, and there has been a growth in CISO Office team size as the mindset has shifted to security being essential for an organisation.
27 May 2021
|
Report
:
HSD CISO Whitepaper: een robuustere cybersecurity
The attention to resilience and especially robustness within cybersecurity lags behind the attention to prevention
The Netherlands is increasingly digitizing. For most organisations, a failure of ICT means a serious impediment to the execution of the (core) activities. The chance of failure can be reduced by all kinds of protective measures, but the risk remains. The impact of outages is often great. To guard against this, both resilience and robustness can be increased. The resilience of the system is the ability to quickly restore ICT and network, so that normal operation can be resumed. The robustness of the organization is the ability of this organization to continue to perform its core tasks without ICT support. The CISOs recognized the picture outlined. In general, there are too few fall-back options - long-term ICT outages are not sufficiently taken into account.
27 May 2021
|
Report
:
HSD CISO Whitepaper: een robuustere cybersecurity
Several factors can play a role in an increased focus on resilience and robustness in cybersecurity
factors can play a role in increasing resilience and robustness in cybersecurity:
-The management (board / board of directors) is often still too naive when it comes to cyber incidents and the resulting consequences. A business impact analysis and having the CISO speak the language of the board can solve this.
-Awareness campaigns are too rational, people do not "feel" the risk, and they are too focused on prevention. Practicing cyber incidents can solve this.
-Technical systems can contribute to increased robustness. Make sure to compartmentalize, standardize and simplify them.
-In a society that relies heavily on automation, the shortage of specialists, capacity and knowledge in the field of cybersecurity is a serious risk in the longer term
-The government plays an important role when it comes to the prevention of major cyber incidents and the preparation for dealing with such incidents should they occur.
27 May 2021
|
Report
:
HSD CISO Whitepaper: een robuustere cybersecurity
Safety of OT (Operational Technology) is underexposed
Safety of OT (Operational Technology) is underexposed. There are still too many legacy systems that hang unpatched and unprotected on the internet. More awareness is needed in this area.
27 May 2021
|
Report
:
HSD CISO Whitepaper: een robuustere cybersecurity
The Netherlands has an excellent position in the world when it comes to coordinated vulnerability disclosure
The Netherlands has an excellent position in the world when it comes to coordinated vulnerability disclosure (previously often referred to as responsible disclosure). This contributes to overall cyber security. There is still room for improvement on this.
27 May 2021
|
Report
:
HSD CISO Whitepaper: een robuustere cybersecurity
AI for cyberseurity
Despite increasing investment in cybersecurity, most organisations are scarcely able to keep pace with the speed of developments and digital threats. A medium-sized company gets hundreds of thousands of alarms per day. Automating cybersecurity work is therefore a key solution for becoming and remaining resistant while only using limited human and financial resources. That is why the emphasis in this focal theme is on designing secure, automated and privacy-friendly systems and products, as well as on developing techniques for making systems and products more resilient and keeping them that way.
24 March 2022
|
Report
:
AI Toepassingen voor Veiligheid, Vrede en Recht
Use of language and speech technology in AI
Organisations are having to deal with ever- increasing volumes of unstructured data in textual form, as well as time-consuming processes such as taking minutes of meetings, questioning and other verbal interactions. Language is everywhere – and fortunately, artificial intelligence is providing more and more opportunities for analysing text and speech automatically. It is expected that natural language processing (NLP) and automatic speech recognition (ASR) will be able to make our lives better and simpler over the coming years.
24 March 2022
|
Report
:
AI Toepassingen voor Veiligheid, Vrede en Recht
Three reasons to monitor social media for traffic management
There are many challenges in managing mobility and traffic. Incidents, roadblocks, planned events (e.g. concerts) and busy days are only examples of what can affect the traffic flow in a large city. To increase road safety, it is important to know what is happening, how an incident develops and how road users experience the situation. In short, you need as
much information as possible.
19 April 2022
|
Report
:
E-book: The Power of Social Media
Cyber profiling
The FBI refer to profiling as ‘reverse engineering a crime’ - the process of analyzing a crime scene to build a picture of the criminal, ultimately leading to an arrest. Criminal profiling is used to describe an overarching approach to criminal investigation.
We can say criminal profiling consists of an analysis of behavior patterns that can
help predict several things about a person who has committed a crime:
1. Their personality traits
2. Their modus operandi
3. The motivation to commit the crime
4. Potential future steps
Why do criminologists employ profiling? The main goal is to not only understand the enemy, but also to reach an understanding that will allow preventative measures to be put into place.
30 June 2022
|
Report
:
Inside the Mind of the Enemy
How to use the cyber profile?
A profile provides answers to the four key questions:
1. What has the adversary been able to do?
2. What are their objectives?
3. Who are they?
4. What are they going to do next?
30 June 2022
|
Report
:
Tool Up your Threat Hunting Team
Child sexual abuse material (CSAM)
The area of child sexual abuse material (CSAM) has remained a grave concern during the pandemic; with children spending more time online, the potential increase in demand for CSAM and attempt to engage in child sexual exploitation continues to be a considerable threat.
22 January 2021
|
Report
:
How Covid-19-related Crime Infected Europe During 2020
Deception in organised property crime
Various types of schemes involving deception have been adapted by criminals linked to organised property crime during the pandemic, including the well-known ‘grandchild’ or ‘nephew trick’.
22 January 2021
|
Report
:
How Covid-19-related Crime Infected Europe During 2020
The impact of the pandemic on terrorism and violent extremism
The impact of the pandemic on terrorism and violent extremism has been limited and primarily involved some extremists adapting narratives and propaganda materials to the COVID-19 topic. This development has been less and less apparent after May 2020.
22 January 2021
|
Report
:
How Covid-19-related Crime Infected Europe During 2020
Fake news, conspiracy theories and harmful narratives
The volume of fake news, conspiracy theories and harmful narratives undermining public institutions disseminated online around the COVID-19 pandemic has been substantial.
22 January 2021
|
Report
:
How Covid-19-related Crime Infected Europe During 2020
The first- and second-most commonly cited causes of breach are malware and malicious spam.
The first- and second-most commonly cited causes of breach are malware and malicious spam. Ransomware causes the most destructive amount of downtime (over 17 hours) and also doesn’t discriminate – this includes small, medium and large businesses and enterprises. Brand reputation has increasingly become an area of security breaches, to such an extent that brand reputation is now the second-most impacted business area after operations. Businesses and enterprises who show collaboration between security, networking, endpoint management, or security groups, showed significantly lower breach costs. It therefore comes as no surprise that voluntary breach disclosure is at an all-time high.
21 June 2021
|
News
:
Cisco 2020 CISO Benchmark Report
Forty six percent of organizations had an incident caused by an unpatched vulnerability
Forty six percent of organizations (up from 30 percent in last year’s report) had an incident caused by an unpatched vulnerability.
21 June 2021
|
News
:
Cisco 2020 CISO Benchmark Report
It is necessary to explore the guidelines by which technology serves our society
In 2019, over 80 organisations in the Netherlands signed a declaration to accelerate innovation. One way that this is done is through the implementation of technology in our society, also known as 'Smart Society'.
"Learning from the development of a Smart Society requires us to shift our focus from technology to exploring the guidelines by which these technologies serve our society”.
“There are many opportunities for technology and data to improve the security of our cities. To realise these opportunities, we have to work in an agile way, innovate together and scale-up the discovered solutions”
12 August 2021
|
News
:
The Development of Smart Secure Cities
Increasing attention is given ethical, legal and societal aspects of AI.
Increasing attention is given to the ethical, legal, societal aspects (ELSA) of AI use, in line with the European focus on AI applications that respect fundamental rights and public values.
2 December 2022
|
Report
:
ELSA Labs for Human Centric Innovation in AI
Digital and physical processes in society have become intertwined and crisismanagement should be able to deal with this
Most measures listed online focus on preventing a cyber emergency, only a very few concern the period during or after the emergency. This approach is too restricted. Digital and physical processes in society have become intertwined very rapidly. As a result, it's conceivable that a future cyber emergency will also affect the physical domains such as healthcare and transport. Fortunately, crisis and disaster management organizations are devoting more and more attention to the intensive interaction between the digital and physical spheres.
25 May 2021
|
Report
:
CSR Magazine
European Commission working to put in place the building blocks of a truly Digital Single Market
Over the last four years, the European Commission has worked to put in place the building blocks of a truly Digital Single Market that supports the development of new technologies and applications and at the same time ensures legal certainty and the necessary protections for consumers and businesses alike. The Commission has proposed a dedicated funding stream for digital as part of the next EU budget period from 2021. The Digital Europe Program will invest over €9bn in artificial intelligence, supercomputing, cybersecurity, digital skills and the modernization and digitalization of the public sector.
25 May 2021
|
Report
:
CSR Magazine
The EU needs to become more resilient to cyber-attacks and create an effective cyber deterrence
Cyber-attacks have increased in numbers, but also in scale and geographical spread. It is clear that the EU needs to become more resilient to cyber-attacks and create an effective cyber deterrence. The human factor plays a very important part in this. With some 95% of incidents said to be enabled by some type of human error – intentional or not - there is a strong human factor at play. Technology can only take us so far in keeping us safe in the digital world. People - but also businesses and public administrations - need to have the skills and the right tools to be able to quickly detect and actively protect themselves against attacks. The legislative framework that is currently in place works to ensure the safety of networks and systems and to raise awareness of the risks. This framework is continuously being reexamined and adjusted, with the additions of Acts.
25 May 2021
|
Report
:
CSR Magazine
Data theft creates a secondary extortion market
More ransomware groups now engage in data theft so they may threaten targets with extortion over the release of sensitive private data. As a countermeasure to their victims’ preparedness, several ransomware families picked up on a side hustle designed to increase pressure on their victims to pay the ransom – even if every backup with
essential data was safe. Not only would they hold the machines hostage, but they would steal the data on those machines and threaten to release it to the world if the targets fail to pay a bounty.
13 May 2021
|
Report
:
Sophos 2021 Threat Report
Ransoms rise as attacks increase
As ransom groups put more effort into active attacks against larger organizations, the ransoms they demand have risen precipitously. In just the past quarter, the average ransom payout has risen by 21%. Ransomware comes in weight classes, now: heavyweights that attack large enterprise networks, welterweights that target civil society (public safety and local government) and small-to-medium businesses, and featherweights that target individual computers and home users. While earning the dubious distinction of being the heaviest heavyweight sounds impressive, it isn’t fair to compare high ransom demands to those that originate from the lower end of the ransomware spectrum. Ransomware heavyweights are the primary driving factor in the demand for sky-high ransoms.
13 May 2021
|
Report
:
Sophos 2021 Threat Report
Increased collaboration between ransomware threat actors
Distinct threat actor groups that engage in ransomware attacks appear to be collaborating
more closely with their peers in the criminal underground, behaving more like cybercrime cartels than independent groups. What appeared to be a wide variety of ransomware may not be as wide as it seems. As time went on, and we investigated an increasing number of attacks, Sophos analysts discovered that some ransomware code appeared to have been shared across families, and some of the ransomware groups appeared to work in collaboration more than in competition with one another.
13 May 2021
|
Report
:
Sophos 2021 Threat Report
Increase in attacks targeting Windows & Linux servers
Server platforms running both Windows and Linux have been heavily targeted for attack, and leveraged to attack organizations from within. The majority of attacks targeting servers fit one of three profiles – ransomware, cryptominers and data exfiltration – each of which has a corresponding, distinct set of tactics and techniques the attackers employ. These characteristics won’t change in 2021 and Sophos anticipates the volume of attacks targeting servers will continue to increase.
13 May 2021
|
Report
:
Sophos 2021 Threat Report
Do not underestimate commodity malware
Even low-end "commodity" malware can lead to major breaches, as more malware families branch out into becoming "content distribution networks" for other malware. Don’t let the fact that malware families are merely ordinary lull you into a false sense of security.
These malicious workhorses can cause huge problems if allowed to persist.
