Access to Innovation
Access to Capital
Access to Talent
Access to Market
Access to Knowledge
Date Trend snippet:
04 April 2022
Relevance date:
2022, 2023, 2024, 2025, 2026
Type of Treath or Oppertunity
Domain of application
Source of threat
- Home >
- Services >
- Access to Knowledge >
- Trend Monitor >
- Source of threat >
- Trend snippet: Aanpak Identificatie van digitale veiligheidsrisico’s steden
Trends in Security
Trends in Security Information
The HSD Trendmonitor is designed to provide access to relevant content on various subjects in the safety and security domain, to identify relevant developments and to connect knowledge and organisations. The safety and security domain encompasses a vast number of subjects. Four relevant taxonomies (type of threat or opportunity, victim, source of threat and domain of application) have been constructed in order to visualize all of these subjects. The taxonomies and related category descriptions have been carefully composed according to other taxonomies, European and international standards and our own expertise.
In order to identify safety and security related trends, relevant reports and HSD news articles are continuously scanned, analysed and classified by hand according to the four taxonomies. This results in a wide array of observations, which we call ‘Trend Snippets’. Multiple Trend Snippets combined can provide insights into safety and security trends. The size of the circles shows the relative weight of the topic, the filters can be used to further select the most relevant content for you. If you have an addition, question or remark, drop us a line at info@securitydelta.nl.
visible on larger screens only
Please expand your browser window.
Or enjoy this interactive application on your desktop or laptop.
Aanpak Identificatie van digitale veiligheidsrisico’s steden
Identificatie van risico’s (mogelijke oorzaak, kans en impact van een incident)
• Identificeer vitale processen en digitale infrastructuur op het niveau van de stad.
• Definieer dreiging en ontwikkel scenario’s.
• Begrijp de risico’s op het niveau van de stad: welke kwetsbaarheden en (keten)afhankelijkheden zijn er? Wat is de waarschijnlijkheid dat een incident zich voordoet? En wat zijn de mogelijke gevolgen hiervan?
• Ontwikkel een doorlopend situationeel beeld en publiceer hier periodiek over.
• Identificeer vitale processen en digitale infrastructuur op het niveau van de stad.
• Definieer dreiging en ontwikkel scenario’s.
• Begrijp de risico’s op het niveau van de stad: welke kwetsbaarheden en (keten)afhankelijkheden zijn er? Wat is de waarschijnlijkheid dat een incident zich voordoet? En wat zijn de mogelijke gevolgen hiervan?
• Ontwikkel een doorlopend situationeel beeld en publiceer hier periodiek over.
More source info
Het verhogen van digitale veiligheid: een inhoudelijk perspectief
Om te werken aan het verhogen van de digitale veiligheid op stadsniveau is het belangrijk om het verloop van een incident te begrijpen en gerichte maatregelen te nemen die zich richten op ‘mens’, ‘organisatie’ en ‘techniek’ binnen de 5 stappen van ‘identificatie van risico’s’, ‘preventie’, ‘detectie’, ‘respons’ en ‘herstel’. Deze 5 stappen zijn afkomstig uit het NIST Cyber Security Framework, dat internationaal toonaangevend is voor organisaties die hun eigen digitale veiligheid willen verhogen. Ook de gemeente maakt hiervan gebruik voor de eigen organisatie. Het NIST Cyber Security Framework is technisch van aard en oorspronkelijk toegespitst op individuele organisaties. Voor deze agenda is voor deze 5 stappen een conceptuele vertaling gemaakt naar het systeemniveau van de stad. Dit biedt een handvat voor publieke en private partijen om te werken aan de digitale veiligheid van de stad. Het geeft een overzicht van allerlei interventies die partijen kunnen inzetten. In de praktijk is de inzet van interventies door de gemeente uiteindelijk afhankelijk van de rol die de gemeente kan en wil nemen en de behoefte die er is bij organisaties in de stad.
Identificatie van risico’s (mogelijke oorzaak, kans en impact van een incident)
-
Identificeer vitale processen en digitale infrastructuur op het niveau van de stad.
-
Definieer dreiging en ontwikkel scenario’s.
-
Begrijp de risico’s op het niveau van de stad: welke kwetsbaarheden en (keten)afhankelijkheden zijn er?
Wat is de waarschijnlijkheid dat een incident zich voordoet? En wat zijn de mogelijke gevolgen hiervan?
-
Ontwikkel een doorlopend situationeel beeld en publiceer hier periodiek over.
Gewenste ontwikkeling op de lange termijn – Identificatie van risico’s
- Realisatie van een doorlopend en actueel (dus: ‘real time’) situationeel beeld van de dreigingen, incidenten, kwetsbaarheden en (keten)afhankelijkheden op het niveau van de stad. Het beeld biedt idealiter inzicht in risico’s op verschillende niveaus: 1) organisaties uit vitale processen, 2) stadsbrede onveilige apparaten en sensoren, en 3) infrastructuur.