- One of the most common malware types is the loader.
- Remote Access Trojans, or RATs, and infostealers are among the oldest forms of malware.
- Trickbot has been a persistent nuisance malware for at least four years.
13 May 2021
|
Report
:
Sophos 2021 Threat Report
RDP is the #1 attack vector for ransomware
The Windows Remote Desktop Protocol, or RDP, is a standard service available in all current versions of Windows. With very little effort, RDP allows IT admins or computer users the ability to log in to a computer when not physically in the presence of that computer, which can be great in the case of a pandemic where everyone is suddenly forced to work from home. Unfortunately, for the past three years, ransomware threat
actors have been abusing (at an accelerating rate) that same remote access platform as a way to gain a foothold and cause large-scale damage to enterprises, earning them an increasingly large payday from targeted organizations. The impact of the COVID-19 lockdown era has only exacerbated the problem, as increasing numbers of organizations and workers are forced by circumstances to rely upon RDP in order to remain operational.
13 May 2021
|
Report
:
Sophos 2021 Threat Report
BEC scammers are on the prowl in the distributed work ennvironment
BEC scams existed prior to the COVID-19 era, but as more people are working remotely, BEC scammers are on the prowl. Back when most of us were working in offices, physical proximity between the target and subject would have made the scam immediately apparent. But our current distributed work environment, where both the executive and employee are unlikely to be in the same physical proximity, reduces the opportunities for people to just walk over to someone’s desk and ask them to confirm the request. As an attack against the better nature of people who just want to be helpful and supportive, it is a particularly offensive type of scam.
13 May 2021
|
Report
:
Sophos 2021 Threat Report
Increased use of old bug 'VelvetSweatshop'
When it comes to malicious office documents (maldocs) and the exploits they attempt to deploy, what’s old is often used again and again, goes away after Microsoft produces an update, and then (sometimes) resurfaces. Newly-disclosed vulnerabilities often find favor among the criminals who use maldocs as a stepping stone to deliver a malware payload, because not everyone installs patches right away, and it sometimes takes a bit of time for security companies to craft an effective “safety net” defense, based on behavior or other characteristics of a novel vector. Most of the maldocs we’ve seen throughout the past year have been constructed using tools called builders that give attackers a literal point-and-click menu system that lets them decide exactly what exploit(s) to craft into the malicious document. As endpoint protection tools get better at identifying these more modern exploits, which usually involve a script that has been embedded into the document, maldoc creators seem to have dug deep to find a very, very old bug that helps conceal the macros or other malicious content in the documents. The bug is colloquially known as the VelvetSweatshop.
13 May 2021
|
Report
:
Sophos 2021 Threat Report
Home is the new network perimeter
Working from home presents new challenges, expanding an organization's security perimeter to thousands of home networks protected by widely varying levels of security.
As workplace perimeters stretch and expand to encompass big portions of the workforce in their remote locations, circumstances have enhanced the seriousness with which we view home networks’ role as the last line of defense. The modem in the hall closet is now the network perimeter. We need a complete rethink of how to provide that structure with defense in depth.
13 May 2021
|
Report
:
Sophos 2021 Threat Report
Crimeware as a service
The term “crimeware” is intentionally broad; some creators of malware, or of the tools that enable malware to be delivered with ease or to enhance it with new features, don’t sell their product outright, but license it as you might buy a one-year license for the Adobe Creative Suite. We’ve called this class of business model “crimeware-as-a-service,” (CaaS) and it seems poised to be the new normal. One of the more notorious examples of a CaaS malware is Emotet. Dharma ransomware is another CaaS malware of note. As attackers branch out into specialties and sub-specialties, it seems the business model in which
criminals work with independent contractors, freelancers and affiliates is one that doesn’t seem to be going away anytime soon.
13 May 2021
|
Report
:
Sophos 2021 Threat Report
Increase in scams abetted by spam email during COVID-19
The lockdowns across the world were accompanied by a flood of scams abetted by spam email. In the best of times, the most effective spam campaigns introduce a sense of urgency to demands that the recipient act on the message. This is a well-known psychological trick, because if you take a couple of moments to think about the contents of the spam message, you’ll probably realize it’s a fake. If the spammer triggers a
fear reaction, you act before you think, and you get snared in the trap. COVID-19 already had everyone on a hair trigger, so spammers didn’t even have to try particularly hard.
13 May 2021
|
Report
:
Sophos 2021 Threat Report
Remote work raises the importance of secure cloud computing
The overprovisioning of access permissions, limited visibility of assets and resources in the cloud and a lack of auditing, can all make cloud environments more vulnerable to cyberthreats and malware is about as bad in the cloud as it is everywhere else. For instance, cryptojacking is a growing problem in the cloud. Further, many dispersed, remote workforces have been hit by ransomware attacks, where criminals locked down the cloud infrastructure the same way they targeted physical machines.
the majority of security incidents involving cloud computing came down to two primary root causes: stolen or phished credentials, or misconfigurations that led to breaches. Seven out of ten of the more than 3,700 IT professionals surveyed for the report claimed that the cloud infrastructure they support had experienced a breach in the 12 months
prior.
13 May 2021
|
Report
:
Sophos 2021 Threat Report
Criminal abuse of security tools
The information security community has defined the style of attacks that involve very little or no malware, but instead harness the existing components of the operating system or popular software packages, as living-off-the-land (LOL). While the use of LOLscripts and reverse shells wasn’t new the past year, in 2020 they became a ubiquitous
element of complex, manually operated ransomware break-in attacks. In fact, both the quantity and variety of the attack tools we observed during attacks seemed to increase.
Software originally designed for the “red team” segment of the industry comprises the bring your own attack method. Attackers, in this case, deploy and use off-the-shelf security tools that are commonly used by network administrators and penetration testers. These include tools such as Cobalt Strike and elements of the Metasploit framework, designed for use in security assessments and technical tests.
13 May 2021
|
Report
:
Sophos 2021 Threat Report
Rapid development of IoT is expected to continue
A new era of connectivity is on the horizon. Over the past years, the number of connected devices out there has grown exponentially, and it is anticipated that figures will only continue to rise. By 2020, it’s predicted that there will be 31 billion connected devices in existence – a statistic that is expected to more than double to 75 billion by 2025. The catalyst that will boost IoT to its long-awaited full potential is the next generation of communication networks, as well as blockchain. The potential impact of IoT will be greatly heightened by other technological trends such as AI, 5G, and voice control technology, all of which ultimately serve to make connected devices smarter than ever.
28 May 2021
|
External
:
Technology Trend Report 2020
Quantum computing has evolved from a theoretical concept to a practical phenomenon
In recent years we’ve seen the relevant hardware and software necessary for QC move out of university labs and into business contexts – that is, the technology has evolved from a theoretical concept to a practical phenomenon. Companies are increasingly aware of this: Research shows that 40 percent of businesses are taking proactive steps towards QC, with 36 percent planning to take steps to invest in QC within the next two to five years. In the financial industry specifically, QC could make a difference in the areas of fraud detection,
dynamic portfolio analysis and optimisation, clustering and arbitrage.That said, QC still has a lot of maturing to do before it’s a viable computing option for enterprises that can deliver meaningful, cost-effective business results.
28 May 2021
|
External
:
Technology Trend Report 2020
Cybercrime, and specifically ransomware, is growing exponentially
Ransomware is a dynamically evolving risk, impacting organizations around the world with rapidly increasing loss frequency and severity. Claims have increased significantly in frequency and severity in recent years and continue to evolve.
- By 2025, Global cybercrime damage costs are expected to reach $10.5 trillion.
Global ransomware damage costs are predicted to reach $20bn in 2021, up from $325m in 2015.
- By 2021 a ransomware attack on businesses is predicted every 11 seconds.
- AIG has seen an increase of more than 150% in frequency of ransom and extortion claims notifications since 2018.
- All sizes of company are impacted by ransomware, across all types of industries.
Ransom and extortion claims accounted for 1 in every 5 cyber claims in 2020, up from 1 in every 10 claims in 2018.
Ransomware is rapidly evolving, fueled by the rise of ransomware as a service (RaaS), data exfiltration prior to encryption, and deeper, more invasive attacks.
28 May 2021
|
Report
:
Ransomware: a call for enhanced resiliency
5G presents new and steeper challenges
5G is well on its way to becoming an integral part of running any business. However, the increasing use of 5G allows hackers the chance to control all 5G-related systems, throwing security barriers for small businesses. According to Contego Security, 2021 will see a widespread focus on device and network security.
11 June 2021
|
External
:
Top 9 Cybersecurity Trends To Watch Out For In 2021
It is predicted that ransomware attacks will intensify in 2021
Through collaborative partnerships among hackers, ransomware attacks will increase in scale and scope. Hackers are not just threatening your data, they are threatening to disclose or sell it. During the COVID-19 pandemic the attacks on businesses are expected to intensify.
11 June 2021
|
External
:
Top 9 Cybersecurity Trends To Watch Out For In 2021
Businesses not staying on top of remote access security
Businesses continue to advise their employees to work from home. However, businesses are not up to date with the remote access security needed, this leaves them more susceptible for hackers. It is important for companies to secure their remote access points properly, otherwise nothing is stopping hackers from compromising their networks and data.
11 June 2021
|
External
:
Top 9 Cybersecurity Trends To Watch Out For In 2021
The move to Cloud storage gives way to unique challenges and the attention of hackers
It is important to adopt a practical approach to cloud security. The rising confidence in hybrid, private, and public data cloud gives way to more unique challenges and an increased interest of hackers. As 2020 has showed with a spike in malware attacks against web applications, online applications have become more vulnerable than ever.
11 June 2021
|
External
:
Top 9 Cybersecurity Trends To Watch Out For In 2021
Mobile devices are the easiest to target for hackers
Hackers are shifting their attention to mobile devices (smartphones) as many employees keep their private data on mobile phones and devices. A challenge is the fact that It managers don't see the value of investing in mobile security infrastructure.
11 June 2021
|
External
:
Top 9 Cybersecurity Trends To Watch Out For In 2021
Human character as the weakest link in the field of cybersecurity
The human character is by far the trickiest and weakest link in the field of cybersecurity. Contrary to other threats, insider attacks can be triggered just by how staff members feel.
11 June 2021
|
External
:
Top 9 Cybersecurity Trends To Watch Out For In 2021
Sharp rise in spear-phishing
Phishing is a powerful method of hacking. Bad actors have evolved from phishing email to using spear-phising, which is a more targeted form that guarantees more success.
11 June 2021
|
External
:
Top 9 Cybersecurity Trends To Watch Out For In 2021
Ever-growing cybersecurity skills gap
The demand for cybersecurity experts exceeds supply. And as bad actors are not slowing down their disruptive actions, extra attention has to be paid to this problem.
11 June 2021
|
External
:
Top 9 Cybersecurity Trends To Watch Out For In 2021
Integrating security into agile processes and the automation of cybersecurity
By integrating security into agile processes, such as DevOps and CI/CD, small businesses can easily build more secure software. They’ll also be able to keep up with the required quality and pace of software development. Large and complex web apps are even more difficult to secure, making automation and cybersecurity an integral part of software development in 2021 and beyond.
11 June 2021
|
External
:
Top 9 Cybersecurity Trends To Watch Out For In 2021
Quantum computers are widely seen as a breakthrough technology, especially when employed in disciplines like artificial intelligence, cryptography, and big data analytics.
Quantum computers are seen as a breakthrough technology, especially when employed in disciplines like artificial intelligence, cryptography, and big data analytics. With the promise of quantum computing come vast amounts of hype and confusion, ranging from what a quantum computer precisely entails, to when one can expect a quantum computer. We need to be prepared for this future.
21 June 2021
|
News
:
Quantum Computing in Cyber Security Domain: Report and HSD Cafe
5 must-have protections for a secure remote workforce
Now global work goes remote digital threats appear, for instance trough unintentional errors or increase of cyberattacks. Below five must-have protections are pointed out by Check Point to secure your remote workplace. The importance of securing remote users cannot be understated. The business is only truly protected when its users are, as most attacks start at the weakest link – the user.
17 September 2021
|
Report
:
The Ultimate Guide to Remote Workforce Security
Zero Trust policy as a solution for Cybersecurity within organizations
Due to Covid-19, many people were forced to start working from home in early 2020. This growing mobile workforce coupled with companies’ increasing reliance on cloud storage and third-party software has put data security at its greatest risk to date. These factors have also made it more and more difficult to define the network perimeter and apply appropriate protections. Yet regardless of the amount of money and resources a company puts into implementing cybersecurity measures, the human factor always has the potential to unravel everything. This is why the Zero Trust model and cybersecurity consulting can bring people and companies into the new era of security.
17 September 2021
|
Report
:
The Easy First Step to Starting Your Zero Trust Journey
An increase and shift in ransomware attacks
Going into 2019, many ransomware operators shifted their focus from ordinary users to companies, government agencies, and other victims that would help them pocket more money. This shift and parties currently most attacked by ransomware are discussed in the snippet. Furthermore is a description of the ransomware market both criminal to criminal and criminal to corporations.
20 September 2021
|
Report
:
Hi-Tech Crime Trends 2020/2021
Digital security is becoming increasingly important
Digital security is becoming increasingly more important. We are seeing a shift in crime rates from "physical" to digital. Due to the growth in digital products and services, the potential digital vulnerability of society is increasing. In addition, the physical and digital world have become intertwined and that entails new risks. In order to do their job properly, drivers must be aware of these risks and vulnerabilities.
22 January 2021
|
Report
:
Trends in de informatiesamenleving 2020
Digital security & Covid 19
With the rapid development of digitization, digital security is a major challenge. The COVID-19 crisis once again underlines how important it is that our digital resources function properly and that residents can rely on government information and act safely in the digital world. However, that safety and reliability are far from self-evident. Europol notes, for example, that the number of cyber incidents since the crisis has increased in line with the widespread adoption of digital working. In the Netherlands, the Fraud Help Desk has to deal with a doubling of the number of monthly reports (from 6,500 per month in December to 15,000 in April), with the increase in Whatsapp fraud in particular being striking. The Tax and Customs Administration also sees more than a doubling of phishing reports. Prior to the current crisis, Statistics Netherlands noted in its annual Security Monitor that the number of victims of cybercrime is increasing, while traditional crime is decreasing.
22 January 2021
|
Report
:
Trends in de informatiesamenleving 2020
Digital sovereignty and dependence
An important issue in a European context is the management of the digital infrastructure. It is becoming increasingly clear that there are negative sides to the European dependence on non-European tech companies. In her "political guidelines", European Commission President Ursula von der Leyen already spoke of "technological sovereignty". Also around the COVID-19 contact tracing apps, we see that European countries need to adapt their approach to the solutions offered by US tech companies. This dependence has significance for European strategic interests in the current and future geopolitical playing field, in which the possibilities of digital warfare are a factor. Investigative journalist Huib Modderkolk illustrates this in his book Het is oorlog maar niemand ziet het (''It is war but nobody sees it'') in a disturbing way. GAIA-X, a proposal for a federal European data infrastructure, is also an example of an ambitious initiative that the EU is currently taking to bring about renewal, whereby Europe gains sovereignty.
22 January 2021
|
Report
:
Trends in de informatiesamenleving 2020
Chain spreading of digital risks
In general, we can say that the opportunities of the information society are also accompanied by shifting risks, new vulnerabilities and interdependencies that are not always predictable.
These risks are not limited to the own organization, but spread easily through chains and networks - also internationally. Responsibility for digital security within such chains as a whole is still unexplored territory. This is risky because a digital disruption can have major social effects.
Digital disruption refers to serious disruptions (intended and unintentional) to society, with both digital and physical dimensions. Consider, for example, the consequences of the ransomware attack on a Ukrainian accounting system that also affected the Maersk shipping company and thus the port of Rotterdam in 2017, or the national failure of the emergency number 112 as a result of a KPN outage in 2019.
22 January 2021
|
Report
:
Trends in de informatiesamenleving 2020
Existing fundamental rights are under pressure due to digitalization
Experts and leading institutions are concerned about the influence of digitization on our democracy and the ability of residents to make decisions about their (digital) living environment. As early as 2011, the Scientific Council for Government Policy (WRR) warned in the iGovernment report against "faltering democratic control". In more recent years, concerns have only increased. Opinion makers, scientists and advisory councils point to the erosive effect that digitization appears to have on democratic processes.
The various advice and reports highlight a number of key challenges. A first challenge is that digitization and social media influence the functioning of our democracy, as noted by the State Committee on the Parliamentary System and the Council for Public Administration (ROB), among others. For many citizens, the rapid technological developments are too complex to really fathom them. There is a knowledge inequality between the market and society. In this context, the Rathenau Instituut therefore advocates strengthening "technological citizenship".
22 January 2021
|
Report
:
Trends in de informatiesamenleving 2020
There are rights that we require in an information society that we are currently might not possess
In addition to existing fundamental rights that are under pressure due to digitization, experts also identify possible missing rights. One example of this is the right to meaningful contact, as formulated by the Rathenau Institute (2017). The rapid rise of artificial intelligence and robotization raises questions about meaningful and "face-to-face" contact. But is it desirable that people end up in situations where they only deal with robots? The answer to that question almost certainly seems "no". There is a lot of psychological research that shows that people cannot live without contact with their fellow human beings. The right to meaningful contact can stipulate that we must avoid such situations.
Another example is the right to repair. Critics argue that large technology companies are "planned obsolescence." This means that these companies ensure that their products - smartphones, for example - do not last longer than two years, while a longer lifespan is quite possible. For example, research shows that the average lifespan of a desktop computer decreased between 1985 and 2010 from 10.7 to 3.5 years. The right to repair could allow people to access information about the hardware and software of products, enabling them to repair them themselves - rather than buying a new product every two years.
An extension of this is the right to interoparability. A small, accessible example: it is not in the public interest that you need a different charger for Apple smartphones than for all other smartphones. Ideally, there is one type of charger that you can use for everything and is therefore interoperable. This is also applicable in other areas: if systems from different providers of online platforms are interoperable, people can leave a social network without leaving their friends behind.
22 January 2021
|
Report
:
Trends in de informatiesamenleving 2020
Data sharing for AI: Data Sovereignty, Trust and Security
The need to get a grip on (the conditions for) the use of data when it is shared with other parties is rising. We do want to share data, but data misuse must be prevented in order to give organizations and individuals the confidence to share their sensitive data. The starting point is therefore "controlled data sharing". Controlled data sharing can be broken down into three aspects:
• Data sovereignty is the ability of a natural person or organization to be fully self-determining with regard to its data, ie the ability for a legal entity to decide exclusively using its data as an economic asset. It requires people and organizations to control the circumstances over how their data is shared and how it may be processed by other parties.
• Trust is the property of obtaining assurance that the entities (persons, organizations, or systems) with which data is shared are actually the entities they claim to be and that they will act accordingly. Trust can be achieved through adequate identification, authentication and certification methods.
• Security is the property of being able to guarantee that the actual sharing of data is protected against unauthorized misuse of this data by security breaches, whether as a result of malicious intent or accidentally. It includes aspects such as encrypted data transport and storage and software certification and attestation
30 March 2021
|
Report
:
Verantwoord datadelen voor AI
Using synthetic data to negate data privacy risks
Companies and governments collect a lot of sensitive data about customers and citizens. They are bound by legislation (like the GDPR) as to how they can use this data. However, this data does not have to be real data, as the same can be achieved with synthetic data. Companies can use AI driven software to generate synthetic data for a variety of use-cases. Software on the market gives organizations a secure and widely applicable platform to realize innovations with more data, faster data access and zero data privacy risks.
14 June 2021
|
News
:
Dutch Security TechFund Invests in Syntho’s Synthetic Data Solution to Solve the Global Data Privacy Dilemma
New quantum computing platform provides opportunities for training, education and the development of applications
The quantum computer is seen as a key technology, enabling radically new products and services. It has the potential to solve certain problems much faster than ‘classical’ computers will ever be able to achieve. "Our platform focuses primarily on training and education, and the development of applications, so that more people can use the quantum computer as it develops further and becomes more widely available. Quantum Inspire is also an important magnet for the ecosystem forming in Delft of knowledge institutions, companies and start-ups.”
22 June 2021
|
News
:
Minister Ingrid van Engelshoven and European Commissioner Mariya Gabriel launch Quantum Inspire
Innovative solutions will enhance COVID-19 response
Controlling social distancing has been critical during the pandemic. To adhere to health mandates, retailers, corporate offices, and others need to know how many people are in their facilities at any given point. This has generated a big demand for occupancy management solutions. While most are using this technology to count people entering and exiting a building, organizations will continue expanding this technology across all areas of their facilities. These spatial analytics are helping businesses unlock important insights about how people use their facilities. Long after the pandemic is over, they can extract data to learn:
- how many people are waiting in the lobby
- how many people are in the cafeteria
- how specific spaces are being used over time
This data then becomes the catalyst for building improvements that enhance the visitor, employee, or tenant experience.
12 May 2021
|
External
:
Top physical security trends for 2021
Cybersecurity risks will continue to rise
From schools and hospitals to private businesses, there’s been a rise in cyberattacks over the last year. In Q3 of 2020 alone, Trends Micro reported that there were almost 4 million email threats and over 1 million hits on malicious URLs related to COVID-19.
Much of this can be linked to the overnight shift towards remote work, which left organizations scrambling to keep business running while also trying to secure corporate assets. That said, even essential-service organizations such as hospitals and public institutions which require employees onsite were severely impacted by cybercrime.
In today’s world, a secure IT perimeter no longer exists. Physical security professionals must put measures in place to deter hackers and protect their businesses.
Choosing trusted vendors and deploying physical security solutions that come with layers of cyber defenses is critical. Security teams already know built-in encryptions, multi-factor authentication, and password management are the first lines of defense.
Beyond that, taking advantage of other features can improve cybersecurity posture. This includes having access to cybersecurity risk scoring, system vulnerability alerts, and automated reminders for firmware and hardware updates.
12 May 2021
|
External
:
Top physical security trends for 2021
Businesses will focus on privacy protection
During the COVID-19 pandemic, many organizations implemented ‘fever detection’ devices and other new systems. In a rush to keep people safe, they may not have had the time to consider how potential privacy concerns could arise from this in the coming months to come.
In times of crisis, it’s even more important to keep privacy in mind. That’s why more businesses are re-evaluating how they collect, store, and share personal information. With big penalties at stake, they’re seeking ways to better comply with data and privacy protection laws.
We believe that public privacy concerns related to COVID-19 contact tracing and other social challenges will continue to grow. These sensitivities will require the physical security industry to address privacy head-on and find appropriate solutions.
For many physical security professionals, this means facing the reality that their legacy security equipment and older proprietary systems can’t support the fundamentals of data security and privacy. This will increase the demand for newer solutions engineered with privacy by design.
12 May 2021
|
External
:
Top physical security trends for 2021
Demand for cloud and hybrid cloud solutions will continue to grow
According to a report titled Predictions 2021 by Forrester, global public cloud infrastructure will grow 35% to a market value of $120 billion in 2021. The pandemic is largely responsible for the surging demand for cloud. As online usage and remote work spiked, there’s been a global shift to accelerate digital transformation. Even with this movement underway, a recent Genetec report titled the State of Physical Security 2020 found that only 20% of respondents had already deployed cloud solutions in their physical security environments.
To thrive in the long run, physical security professionals will need to follow the lead of other industries and their IT departments and determine how to best leverage cloud technology in the years ahead. In 2021, we believe more chief security officers will let go of the division between cloud and on-premises physical security systems and embrace a hybrid deployment model. This allows them to implement specific systems or applications in the cloud while keeping existing on-premises systems. A hybrid approach makes for an easier transition to the cloud. It can also be the simplest answer when deciding how to enhance scalability, redundancy, and availability to meet changing needs. Beyond that, cloud offerings provide tons of added value. Physical security teams can quickly migrate to newer technologies, minimize hardware footprint, boost cybersecurity, and reduce costs.