- Een dergelijk ‘risico’-beeld moet tot stand komen door een betere informatiepositie van de gemeente doordat meer publieke en private organisaties de gemeente voorzien van actuele informatie en de gemeente ook zelf eigen onderzoek verricht naar risico’s en kwetsbaarheden op het niveau van de stad en de vitale processen in het bijzonder.
- Het doorlopend beeld is voor intern gebruik, maar idealiter worden organisaties en individuen actief geïnformeerd als er risico’s en kwetsbaarheden worden gevonden die op hen van toepassing zijn.
- Periodiek kan er ook een publieke publicatie worden opgesteld. Dit heeft als meerwaarde dat partijen in de stad worden geïnformeerd over digitale veiligheid en op basis daarvan een publieke discussie kan worden gevoerd over onze risicobereidheid, dus de mate waarin we als stad risico’s op het gebied van digitale veiligheid wel of niet aanvaardbaar vinden, en welke maatregelen er mogelijk zijn om het risico te reduceren of te verleggen.
More trend snippets in Trusted insiders
Perceived liveability in the neighborhood has increased slightly
The score for the quality of life in the neighborhood is 7.6. This is slightly higher than in 2017 and 2012.
- In the longer term, from 2008 and 2005 respectively, opinions about physical facilities and social cohesion have changed little.
- Satisfaction with the physical facilities is slightly higher than in 2017 and 2012.
- Satisfaction with social cohesion is slightly higher than in 2017 and 2012.
20 January 2021
|
Report
:
CBS Veiligheidsmonitor 2019
Perceived nuisance in the neighborhood has not changed
In total, the neighborhood nuisance experienced is the same as in 2017 and less than in 2012.
- The physical deterioration from which Dutch people experience a lot of nuisance in their neighborhood is less than in 2017 and 2012. The perceived social nuisance has not changed compared to 2017, but less than in 2012.
- The perceived traffic nuisance is higher than in 2017 and equal to that in 2012.
- Almost half of the inhabitants (49 percent) of the 70,000+ municipalities will experience in 2019
a lot of neighborhood nuisance; a lot of nuisance is experienced especially in the four largest cities; the
neighborhood nuisance is comparable to 2017.
20 January 2021
|
Report
:
CBS Veiligheidsmonitor 2019
Public sense of safety has increased
In 2019, 32 percent of Dutch people sometimes felt unsafe in general. This is lower than in 2017 and 2012.
- Public sense of insecurity has decreased by 34 percent compared to 2005.
- 14 percent of Dutch people sometimes felt unsafe in their own neighborhood in 2019, this is lower than in 2017 (16 percent) and 2012 (18 percent).
- In 2019, public sense of insecurity was around 14 percent lower than in 2008.
- Compared to 2017, fewer Dutch people in 2019 indicate that they do not open the door in the evening because they do not think it is safe. A smaller group also feels unsafe at home in the evenings, and the group that is afraid of becoming a victim of crime has shrunk. The proportion that detours because of unsafe places or that feels unsafe on the street at night is comparable to 2017. Compared to 2012, public sense of insecurity at night and avoidance behavior in the neighborhood have also generally decreased.
- 36 percent of all Dutch people sometimes feel unsafe in places where groups of young people hang out. One in five sometimes feels unsafe around entertainment venues. Furthermore, 6 percent sometimes feel unsafe in their own home. That is less than in previous years.
- 18 percent of the residents of the 70,000+ municipalities sometimes feel unsafe in their own neighborhood. This public sense of insecurity is highest in the G4 (23 percent), followed by the G40 (17 percent) and the other 70,000+ municipalities (13 percent).
20 January 2021
|
Report
:
CBS Veiligheidsmonitor 2019
Victimization of traditional crime has declined
In the longer term, from 2005, crime victimization has decreased by 50 percent.
-17 percent of the residents of the 70,000+ municipalities were victims of one or more forms of crime in 2019. This is lower than in 2017 (19 percent). Victimization is greatest in the G4 (21 percent), followed by the G40 (15 percent) and the other 70,000+ municipalities (12 percent). Particularly in the G40 and the other 70,000+ municipalities, victimization has decreased compared to 2017. In the G4, victimization has remained the same.
In 2019, 2 percent of Dutch people were victims of violence, 9 percent of property crimes and 5 percent of vandalism.
-The victimization rate of vandalism and property crimes has decreased compared to 2017; the victimization rate for violence has remained the same over the past two years.
-A total of 14 percent in 2019 were victims of one or more of these forms of "traditional" crime; this is lower than in 2017 (15 percent) and 2012 (20 percent)
-In 2019, 23 percent of the crimes encountered by victims of traditional crime were reported to the police. This is comparable to 2017 (24 percent) and less than in 2012 (29 percent).