12 May 2021
|
External
:
Top physical security trends for 2021
Greater focus on trust in the supply chain
In 2021, we believe businesses will continue to take more time to scrutinize physical security solution providers and manufacturers. This includes asking vendors more pointed questions about how they manage emerging threats, how forthcoming they are about product vulnerabilities and their partner ecosystem, and what their data and privacy policies are. In recent years, we’ve seen some governments discouraging or banning the use of certain vendor products, claiming possible trust and security vulnerabilities. As this trend continues, physical security professionals will seek out vendors that they feel can comply with more stringent guidelines.
12 May 2021
|
External
:
Top physical security trends for 2021
Organizations will invest in new access control and video analytics solutions
In a recent Genetec report, the State of Physical Security 2020, 54% of respondents said that access control will be a big project to focus on in 2021 and 46% said the same about video analytics. Many physical security professionals know that upgrading to modern access control solutions will help them to reach new goals. This might include strengthening cyber hygiene or deploying new a physical identity management solution to automate employee and visitor access requests. During the re-opening phases, the latter will help limit physical interaction while keeping people safe, buildings secured, and compliance in check. Implementing video analytics further strengthens site security and delivers more insights. From people counting and directional flow to object left behind and crossline detection, analytics are giving security teams a clearer picture of what’s happening in their environment. Remote teams can also stay top of threats while securing near-empty facilities during this pandemic. As machine learning continues to push the intelligence of analytics forward, users will see higher accuracy rates, and this will boost confidence in various edge and software-based analytics.
12 May 2021
|
External
:
Top physical security trends for 2021
Personalized solutions will address industry-specific needs
Physical security solutions have traditionally been cookie-cutter. While certain functionality might appeal to one business more than another, rarely have security platforms been designed to address a specific industry. That’s all changing. Customized product portfolios are becoming increasingly popular as users' needs evolve and procuring enterprises seek more sophisticated solutions. Airports, cities, mass transit, cannabis, and other industries require solutions that are designed to help them manage their unique environments. Since custom-built solutions cost a fortune to develop and maintain, vendors will be pushed to provide an easier and more affordable path to address these tailored industry needs.
12 May 2021
|
External
:
Top physical security trends for 2021
Organisations are increasingly falling victim to attacks via their supply chain
Hackers use third parties to gain access to connected organisations. By gaining valuable intelligence, specific organisations can be targeted. Supply chain attacks are increasingly harder to detect and prevent, seen that many recent supply chain attacks have never been shared with the public.
18 May 2021
|
News
:
Supply Chain Attacks Threatening More Companies
Increase in cyber crimes in society requires municipalities to make cybersecurity a key topic
Vulnerabilities and threats in the digital domain are increasing, with far-reaching consequences in society. Given the current developments, an administrative focus on only the information security of the municipality is no longer. Data leaks, digital disruptions, incidents and digital crimes are a daily reality. Such incidents show that (digital) disruptions also have disruptive effects elsewhere. Digital disruption; everyone gets it on his or her plate. Directors therefore are not only confronted with one's own business operations, but also with digital crime and digital incidents in society. It makes the theme of "digital security" one theme that periodically belongs on the management table and is no longer just a business management issue.
19 May 2021
|
Report
:
Agenda Digitale Veiligheid 2020 – 2024
The Netherlands lags behind in investing in areas that are central for future innovation
The main areas of concern are the speed of embedding technology, access to markets, capital, talent and the ability to scale successfully. There is insufficient availability of capital,
a small talent pool and a homogeneous startup sector, insufficient market access and a gap between technology and new businesses.
24 May 2021
|
Report
:
Empowering Dutch Leaders in Tech 2020
The Netherlands is moving up the rankings in business dynamics, but moving down the rankings in innovation capabilities
The innovation ecosystem is one of the main indicators of success for remaining internationally competitive. Interestingly, the Netherlands has contradictory trends in the two indicators defining a global competitive ecosystem. The Netherlands is moving up the rankings in business dynamics, but moving down in the international rankings in innovation capabilities. This is an alarming trend for the competitiveness of the country in the near future.
24 May 2021
|
Report
:
Empowering Dutch Leaders in Tech 2020
Scaleups have limited access to the Dutch and international markets
‘Internationalisation’ is indicated as the biggest challenge by founders from mid-stage scaleups (between €1M – €5M revenues). Access to international buyers, local partners and local talent are three of the biggest internationalisation challenges for scaleups. Additionally, ‘market reach’ is one of the biggest disadvantages for the Dutch tech ecosystem. At most multinationals, the sales procurement process is still unnecessarily complex for scaleups.
24 May 2021
|
Report
:
Empowering Dutch Leaders in Tech 2020
There is a modest and fragmented supply of venture funding
Notwithstanding a steady increase in deals, venture capital (VC) fund investment volume and a number of government support programs, The Netherlands is still a long way from realising this vision. There are a variety of issues signaled in the ecosystem and although qualitative data is not readily available, the challenges are apparent:
• There is a modest and fragmented supply of venture funding, spread over regions, sectors, funding stage and fund type (private/ public).
• Overall deal sizes are small causing a relatively small overall impact, where only a few funds invest in multiple stages.
• There is a specific shortage of early and late stage funding and venture debt.
• Dutch VC find it hard to attract Dutch institutional investors in their funds and there is for now low presence of focused foreign VC that could provide material contribution in terms of capital and best practices.
24 May 2021
|
Report
:
Empowering Dutch Leaders in Tech 2020
Limited access to talent for scaleups
Scaleups will need to hire 12,000 individuals every year for the forseeable future. Currently, 48% of all software development roles in the Netherlands are hard to fill. Scaleups must compete for talent with larger companies, and the domestic pool of talent is not sufficient, thus attracting international talent is crucial. Additionally, there is a lack of diversity, as in recent years only 0.8% of venture capital in the Netherlands was invested in female founders and only 5.7% in mixed teams.
24 May 2021
|
Report
:
Empowering Dutch Leaders in Tech 2020
Lack of awareness of information security risks
Organizations depend on information to perform their core activities. The amount of information we process has grown enormously over the past decades. Due to the possibilities offered by ICT resources, we have also started linking more information. This has also made information processing more complex. Information and ICT are now inextricably linked. Organizations are not always sufficiently aware of what that information is worth to themselves, but certainly also to malicious parties. Lack of this insight means that organizations pay too little attention to knowing and managing the risks that arise when working with their information. They focus on technical security tools and the technical side of digital attacks, but focus too little on the value and importance of our information.
24 May 2021
|
Report
:
Risico’s beheersen: de waarde van informatie als uitgangspunt
Responsible AI: Connecting the ethics of AI with technological practice
After a period of formulating frameworks, principles and starting points, it is now time to concretely link ethics with practice. A new approach is needed to anchor AI and the underlying data in ethically responsible and socially meaningful applications:
-Focus on the pursuit of social values
-The business community takes joint responsibility for social innovation
-Knowledge institutions provide responsible AI education and research
-Introduce ethical guidance and regulation
-Organize ethics from the perspective of citizens and stakeholders
-Connect AI with sustainability
-Support wide access to responsible and meaningful solutions
25 May 2021
|
Report
:
Mensgerichte Artificiële Intelligentie
The rise of AI ethics in The Netherlands
The major impact of AI on people and society entails a special responsibility. How can we design AI systems responsibly? How can we determine whether these systems use responsible data? And how can we properly embed and use them socially? The importance of these questions is widely recognized and in 2019 there was almost no industry, government, company that had not drawn up an ethical code. The year 2019 has already entered the books as the year of AI ethics. AI ethics themes that have arisen include for example fairness and justice, transparency, and liability. The pursuit of "responsible AI" is also crucial in international relations. Europe is increasingly profiling itself as a "third way", alongside the capitalist approach of "Big Tech" in the West and the centralist approach to state control in the East. In this third way, people are central. The Netherlands has the potential to be a core player in this third way. Scientific research in the field of AI is of a high level and the Netherlands has many successful AI-related companies.
25 May 2021
|
Report
:
Mensgerichte Artificiële Intelligentie
80 percent of large companies have adopted AI to enhance their core business operations
Today, approximately 80 percent of large companies have adopted examples of machine learning and other forms of AI to enhance their core business operations. Five years ago, this figure was less than 10 percent. Nevertheless, most companies still only use AI tools as point solutions – for fraud prevention, for instance – discrete applications that are isolated from the enterprise’s wider IT architecture.
28 May 2021
|
External
:
Technology Trend Report 2020
A rise of broad AI solutions is expected
At present, most AI applications fall under the Narrow AI category – meaning, they’re built for a specific task. In the future, the rise of Broad AI solutions is expected – systems
that can work on a broad range of problems.
28 May 2021
|
External
:
Technology Trend Report 2020
Public concerns surrounding the use of AI
As is the case with various other technologies, data quality and privacy are both challenging issues when it comes to AI. Perhaps more than any other innovation, though, AI instills fear in people. There are the more widely expressed concerns – ‘Will we lose our jobs to robots?’ – and then there’s also anxiety about losing control over AI, its outcomes and impacts. As AI models become increasingly advanced, intelligent and complex, we as humans tend to understand them less – we need to be wary of possible biases that we don’t immediately recognise and can’t explain or even interpret. It’s even been found that AI-driven models can make choices that us humans aren’t capable of understanding.
28 May 2021
|
External
:
Technology Trend Report 2020
Quantum computing will have a significant impact on the field of AI
While it will still be many decades before we see Quantum Computing (QC) take off on a large scale, it’s predicted that when this happens, it will have a significant impact on the field of AI – leading to enhanced judgement, improved interaction, greater degrees of trust and products that are far more intelligent. In general, AI is going to change almost every aspect of daily life and the nature of work as we know it. To manage AI and harness its power within organisations, new jobs, roles and skills will be required. As AI tackles less complex, more mundane duties, employees can start taking on higher-value, more rewarding tasks.
28 May 2021
|
External
:
Technology Trend Report 2020
Despite rapid developments, three challenges hinder the widespread adoption of blockchain solutions
Despite rapid developments, three major challenges continue to hinder the widespread adoption of blockchain solutions:
-limited scalability: As the amount of data stored continues to increase, blockchain systems tend to become slower and have much greater storage demands.
-the competition paradox: . The technology enables or forces competing parties from
all over the world to cooperate equally to redefine markets and improve global industries. It can be difficult to get competitors to work together.
-privacy challenges: how can we justify information and transactions being memorised forever?
28 May 2021
|
External
:
Technology Trend Report 2020
While Extended Reality (XR) is capable of completely changing the way people live and work, barriers exist to its wider expansion
XR-based solutions and innovations are gaining traction throughout the business
world and are starting to feature in a growing number of customer-facing products
and services. In fact, research suggests that by 2022, 70 percent of enterprises will be
experimenting with immersive technologies for consumer and commercial use, and
25 percent will have deployed them to production.
While XR is capable of completely changing the way people live and work, the technology is still predominantly employed only in the entertainment industry, often to enhance (video) games. XR headsets tend to be expensive and relatively difficult to acquire. Another challenge is that, currently, Virtual Reality only allows for single-person use.
28 May 2021
|
External
:
Technology Trend Report 2020
The maturation of sensor and voice control technology
Sensor technology is becoming increasingly sophisticated and this has implications for IoT. Every object can be fitted with multiple sensors that are able to collect useful information on how the item is performing and on its internal and external conditions. This data can then be used to determine if maintenance is urgently required, for example. New human-machine interaction opportunities through voice user interfaces (VUIs) – used in the
case of digital assistants like Siri, Alexa and Google Assistant – also expand the possibilities in the IoT realm. The integration of voice control into IoT devices completely
changes the way people interact with their environment and carry out their work and life duties.
28 May 2021
|
External
:
Technology Trend Report 2020
The rapid development of IoT presents a number of challenges
The rapid development of IoT presents a number of challenges. These include:
-Security threats: enterprises have been building vast interconnected ecosystems for some time now, but only 29 percent of business and IT executives report that they’re confident that their ecosystems are secure
-Privacy issues: devices in your house gather a lot of information. What happens if this
data is improperly shared or misused?;
-Identity management: how can a platform be sure that a machine truly is who it says it
is?
-The standardisation of API platforms / IoT protocols: some of them are closed; some slightly more open.
28 May 2021
|
External
:
Technology Trend Report 2020
5G technology will power billions of new connected devices and supercharge the adoption of transformative technologies
5G technology will power billions of new connected devices and supercharge the adoption of transformative technologies. It will provide the basis for a truly intelligent network of cars, robots, drones, and more — all of which will be able to communicate in real time in response to people’s needs. In many ways, it will reinvent the business world. In the face
of such rapid developments, companies must anticipate and seize opportunities.
28 May 2021
|
External
:
Technology Trend Report 2020
Quantum computing poses a fundamental cybersecurity threat
While the focus tends to be on the positive impact QC might have, the technology poses a fundamental threat, too: It has the power to break cryptographic keys in an extremely efficient way. This could expose businesses and governments to major cybersecurity threats, and potentially cause complete mayhem. Hence, the first thing the world needs to focus on, is making encryption methods entirely quantum-proof.
28 May 2021
|
External
:
Technology Trend Report 2020
Voice technology has rapidly grown in popularity, but challenges prevent wider adoption
In the United States (US), voice-activated technology has become one of the most popular applications for AI today, and it’s predicted that the use of DVAs and other conversational interfaces will only continue to rise. Ease of use and time savings are two of the primary reasons why people choose to use voice assistants. While the technology has evolved rapidly in the US and other parts of the world, developments have been much slower in the Netherlands. The reason for this lag is simple: DVAs aren’t yet fluent in Dutch. That said, as soon as the issue of language is resolved, there’s no doubt that a ton of opportunities will open up in the field of voice recognition here, too.
31 May 2021
|
External
:
Technology Trend Report 2020
CEO fraud has been going on for decades, but attacks are becoming more sophisticated
CEO fraud is a form of financial economic crime that has been going on for decades. Yet today it is the order of the day and employees are being tricked into making false payments in increasingly sophisticated ways. Before the theft, extensive research is often carried out into the victim and his or her organization. CEO fraud is one of the most common forms of internet crime. The consequences are often large and irreversible, both for the victim and financial and image damage to the organization. CEO fraud is often labeled as impossible and incomprehensible by outsiders. People hardly dare to talk about it when it has happened to them, stories are not shared or are shared anonymously. CEOs don't understand: how can this happen in their organization? Yet they themselves often pose the greatest danger. Organizations that are confronted with CEO fraud are often internationally oriented, involving several management layers and where hierarchy plays a major role. This presents problems, but just as many opportunities to stimulate desired behavior (preventively) and to counteract the danger.
9 June 2021
|
Report
:
Het Grootste Gevaar voor CEO-Fraude Vormt u Zelf
Thinking cybersecurity is solely the IT department's responsibility is a common cybersecurity mistake
IT teams are often lacking resources and sufficient support. Taking care of an organization's cybersecurity is not a one-man-job, nor is it solely a technical issue. Cybersecurity must be spread in all levels of an organization.
11 June 2021
|
Report
:
Five Most Common Cybersecurity Mistakes
Forgetting to train employees is a common cybersecurity mistake
Not everyone is interested or familiar with cybersecurity related risks and threats. Employees need assistance and support to become and stay compliant with cybersecurity policies. Offering people training and exercises to make the learning process as comprehensive as possible is necessary.
11 June 2021
|
Report
:
Five Most Common Cybersecurity Mistakes
Overlooking actual cybersecurity risks is a common cybersecurity mistake
Organizations should perform cybersecurity assessments on a regular basis. If an organization does not regularly assess their cybersecurity risks, overlooks them or does not mitigate the findings, the risks of vulnerability to cyberattacks increases significantly. Organizations should constantly be fully aware of both their operating environment and their cybersecurity status and have the ability to implement plans rapidly into action.
11 June 2021
|
Report
:
Five Most Common Cybersecurity Mistakes
Not defining specific security requirements is a common cybersecurity mistake
Cybersecurity related risks and threats pose significant challenges and should not be underestimated - especially for budget reasons. Working with an outsourced IT service company, is vital for the organization to give a clear, comprehensive brief to the service provider about their roles and responsibilities. Always stay alert and involved and always double-check.
11 June 2021
|
Report
:
Five Most Common Cybersecurity Mistakes
Defining security policies, but not implementing them is a common cybersecurity mistake
Writing down the organization’s cybersecurity crisis plan and policies is the right thing do. Unfortunately, policies and plans are useless unless put into use. Enforcing security policies in both processes and ways of working ensures that the organization operates more safely and effectively at all levels.
11 June 2021
|
Report
:
Five Most Common Cybersecurity Mistakes
With the increasing desire and need to move to the Cloud IAM becomes even more important
With the increasing desire and need to move to the Cloud, a good IAM becomes even more important. Due to cost or complexity, an organization cannot transfer all applications or systems to the Cloud at the same time. This requires a hybrid solution in which the old applications ran on location and the new applications in the Cloud. A hybrid solution also requires a Hybrid identity. The scope has been greatly increased due to this hybrid solution. Examples include local Identity Lifecycle Management (ILM), the tightening of laws and regulations, and multifactor authentication.
14 June 2021
|
Report
:
De toekomst van IAM
Increased legislation and regulations lead to more attention for compliance
Due to increased legislation and regulations and industry and company regulations, there is clearly more attention for compliance. IAM is evolving towards Identity and Access Governance (IAG). At IAG, policy is taken to determine who may have access to the information or systems. Stricter laws and regulations force us to approach IAM even more from a policy point of view. This is seen as a major hurdle because requirements are constantly being added or adjusted, which inevitably makes the IAM solution more complex. More complexity is rarely seen as a plus. Checking policy compliance and comparing the used – and administered access rights is becoming increasingly important. This is not easy, which is why the security officer and the compliance officer must be involved in the approach.
14 June 2021
|
Report
:
De toekomst van IAM
Increase in location independent work and self-reliance of employees creates additional risks
there is more interest in location-independent working and self-reliance of employees, and at the same time this creates additional risks. With home workers you can exercise less control on which devices or applications an employee has used to access sensitive company information. IAM must be flexible and be able to deal with these requirements and wishes of internal and external users
14 June 2021
|
Report
:
De toekomst van IAM
Increased attention to scalability of IAM platforms
There is increased attention to scalability of an IAM platform due to exponential growth of data, systems and users, both in-house and in the Cloud.
14 June 2021
|
Report
:
De toekomst van IAM
Outdated and custom applications prevent a link with an IAM platform in the cloud
Because suppliers opt for the SaaS Cloud model, they no longer maintain the local applications and therefore become obsolete. There are still too many outdated and custom applications. These are not suitable for the Cloud and prevent a link with an IAM platform in the Cloud.
14 June 2021
|
Report
:
De toekomst van IAM
Openness in the digital world has consequences for the vulnerability of accounts with increased rights and privileges
Due to all kinds of (technological) developments, openness in the digital world is increasing and this has consequences for the vulnerability of accounts with increased rights and privileges. In particular, the attractiveness for cybercriminals to hack into these accounts is increasing. The challenge specifically focuses on the balance between adequately securing this type of account and workability.
14 June 2021
|
Report
:
De toekomst van IAM
SSO allows customers to access applications and products/services with one account and password
In the past, customers had to log in with different accounts in different ways to access, for example, different banking or insurance products. Nowadays they can easily access all kinds of applications and products/services with one account and password, whether or not in combination with MFA. Thanks to Single Sign-on (SSO), you can easily log in anywhere with one account and password. This applies to on-premise applications or Cloud applications for which it is authorized. SSO is extended to the Cloud and all associated SaaS applications. This architecture makes it possible to offer the user a central point (portal or hub) from which he can access all the desired applications with one click, without having to log in again and again.
14 June 2021
|
Report
:
De toekomst van IAM
The future of IAM is cooperation: the development of IAM as a service
The “As a Service” approach appears to be embraced more and more. Organizations can be taken care of in the context of a service and are given more time for their core tasks. In turn, Managed Service Providers use their specialist knowledge and experience to create confidence that things are well arranged. You can also apply this philosophy to IAM. A logical next step is therefore to purchase Hybrid IAM in the form of a service. “IAM as a Service” from a Managed Security Service Provider (MSSP).
14 June 2021
|
Report
:
De toekomst van IAM
The demand for faster delivery of new products and services increases vulnerability
The demand for faster delivery of new products and services is increasing and vulnerability is increasing as a result. Organizations are more open and expose themselves to security risks and this increases the chance of cybercrime, not a nice feeling for a CISO.
14 June 2021
|
Report
:
De toekomst van IAM
Increased (temporary) collaboration may pose security risks
The emergence of chain collaboration ensures that complete IAM environments can be accessed in autonomous domains (Federated Identity Management). This can only be done on the basis of trust in each other. The emergence of more and more temporary collaborations where the identities do not come from an HR system. Think of partners or external users in the form of customers. After the collaboration, it is necessary that you deny access in a controlled manner.
14 June 2021
|
Report
:
De toekomst van IAM
The rise of Consumer Identity and Access Management (CIAM)
Consumer Identity and Access Management (CIAM): An IAM solution specifically tailored to the needs of organizations that process large amounts of information about consumer identities. While similar to traditional IAM at first glance, CIAM solutions should provide a smooth yet secure customer experience, with the ability to scale quickly to handle large amounts of customer data. An example of this is a pharmacy app that keeps track of whether or not a customer wants a reminder message about the repeat prescription.
14 June 2021
|
Report
:
De toekomst van IAM
Increase in scaremongering about the impact of cyberattacks
The flow of messages about cyber attacks is increasing and often the survival of organizations would be endangered. Is this real or just oversimplified scaremongering? Of course there are successful digital break-ins, but unfortunately it is too often scaremongering. This backfires because organizations become desensitized to these kinds of warnings in the long run.
15 June 2021
|
Report
:
Risico onderzoek
Crucial risk analysis on information security requires a rare combination of technical and business knowledge
A risk study on information security helps to cover the risks. Although researching risks is an excellent aid in forming judgments when researching and managing risks, it is certainly not a questionnaire that one can go through. In-depth knowledge of an organization, such as primary business processes in relation to technology, is necessary. And this can hardly be processed in a questionnaire. An ideal, but unfortunately very scarce, combination of technical knowledge and business knowledge is necessary. Only then will you cover the entire spectrum of legislation and regulations, business processes, technology, information security and vice versa during the risk assessment. Consultants often lack technological knowledge and experience, and information security specialists are technology driven and often loose sight of the importance.
15 June 2021
|
Report
:
Risico onderzoek
Risk-based security is key for organizations
Organizations have a limited budget, time and resources regarding information security. This requires a targeted use of budget, time and resources. The deployment must correspond to the risks and consequences in relation to the importance of the asset and/or business process. This together determines the seriousness and is a guideline for the deployment of security measures (risk-based security).
15 June 2021
|
Report
:
Risico onderzoek
Germany offers great opportunities because of its proximity and huge potential sales market.
Are you a small and medium-sized entrepreneur located in The Hague and do you see opportunities in Germany, despite or because of the COVID-19 crisis? After 2 succesfull editions, the municipality of The Hague has decided to offer the opportunity once again for 6 entrepreneurs to start doing business in Germany.
Germany offers great opportunities because of its proximity and huge potential sales market. That is why the municipality, together with the German-Dutch Chamber of Commerce (DNHK) and business associations, has developed a programme in which 6 entrepreneurs from The Hague are intensively guided in successfully entering the German market.