20 January 2021
|
Report
:
CBS Veiligheidsmonitor 2019
Cybercrime victimization has increased
One in nine Dutch people (13 percent) was a victim of cybercrime in 2019; this is higher than in 2017 and 2012.
- In 2019, 8 percent of the crimes encountered by victims of cybercrime were reported to the police. This is comparable to previous years.
- Hacking is the most common of cybercrime offenses in 2019 (6 percent). This is followed by sale or purchase fraud (5 percent), internet bullying (4 percent) and identity fraud (1 percent).
20 January 2021
|
Report
:
CBS Veiligheidsmonitor 2019
Citizens and police: satisfaction with the functioning of the police increased
19 percent of the Dutch had contact with the police in their own municipality in 2019; this is less than in previous years.
- 66 percent were (very) satisfied with this contact; this is higher than in 2017 and 2012.
- In the long term, from 2005 onwards, satisfaction with the contact with the police in their own municipality has increased by 23 percent.
- 28 percent is (very) satisfied with the functioning of the police in the neighborhood; 35 percent is (very) satisfied with the functioning of the police in general. A relatively large number indicate that they do not have an opinion on this.
Satisfaction with the functioning of the police in the neighborhood and in general has increased compared to 2017 and 2012.
- Since 2005, satisfaction with the functioning of the police in the neighborhood has increased by 14 percent.
- Satisfaction with the functioning of the police in the neighborhood is slightly higher in the 70,000+ municipalities than the national average (29 versus 28 percent); satisfaction is comparable to 2017. The residents of the four largest cities in particular are relatively positive about the functioning of the police in the neighborhood.
-In terms of satisfaction with the functioning of the police in the neighborhood, districts in The Hague and Amsterdam in particular do above average.
20 January 2021
|
Report
:
CBS Veiligheidsmonitor 2019
Social preventive behavior has increased slightly
Social preventive behavior overall increased slightly between 2017 and 2019. The presence of preventive facilities in / around the home has decreased slightly compared to 2017.
- Almost seven in ten Dutch people often take valuables out of the car in 2019 to prevent theft.
- 45 percent often leave the lights on at night when no one is home.
- 63 percent of Dutch citizens have extra security locks.
- 12 percent have an alarm system at home.
- In terms of the presence of preventive facilities in or around the home, almost all districts in Zeeland - West Brabant, East Brabant and Limburg score higher than average.
20 January 2021
|
Report
:
CBS Veiligheidsmonitor 2019
A complete research peeling off the vulnerabilities, (future) risks, and societal challenges for drug-related corruption at Schiphol Airport and Rotterdam Harbour
This article provides an in-depth analysis of the corruption threats and vulnerabilities at the two largest ports in the Netherlands - Schiphol Airport and the Port of Rotterdam. It adopts different research methods to understand the working of both Schiphol Airport and Rotterdam Harbour
The key findings include:
- The main ports are vulnerable to corruption due to factors like large cargo flows, sophisticated logistics infrastructure, and connections to international drug trafficking networks.
- The corruption threats with the greatest potential impact are bribery in the law enforcement chain and corruption in the cargo handling and logistics processes.
- Experts assessed the resilience of existing policy instruments to mitigate these corruption threats, finding that more attention is needed on issues like blackmail and financial bribery in the logistics chain.
- The study used a National Risk Assessment methodology, relying heavily on expert consultation, to identify and prioritize the key corruption risks facing these critical transportation hubs.
In summary, the article provides a comprehensive overview of the corruption challenges at the heart of the Netherlands' major ports and the policy tools available to address them.
1 May 2024
|
Report
:
Drug-related corruption at Schiphol Airport and Rotterdam harbour
The highest likelihood risks of the next decade are extreme weather, climate action failure and human-led environmental damage
Among the highest likelihood risks of the next ten years are extreme weather, climate action failure and human-led environmental damage; as well as digital power concentration, digital inequality and cybersecurity failure.
31 May 2021
|
External
:
The Global Risks Report 2021
The highest impact risk of the next decade is infectious diseases
Among the highest impact risks of the next decade, infectious diseases are in the top spot, followed by climate action failure and other environmental risks; as well as weapons of mass destruction, livelihood crises, debt crises and IT infrastructure breakdown.
31 May 2021
|
External
:
The Global Risks Report 2021
Digitization heightens risk of losing digital autonomy
At a time when a growing number of human activities are going digital, individuals and
institutions face a heightened risk of losing their digital autonomy. As social identities become more defined by online identities, users will be increasingly at risk of exposure to
targeted political manipulation, invasion of privacy, cybercrime, financial loss, and psychological or physical harm. However, the responding regulatory “techlash” risks internet restriction, information censorship and cut communications.