The programme runs from 1 July to the end of the year and takes about 2 to 3 semi-days per month. Interested? Register before 8 June.
18 June 2021
|
News
:
SME Programme to Start Doing Business in Germany 2020
Eight European security clusters are collaborating on a variety of security related topics
The collaboration between eight European security clusters brings together various skills and competences regarding science, academia, business and the public sector. Joint international R&D and innovation projects focus on the following sectors and topics:
1) Aerospace systems (drones, air systems, and satellite applications for security missions)
2) Information and cyber security
3) Disaster resilience and innovations for law enforcement and border security
4) Critical infrastructures security
5) Dual-use defence technologies for the civil sector
21 June 2021
|
News
:
Eight European Security Clusters Join Forces for a More Secure Europe
The market for MDR services is growing fast
The market for Managed Detection and Response (MDR) services is growing fast. Among others, the industry analyst Gartner predicts that by 2025, 50% of all organisations globally will be using MDR services.
21 June 2021
|
News
:
Internationally Recognised Cybersecurity Company Mnemonic is Expanding in the Netherlands
Companies are collaborating in order to combat crimes involving dark web and virtual assets
The last few years, it became more and more apparent that cryptocurrencies are abused for several illicit purposes due to their pseudo anonymous characteristics, and structural solutions needs to be implemented in the whole ecosystem from law enforcement, virtual asset service providers, financial institutes and cyber security agencies.
Many dark web crimes are supported by cryptocurrencies, for example for trade in illicit goods, or to hire crypto-mixing service providers to obfuscate money trails to support money laundering, fraud or terrorist financing.
21 June 2021
|
News
:
CFLW And Cointel Partner Against Dark Web And Virtual Asset Crimes
A twofold solution is necessary in order to secure a company from cyber threats
First of all, an entrepreneur can implement simple, often free security measures, such as enabling two-step authentication for e-mail and setting up password leak alerts. Secondly, it could be considered to outsource cyber security to a specialised company and to conclude a cyber insurance contract.
21 June 2021
|
News
:
Research by EYE: Cyber Products For SMEs Are Often Ineffective
Cooperation is necessary in order to increase the resilience of citizens and companies against cybercrime
''Good cooperation between central government and municipalities in securing our digital infrastructure and combating cybercrime is more important than ever.''That is one of the reasons why multiple cities, municipalities and security institutions will be collaborating in order to make citizens and companies more resilient against cybercrime.
21 June 2021
|
News
:
Government Increases Cyber Resilience Through City Deal
SOCs are crucial in detecting cyberattacks
Cybersecurity has become a basic pre-condition for a prosperous and safe society in the 21st century. Automatically carried out cyberattacks are increasing and therefore, countering those attacks cannot only be done through human actions anymore. Consequently, Security Operation Centers (SOC) are crucial in detecting such attacks and are at the core in most cybersecurity strategies.
22 June 2021
|
News
:
Consortium Targets Automatic Prevention of Cyber Attacks
Many cryptographic algorithms and encryption schemes are becoming unsafe due to advances in quantum computing
Advances in quantum computing have caused many cryptographic algorithms and encryption schemes to become unsafe. Without preparation, sensitive data that is currently protected by encryption schemes will become accessible and the communication infrastructure will be disrupted. As a result, transactions and information will become vulnerable to hostile entities, affecting countless organisations and millions of people.
22 June 2021
|
News
:
1.8 Million for Research Into Quantum Security of Public Key Infrastructure
Low-cost data diodes can secure data traffic on a large scale
Organisations are working together in order to establish a low-cost open source data diode that provides security to lower classified data. Current data diodes guarantee dataflow with a high level of security, but at a price of thousands of euros. Therefore, the application of these devices for lower classified or unclassified data traffic is not realistic. By using open source software and open standards, the price of a data diode is kept low, which allows for numerous different usages in organisations. Advantage of this type of software is the publication of the source code on open source platforms. The open source community can further develop the software and check the source codes to eliminate errors.
23 August 2021
|
News
:
"The Impact of an Open Source Data Diode is Enormous"
15 countries are working together in order to exchange knowledge and build research, innovation and technical collaborations and capability in host regions
Through the United Nations, the Global Ecosystem of Ecosystems Partnership in Innovation and Cybersecurity (Global EPIC) was established in order to connect ecosystems around the world, with the aim of facilitating knowledge exchange as well as building research, innovation and technical collaborations and capability in host regions.
In particular, the partnership has been designed to combat growing world challenges by facilitating global collaboration while enabling positive local cybersecurity and economic benefits.
23 August 2021
|
News
:
The Value of International Collaboration in International Peace and Security
Prediction of trends in the ransomware threat landscape
Based on Group-IB’s observations of the ransomware threat landscape, our experts have compiled the following list of eight trends that the world should look out for in the coming year.
17 September 2021
|
Report
:
Ransomware Uncovered 2020/2021
CISO's guide to ransomware prevention in 5 minutes
This e-book describes what actions to undertake to prevent a ransomware attack. On top of that it presents how to respond after an ransomware attack has taken place. Furthermore solutions are presented to help your organisation against ransomware attacks.
3 November 2021
|
Report
:
Ransomware Prevention in 5 Minutes [eBook]
Digital identity and the need for an active government
A trusted digital identity, to which a number of verified attributes or claims are attached,
such as a name, BSN or proof that you are over 18, offers great added value and ease of use in doing digital business with each other. To realize plans around digital identity, the Dutch government will have to change course. The developments in the market and at the European level demand a more active government role in creating trust in a digital identity, enabling careful identification, reliable authentication and controlled authorization in a collaborative system.
22 December 2021
|
Report
:
Digitale Identiteit en de Noodzaak van een Actieve Overheidsrol
Good preparation is essential to cyber resilience
The odds of an organization being affected by a cyber incident are 1 in 8. But preparing for and practicing a cyber crisis is hardly done. "Good preparation is essential to limiting the damage" states Job Kuijpers, CEO at EYE Security. Organizations often discover a cyber incident too late. At that point, something is already wrong; a lot of money has disappeared, data has been stolen or all systems have been locked down by ransomware. That is the moment when processes come to a standstill and it becomes clear that an organization has been affected.
28 January 2022
|
News
:
Cyberaanvallen: ‘Een crisismanager moet inhoudelijk snappen waar het over gaat’
Vulnerability Management: Smarter Patching Better Addresses Real-World Risks
Today’s enterprise security programs face formidable challenges.As technologies evolve and increase in complexity, the attack surface continues to grow while head counts remain stagnant. It’s no easier to find, hire and retain talented cybersecurity professionals than it was a few years ago. This means that security leaders must find ways to accomplish more with the same number of people. The only way to achieve this aim consistently is to work smarter and not harder. Security programs must rely on intelligence that can guide them in applying their efforts where they’ll have then biggest impact. With access to the right intelligence sources—timely, relevant, in context and presented in a manner that makes
24 March 2022
|
Report
:
Top Five Areas Where Intelligence Bolsters Your Security
Een drietal ontwikkelingen in de samenleving die volgens de politie van grote invloed zijn op het ontstaan van maatschappelijke onrust en daarmee op het huidige politiewerk
The call for more police on the streets has always been around, but recently the organization has been under a lot of pressure. People working for the police emphasize the three developments within society. These developments will have an impact on social disorder and the current police work: the corona pandemic, an increase in contradictions and tensions in society, and the declining trust in the government and its agencies. These developments will be further explained.
19 April 2022
|
Report
:
Trendbeeld Eenheid Amsterdam: Politiewerk in onrustige tijden
Trendbeeld cybercriminaliteit en digitalisering
The physical and digital worlds are overlapping more strongly due to the pandemic. According to the National Cybersecurity Center (NCSC) the pandemic has permanently changed the digital landscape. Cybercrime took a major flight. New developments within the digital domain follow each other in rapid succession. There is an increasing pressure on the government to fulfill its role within the digital domain. Experts warn that a solid approach to cybercrime can no longer be put off. Traditional forms of crimes are getting more digital, therefore a transformation is needed within the police force.
20 April 2022
|
Report
:
Trendbeeld Eenheid Amsterdam: Politiewerk in onrustige tijden
Participative and Constructive Ethics (PACE)
In het platform Participative And Constructive Ethics (PACE) worden activiteiten samengebracht die betrekking hebben op de ethische aspecten van
AI-toepassingen. Het gaat om het verbinden van kennis en praktijk en het ethisch (her)ontwerpen van AI en de toepassingsomgeving. Het platform is onderdeel van de Nederlandse AI Coalitie, Bouwsteen Mensgerichte AI en volgt de aanpak van een learning community of practice.
9 June 2022
|
Report
:
Ethiek en AI in de praktijk, samenwerken en samen leren
Cyberattacks are increasing in the Netherlands in 2022
Compared to 2021, the Netherlands has experienced an increase of 55% in cyberattacks in 2022. Moreover, almost half of the Dutch companies has experienced a threat in the cyber domain.
2 December 2022
|
Report
:
Position Paper: Van NIS naar WBNI
Global figures on cybercrime in 2022
Globally, every 11 seconds a company has become the victim of ransomware in 2022. The yearly damages of cybercrimes amounts up to 5,5 trillion euro.
2 December 2022
|
Report
:
Position Paper: Van NIS naar WBNI
OT-security is a target for hackers, while the topic lacks awareness
OT-systems are a target for hackers. A lot of companies lack awareness with regards to OT-security, while attacks on OT infrastructure are costly and are not quickly detected.
2 December 2022
|
Report
:
Position Paper: Van NIS naar WBNI
Digitalization through connected devices in OT infrastructures leads to increased cyber risks
Within industries, OT-infrastructures are digitalizing through the implementation of connected devices. OT-infrastructures are particularly vulnerable due to the connection between IT and OT, the relative longevity of OT-systems, and the lack of security standards and monitoring.
20 January 2023
|
Report
:
Operational Technology in cybersecurity wet- en regelgeving
Cyberweerbaar NL is developing a cyber incident monitor
Cyberweerbaar NL is developing a Cyber Crisis Monitor to improve cyber resilience by learning from cyber incidents. The monitor will register incidents and share key lessons learned by participating organisations. It will focus on behavioural and organisational factors that contribute to the occurrence or resolution of cyber incidents.
The project is funded by the SPRONG Grant, awarded by the SIA Directorate to The Hague University of Applied Sciences (THUAS), Saxion, NHL Stenden University of Applied Sciences, and a large consortium of societal partners. The grant aims to enhance cooperation in the field of cyber resilience over the next eight years.
Security Delta (HSD) is contributing to this consortium for approximately two years with 60 project hours per year. HSD has written a memorandum about the success factors of the Cyber Crisis Monitor and has made several connections. The success of the monitor depends on the willingness of organisations and participants to report and upload information about incidents.
21 March 2024
|
News
:
Development Cyber Crisis Monitor: Learning from Cyber Incidents
The critical need for robust security measures in both hardware and software to protect embedded devices from evolving cyber threats.
This document delves into the critical importance of embedded software security in the evolving technological landscape. Here is a summary of the key points discussed in the report:
- Significance of Embedded Software Security: Embedded software plays a crucial role in various devices, systems, and applications, necessitating robust security measures to combat emerging threats.
- Hardware Security: Emphasis on embedding security features directly into hardware components to enhance system resilience against physical tampering and unauthorized access.
- Software Security: Importance of secure coding practices, robust software security measures, and the integration of defensive programming techniques to prevent attacks.
- IoT Ecosystem Security: Highlighting the need for safeguarding IoT devices through encryption, secure communication, and protection against reverse engineering and potential exploits.
- Cyber Attack Resilience: Strategies and technologies to enhance the security of embedded systems against evolving cyber threats, including the adoption of open source software, timely updates, and cryptographic protocols.
- Legislative Measures: Discussion on upcoming legislation like the National Cybersecurity Strategy and the NIST Secure Software Development Framework to enforce security standards and accountability.
- Future Outlook: Anticipation of increased use of AI and ML in IoT devices, the importance of binary transformation technologies, and the role of security solutions like Emproof Nyx in fortifying embedded device security.
Overall, the report underscores the critical need for proactive security measures, the integration of advanced technologies, and adherence to regulatory frameworks to safeguard embedded devices against sophisticated cyber threats in 2024 and beyond.
27 March 2024
|
External
:
Embedded software security: 2024 and beyond
The importance of protecting OT against cyberthreats
Operational Technology (OT) refers to the automation of physical processes. This is different from Information Technology (IT), which is about the automation of information. The resilience of OT against cyberthreats is, and always has been, very low. This was no huge issue in the past, as OT mainly included technology that required physical access. However, with the increasing interconnectedness between OT en IT, OT becomes digitally accessible. Cyberthreats therefore start to pose an increasing risk to OT. Effective drivers for organisations to take action are rules and regulations. Among them is the NIS2 regulation, which forces organisations to implement cybersecurity in OT by applying fines.
23 September 2024
|
Report
:
Understanding OT Security
Two drivers that increase cybersecurity compliance for Operational Technology (OT)
The resilience against cyberthreats in Operational Technology (OT) is very low. There are two main ways to increase cybersecurity compliance in OT-organisations:
1. By implementing rules and regulations, such as NIS2, organisations have to take responsibility in OT cybersecurity. For instance, through applying fines.
2. By providing to possibility to reduce cyber insurance premiums, organisations are incentivised to increase their cybersecurity efforts.
23 September 2024
|
Report
:
Understanding OT Security
There is a lack of OT security specialists
There is a growing demand for Operational Technology (OT) security specialists. While there are globally 156.000 specialists for Information Technology (IT), there are only 4000 specialists for OT. The gap is growing since universities barely provide specific OT security education and because it is difficult to find IT specialists that want to adapt to OT security. To increase the supply of OT security specialists, it might be effective to train OT engineers in the field of cyber security.
23 September 2024
|
Report
:
Understanding OT Security
An overview of the Cybercheck
This chapter provides a overview of the Cybercheck, which is intended for public and private organisations that have Protectable Interests (Te Beschermen Belangen, TBB) with regard to National Security. It is intended as a guide for mapping and controlling supply chain risks for products and services from countries with an offensive cyber programme to protect the Protectable Interests. Management bears full responsibility for digital risks, however often times the CISO or a trusted partner is responsible for the execution of this check.
The Cybercheck can be implemented for products and services that are already in use as well as for those under consideration for procurement. It is applicable to all physical and digital, environmental components of the products and services in use of the organisation. This relates to the software, operating system, firmware and hardware. Malicious actors are known to exploit developmental and maintenance stages of products and services.
26 September 2024
|
Report
:
Cybercheck: Beware of supply chain risks!
Proper assignment formulation and thorough supervision of the execution of security tests
Proper assignment formulation and thorough supervision of the execution of a security test ensure a result that meets the needs of the client.
Ideally, security tests do not provide any major surprises, but provide confirmation of the quality of the development process.
30 March 2021
|
Report
:
Whitepaper Securitytesten
Software is developed to increase the cyber resiliency of critical national infrastructures and manufacturing processes
Investments are made in order to enable industrial organisations to discover their Operational Technology (OT) devices, networks and vulnerabilities. Such industrial organisations are active in many sectors, among which are the critical national infrastructure sector (energy, water, rail and aviation), manufacturing sector, military sector and Smart City sector.
18 May 2021
|
News
:
Awen Collective Secures Investment Round Led by Dutch Security TechFund
Secure access to data and applications is becoming more important
Recently, data leaks have occurred in governmental organisations and the industrial sector. Secure access to (sensitive) data within such organisations is therefore becoming more important. Consequently, businesses provide various organisations with secure access to specific data and applications (for example cloud-management applications).
18 May 2021
|
News
:
Dutch Security TechFund Invests in SonicBee to Make Data Access Secure and Compliant
There is a large shortage of IT personnel in the province of South Holland
There is a big shortage of IT personnel, also in the Province of South Holland. It is therefore necessary to train more people for IT and increase knowledge of IT among other workers.
21 June 2021
|
News
:
Collaboration in South Holland to Educate Thousands for Additional IT Workforce
Investments are made to combat subversive crime
Recent investments have been made in order to tackle subversive crime in the Netherlands. The organisation that received the investment is first in making it possible to map out so-called 'soft information' and to automatically enrich reports with, among other things, cadastral information, the WOZ value and the registered businesses at an address. With the investment, the scale-up wants to develop the platform into a total solution that supports municipalities from first suspicion to legal prosecution.
22 June 2021
|
News
:
Meld een Vermoeden Receives Investment for Total Solution Against Crime
Companies are collaborating in the field of Customer Identity & Access Management SaaS
Two Dutch companies have merged their forces in order to become the largest European vendor of Customer Identity & Access Management (CIAM) SaaS. The merger expedites the combined vision of making digital business for all European enterprises simple and safe.
Catering for an outstanding omnichannel and frictionless (digital) customer experience is key for online services, no matter whether customers use web or mobile technology. Privacy protection and implementing the highest security standards have defined proper stewardship. Who the user is, what the user is allowed to do, enabling the user to opt-in or out defines the relationship and its governance. Identity management therefor is fundamental to any online interaction.
23 August 2021
|
News
:
Onegini and Iwelcome Merge to Become The Largest European Identity & Access Management Software Vendor
Cybercrime increasingly affects businesses and individuals
“Cybercrime increasingly affects businesses as well as individuals and with a cost of cybercrime in hundreds of billions of euros the demand for skilled professionals will continue to grow.”
24 August 2021
|
News
:
Results International Cyber Security Summer School 2019
Young hackers are provided with the opportunity to improve their behaviour
Through a new pilot-program, young hackers (between 12-23 years old) are provided with an opportunity to improve their behaviour. The youngsters get an alternative or additional punishment aimed at recovery, training and coaching. The objective of the pilot-program is to prevent recidivism, and at the same time letting the youngsters develop their talent, with the legal framework of the Netherlands.
24 August 2021
|
News
:
Pilot: Twenty Companies Help Justice get Young Hackers on the Right Track
Organisations are collaborating to calculate societal impact caused by weather induced disruptions
Two organisations are joining forces in the field of flooding and its effects on critical infrastructures. Not only abroad, but also in the Netherlands itself, the effects of climate change are increasingly visible and tangible. Now the question arises if weather induced disruptions on our shared infrastructures could lead to substantial societal disruptions. By connecting two cloud platforms, the potential is created to calculate and visualise domino effects of horizontal or vertical flooding on a community's critical infrastructures.
24 August 2021
|
News
:
Dutch Collaboration Gives Insight in Domino Effects of Flooding
Cyberattacks on SME's are increasing
Cyberattacks on SME's are increasing yearly by 20%. The yearly costs of these attacks are between 2 and 4 billion dollar in the province of Zuid-Holland. Expectations are that both the number of attacks and the damages that accompany them will continue to rise.
6 January 2023
|
Report
:
Cyberweerbaarheid in de Logistieke Sector
The cybersecurity skills gap continues to grow
The number of unfilled cybersecurity jobs will increase from just 1 million in 2014 to 3.5 million in 2020. This deficit of skills is likely to become a growing matter of public concern during the early part of this new decade. The threats we face in cyberspace today will only become more intense unless there are sufficient people with the skills to counter them coming through the pipeline. Without investing in training existing staff on how to prevent or mitigate cyberattacks in their field, as well as hiring experts with the skills to spot new threats on the horizon, industry stands to lose hundreds of millions of dollars.
25 May 2021
|
External
:
The 5 Biggest Cybersecurity Trends In 2020 Everyone Should Know About
Reviewing risk management solutions and strategies
A top priority for businesses in 2021 will be the reviewing of their risk management solutions and the contingency strategies. This will be a top concern in order to be ready if another crisis like COVID-19 forces employees home again.
10 June 2021
|
External
:
4 Forecasted Trends for 2021 Security and compliance Strategies
cloud deployment within companies will increase
Companies are looking to provide their employees with the tools to work wherever and whenever they want while also decreasing the costs involved. This means cloud deployments will rise. A decrease in traditional on-site work will also cause a decrease in on-premise software for ease of access, zero maintenance and cost-cutting.
10 June 2021
|
External
:
4 Forecasted Trends for 2021 Security and compliance Strategies
Increase in spending on internal security
An increase in the demand for cloud technology translates into an increase in the security technology industry. With the increase in working from home the need is growing to protect systems from insider threats. Businesses should be preparing for (even) more investments in tools to prevent insider incidents in 2021.
10 June 2021
|
External
:
4 Forecasted Trends for 2021 Security and compliance Strategies
Audit and compliance activities will increase to ensure protection against insider threats
Due to the increase in remote working stakeholders will want added assurance that financial records are not tempered with, better risk management data and the peace of mind that assets are protected from internal and external threats. Organizations will want to make sure they have robust segregation of duties, risk analysis and reporting tools to provide rapid insights to catch and remediate risks. To accommodate remote work and reduced budgets, cloud solutions for this work will be more in demand.
10 June 2021
|
External
:
4 Forecasted Trends for 2021 Security and compliance Strategies
Cloud-based security threats due to misconfigured security measures give way for stricter security protocols and security testing features
The increasing use of and confidence in Cloud services pose new challenges. Cloud-based security threats give way for stricter security protocols and security testing features.
11 June 2021
|
External
:
Top 10 cybersecurity trends to watch out for in 2021
Effective risk management through incorporation of security into agile processes
Automation and integration are key factors in development. Through incorporation of security into agile processes, like ModelOps and DevOps, businesses are able to more effectively manage risks and maintain the quality of their development.
11 June 2021
|
External
:
Top 10 cybersecurity trends to watch out for in 2021
Bring Your Own Device and mobile security
The concept of Bring-Your-Own-Device (BYOD) is encouraged in order to minimize costs and increase operational productivity. This is done by increasing employee flexibility through remote work and leveraging the gig economy.
11 June 2021
|
External
:
Top 10 cybersecurity trends to watch out for in 2021
Increased threats connected with Internet of Things devices
Cyberattacks have risen to 2.9 billion events. Over the next coming years this number is expected to grow even more. Expectations are an increase in hardcoded passwords, non-encrypted personal data, updates of software and firmware form unverified sources, issues related to wireless communication security, amongst other things. All these threats are connected with the use of Internet of Things devices, used at home, the public space or enterprise.
11 June 2021
|
External
:
Top 10 cybersecurity trends to watch out for in 2021
Increase in data leaks by employees
Employees are increasingly getting involved in data leaks, wether this is done intentionally or not.
11 June 2021
|
External
:
Top 10 cybersecurity trends to watch out for in 2021
Data highways pose a rampant cybersecurity threat
Data management and data privacy concerns are issues that cannot be ignored by businesses present online. The use of third-party data for business gains must fall under the following:
- Individuals must know how their data will be used
- Data encryption cannot be ignored
- Individuals must be able to opt-out
- companies have to communicate if there has been a data breach
11 June 2021
|
External
:
Top 10 cybersecurity trends to watch out for in 2021
Cyber insurance policy as a way to mitigate financial risks from cyber-attacks
Some US companies have already bought some type of cyber risk insurance and it is expected that other companies will follow. Cyber insurance policies are used as protection against cyber-attacks as a way to mitigate financial risks associated with these attacks.
11 June 2021
|
External
:
Top 10 cybersecurity trends to watch out for in 2021
An increase in spending on cybersecurity expected for 2021
With increasing awareness among businesses, 2021 will see an increase in their spending on cybersecurity. There will also be a rising demand for more security experts, however this demand will far exceed the supply of qualified experts, leading to a widening skill gap, which will be filled with automation.
11 June 2021
|
External
:
Top 10 cybersecurity trends to watch out for in 2021
The demand for cybersecurity professionals exceeds supply
Two in three organizations worldwide have reported a shortage in their IT security staff. This leads to the use of automated security tools such as online vulnerability management solutions. These automated tools would become essential to maintain security.
11 June 2021
|
External
:
Top 10 cybersecurity trends to watch out for in 2021
Artificial intelligence (AI) will play an increasing role in both cyber- attack and defense
AI is the new arms race, but unlike earlier arms races, anyone can get involved – there’s no need for the sort of resources that were previously only available to governments. This means that while AI is undoubtedly being researched and developed as a means of crippling an enemy state’s civil and defense infrastructure during war, it’s also easily deployable by criminal gangs and terrorist organizations.
14 April 2021
|
External
:
The 5 Biggest Cybersecurity Trends In 2020 Everyone Should Know About
Political and economic divisions between east and west lead to increased security threats
In 2019, we saw the US government effectively embargoing partnerships between US tech firms and the Chinese mobile giant Huawei, due to fears over the close links between Huawei and the Chinese state. If more barriers like these go up, it could easily have the effect of preventing international cooperation on both the technological and regulatory challenges of cybersecurity, and that’s only likely to benefit the bad guys.
14 April 2021
|
External
:
The 5 Biggest Cybersecurity Trends In 2020 Everyone Should Know About
The cybersecurity skills gap continues to grow
During 2020, research suggests the number of unfilled cybersecurity jobs will increase from just 1 million in 2014 to 3.5 million. This deficit of skills is likely to become a growing matter of public concern during the early part of this new decade.
14 April 2021
|
External
:
The 5 Biggest Cybersecurity Trends In 2020 Everyone Should Know About
Increased importance of cybersecurity puts more pressure on IT departments
There is an increasing need of more security on the internet, as cybercrime is on the rise. Security is lagging behind technological innovation while data security is of utmost importance. The theme of data security affects companies and makes a great demand of IT departments within those companies. It is therefore important that IT departments have sufficient knowledge and people in-house to master security issues.
11 June 2021
|
External
:
De 7 software ontwikkeling trends voor 2021
Innovate and increase security through updating legacy systems
By modernizing or updating legacy systems, big steps are already taken for securing data. Another reason to tackle legacy systems is innovation. For many organizations legacy systems are a barrier for innovation.
11 June 2021
|
External
:
De 7 software ontwikkeling trends voor 2021
Increased use of webapps
Nowadays desktop apps and web apps hardly differ. And if there is a difference, it is often the web app that is better. It is expected that web apps become even more prominent in 2021, especially Progressive Web Apps (PWAs).
11 June 2021
|
External
:
De 7 software ontwikkeling trends voor 2021
Growth in Domain Driven Design
Domain Driven Design or DDD is a software architecture tool with the aim of accelerating software projects dealing with complex domains. The use of a ubiquitous language is an important principle. DDD has been around since 2004 and it has been a relevant method all these years. But you can now see that companies and developers know how to apply microservices more and more. Containerized development with, for example, Docker has also become increasingly accessible. Both promote a software architecture of "vertical isolation". Thanks to these developments, we expect DDD to become more prominent, also in communication with customers.
11 June 2021
|
External
:
De 7 software ontwikkeling trends voor 2021
Strong growth in Python based frameworks and libraries
Over the last 5 years, Python has increased in popularity as an accessible programming language. With the increasing popularity of Machine Learning, Python will enjoy even more growth in 2021 and beyond.
11 June 2021
|
External
:
De 7 software ontwikkeling trends voor 2021
Lean software development as tool to simplify complex software projects and processes
Lean Software Development stands for effective software development with as little waste as possible. The tools and principles of Lean Software Development are used more and more often. For example, companies with software products for software developers implement tools from Lean Software Development.
11 June 2021
|
External
:
De 7 software ontwikkeling trends voor 2021
Breakthrough in online Integrated Development Environments (IDE)
Experts anticipate a breakthrough for IDE's in 2021. They expect this as IDE's have several advantages, such as easy sharing code with co-workers, easy on-the-go editing, and good integration possibilities with other applications. However, there are several disadvantages like the lack of plugins, lacking performance, and the remaining question wether organizations want to share their software projects with Cloud providers.
11 June 2021
|
External
:
De 7 software ontwikkeling trends voor 2021
Dutch government develops tool to combat process automation risks
The Digital Trust Center of the Dutch government has, together with partners, developed a practical tool to combat process automation risks. The tool offers companies an overview of security measures that are yet to be taken to ensure secure Industrial Control Systems and Operational Technolgy infrastructures.
7 February 2023
|
News
:
Security Check Procesautomatisering
Artificial intelligence (AI) will play an increasing role in both cyber-attack and defense
AI is the new arms race, but unlike earlier arms races, anyone can get involved – there’s no need for the sort of resources that were previously only available to governments. This means that while AI is undoubtedly being researched and developed as a means of crippling an enemy state’s civil and defense infrastructure during war, it’s also easily deployable by criminal gangs and terrorist organizations. So rather than between nations, today’s race is between hackers, crackers, phishers and data thieves, and the experts in cybersecurity whose job it is to tackle those threats before they cause us harm. Just as AI can “learn” to spot patterns of coincidence or behavior that can signal an attempted attack, it can learn to adapt in order to disguise the same behavior and trick its way past our defenses. This parallel development of offensive and defensive capabilities will become an increasingly present theme as AI systems become more complex and, importantly, more available and simpler to deploy. Everything from spam email attempts to trick us into revealing our credit card details to denial-of-service attacks designed to disable critical infrastructure will grow in frequency and sophistication. On the other hand, the tech available to help us avoid falling victim, such as deep learning security algorithms, automation of systems that are vulnerable to human error, and biometric identity protection, are getting better too.
25 May 2021
|
External
:
The 5 Biggest Cybersecurity Trends In 2020 Everyone Should Know About
Political and economic divisions between east and west lead to increased security threats
There is no end in sight to the “trade war” between the world’s superpowers, talk of fracturing among international organizations like the UN or EU, and an ongoing tech-driven arms race among nations that are economic competitors. Russia recently announced that it had tested an 'unplugged' internet, basically a country-wide alternative to the global internet, which could give their Government control over what citizens can access on the web. Countries like Iran and China are already censoring content and block access to external information. In 2019, we also saw the US government effectively embargoing partnerships between US tech firms and the Chinese mobile giant Huawei, due to fears over the close links between Huawei and the Chinese state. If more barriers like these go up, it could have the effect of preventing international cooperation on both the technological and regulatory challenges of cybersecurity, and that’s only likely to benefit the bad guys.
25 May 2021
|
External
:
The 5 Biggest Cybersecurity Trends In 2020 Everyone Should Know About
Preventing cyberattacks
To resist cyber attacks, it is necessary to take preventive measures. This way you block or delay cyber attacks and discourage the attackers.
31 March 2022
|
Report
:
Aanpak voor cybersecurity: verdedigbaar netwerk, hoe doe je dat?
Damage control
An organization must be able to respond to a successful cyber attack and security incident in an appropriate manner. That is why it is so important to undertake digital investigations and initiate corrective action.
31 March 2022
|
Report
:
Aanpak voor cybersecurity: verdedigbaar netwerk, hoe doe je dat?
The NCSC-NL recommends that you ask your email provider to secure all their connections with STARTTLS and DANE
The NCSC-NL recommends that you ask your email provider to secure all their connections with STARTTLS and DANE. DANE is an internet standard that, combined with STARTTLS, prevents stripping attacks. If two email providers both use STARTTLS and DANE, an attacker cannot intercept email that is being send between these providers.
14 April 2021
|
Report
:
The existing standard of PGP presents various challenges that must be addressed:
the existing standard of PGP presents various challenges that must be addressed:
1. lack of forward secrecy
2. lack of efficient group messaging/email mechanism 3. fossil cryptographic schemes in the standard
4. improper default security settings, e.g. compression before encryption
5. poor usability
6. problematic trust model and key management
7. rather naive design of the key revocation mechanism 8. insecure design of key IDs
9. asymmetric cryptographic schemes that would soon
become broken in the face of attackers who have access to quantum computers
14 April 2021
|
Report
:
Cyber attacks directed at operational technology can lead to physical harm and undermine the wider market and society
the existing standard of PGP presents various challenges that must be addressed:
1. lack of forward secrecy
2. lack of efficient group messaging/email mechanism 3. fossil cryptographic schemes in the standard
4. improper default security settings, e.g. compression before encryption
5. poor usability
6. problematic trust model and key management
7. rather naive design of the key revocation mechanism 8. insecure design of key IDs
9. asymmetric cryptographic schemes that would soon
become broken in the face of attackers who have access to quantum computers
14 April 2021
|
Report
:
Supply chains make companies more vulnerable.
Companies are cooperating ever more intensively with partners, suppliers, subsidiaries and the like. “While introducing scalability, cost-effectiveness and increasing efficiency by outsourcing more and more these days, supply chains also make companies more vulnerable”, warns Sander Peters, Head of Security Research at KPN Security. “Cooperation increases the risk of a cyberattack.”
14 April 2021
|
Report
:
New threats emerge from disinformation and technology evolution
Emerging technologies, such as artificial intelligence (AI), present new avenues of expression for potential geopolitical activity, including disinformation. One menacing use of AI is in the creation of ‘deepfakes’, which are high-quality forged images or videos that could be used for anything from discrediting or blackmailing a political opponent, rival company or extortion target, to causing worldwide panic with a video of a head of state purportedly claiming to have launched a nuclear weapon.
14 April 2021
|
Report
:
Challenges for SME Organizations regarding Security Operations
Regarding the implementation of security operations, SME organizations and smaller healthcare and government institutions often face a lot of challenges. First of all, they generally have limited options to gain in-depth insights in order to consider their own decisions regarding the activities within a SOC. Second, due to tight labor markets, such organizations are often forced to outsource these activities. Another challenge is that, due to a lack of knowledge or experience, SME organizations must follow outdated best practices when contracting SOC services. The latter are often established by IT consultants operating in environments with tens of thousands of employees.
30 November 2023
|
Report
:
Automatisering van Security Operations
Advantages of Standardization of Security Operations
Standardization of security operations provides the following advantages: predictability, integrated security solutions, simplified centralization of security data, automated updates and patches, integrated reporting and analysis, scalability and flexibility, and supporting an ecosystem of security partners.
30 November 2023
|
Report
:
Automatisering van Security Operations
Advantages of Automated SOC-processes
Advantages of automated SOC-processes are: more reliable threat detection and response, increased efficiency and productivity of cybersecurity teams, reduction of human error and incident response delays, scalability and flexibility of cybersecurity operations, free from labor shortages, and improved cost control and affordability.
30 November 2023
|
Report
:
Automatisering van Security Operations
Top threats to business’s cybersecurity in 2023 and beyond
Whether it’s the rise of increasingly sophisticated attack methods, lack of employee knowledge, or insufficient defenses, the threats to your business’s cybersecurity are vast and ever evolving. It's important to explore the top cybersecurity trends and threats that your organization should be protecting against now and in the future.
20 December 2023
|
Report
:
Exploring Modern Cyberthreats and How your Business can Combat Them
The high stakes of ignoring cybersecurity: business survival vs. digital havoc
Cybersecurity awareness and best practices are crucial to the survival of your business. Choosing to ignore cybersecurity’s importance in the face of constantly advancing threats could wreak digital havoc and bring your business to its knees. Consequently, repercussions for businesses that don't prioritize cybersecurity will follow.
20 December 2023
|
Report
:
Exploring Modern Cyberthreats and How your Business can Combat Them
Resilient Delivery Strategic Security Trend 2021
Resilient delivery: Whether a pandemic or a recession, volatility exists in the world. Organizations that are prepared to pivot and adapt will weather all types of disruptions.
30 March 2021
|
External
:
Gartner Top Strategic Technology Trends for 2021
Source:
Report
Onderzoek Cybersecurity voor Industrial Automation en Control Systems (IACS)
Cyber Security
Date published
30 April 2020
Experts in this field