1 June 2021
|
External
:
The Global Risks Report 2021
Increasing cyber resilience with existing technologies
There is only limited gains to be had by in investing in new technologies if we are not using existing technologies on a larger scale to increase cyber resilience. There is still much to be gained from taking basic security measures (strong passwords, 2-factor authentication *), encryption, the use of Privacy Enhancing Technologies (PETs) *, open data standards *, open source software * and more secure communication protocols.
30 March 2021
|
Report
:
Cyberweerbaar met nieuwe technologie
As protection of the public is a governments social responsibility, it should assist vital infrastructure companies in securing IACS
Cyberattacks to Industrial Automation Control Systems (IACS) in vital infrastructure could lead to large incidents and consequences. Therefore, the government should keep an eye on organisations in the vital sector. Involved sectors believe it is important to show to the public that they are secured and safe out of their social responsibility.
21 May 2021
|
Report
:
Onderzoek Cybersecurity voor Industrial Automation en Control Systems (IACS)
Large companies take more measures against cyberthreats
It can be seen that easily applicable measures against cyberthreats are both implemented by small and large companies. For example, more than 80% of all companies utilise anti-virussoftware. However, difficult measures are mostly implemented by larger companies. For example, the use of VPN is larger at big companies.
25 August 2021
|
Report
:
Cybersecuritymonitor 2020
The use of two-factor authentication has increased in the last four years
The utilisation of soft- and hardware tokens (two-factor authentication) to login at a company has increased in the last four years. The utilisation at large companies has increased from 71% in 2016 to 87% in 2019, at SME's it has increased from 29% in 2016 to 54% in 2019 and at small companies it has increased from 23% in 2017 to 42% in 2019.
25 August 2021
|
Report
:
Cybersecuritymonitor 2020
Large companies outsource their ICT-security more often than small companies
About half of the small companies in the Netherlands perform their ICT-security on their own, whilst only 20% of large companies do this on their own. Consequently, large companies have more resources which they can use to outsource their security to other companies.
25 August 2021
|
Report
:
Cybersecuritymonitor 2020
The number of Dutch domain names with DNSSEC is steadily increasing
The percentage of .nl domain names with DNSSEC is steadily increasing. Between the 1st of June 2021 and 1th of October 2020, it has increased from 0 to 56 procent.
25 August 2021
|
Report
:
Cybersecuritymonitor 2020
Large companies report more cyber-related incidents than small companies
From 2016-2019, large companies consistently report more cyber-related incidents than small companies. This has several reasons. For internal incidents, like the disruption of hard- and software, the complex infrastructure of large companies provides a bigger chance of hard- and software malfunction. For external incidents, larger companies are a more interesting target for cybercriminals, leading to potential disruption.
25 August 2021
|
Report
:
Cybersecuritymonitor 2020
Half of the ICT-incidents are not associated with additional costs
From 2016-2019, it can be seen that half of the ICT-related security incidents are not associated with additional costs. This is the case for internal as well as external incidents.
25 August 2021
|
Report
:
Cybersecuritymonitor 2020
The number of internal and external ICT related incidents has decreased
Over the years 2016-2019, the number of internal and external ICT related incidents has decreased. For example in 2016, almost 40% of large companies dealt with ICT related security incidents, whilst in 2019 this number decreased to 20%.
25 August 2021
|
Report
:
Cybersecuritymonitor 2020
In 2019 more data leakages have been reported to the Dutch Data Protection Authority
In 2019, more data leakages have been reported to the Dutch Data Protection Authority, compared to 2018. In 2019, 26956 were reported, whilst in 2018 this number was 20881. Most of the reported data leakages came from the Dutch health sector, financial sector and public administration.
25 August 2021
|
Report
:
Cybersecuritymonitor 2020
64% of data leakages only affect one person
The majority of data leakages in the Netherlands, namely 64%, only affect one particular person. Only 4% of data leakages affect more than 500 people. Such data leakages are mostly caused by hacking, malware and/or phishing.
Most data leakages that are caused by hacking and phishing occur in the healthcare sector (18%).
25 August 2021
|
Report
:
Cybersecuritymonitor 2020
Increase in the use of sensors, such as cameras or trackers that monitor and record your movement, to promote quality of life and safety
In the Netherlands, sensors, such as cameras or trackers that monitor and record your movement, are increasingly being used to promote quality of life and safety. Citizens
and companies have about 1.5 million security cameras, municipalities have over 3,000 surveillance cameras and the police have about 500 to 1,000. As new technology becomes smaller, more mobile and cheaper, they can be more easily built in, such as with cameras in smartphones. In addition, collection and processing of data is becoming increasingly easier, such as with smart algorithms in apps. This has created an extensive network of sensors that produces a large amount of data. This network consists not only of new sensors, but also of new actors and forms of supervision. Because citizens are not only monitored by the government and companies (surveillance), they also use sensors themselves to monitor each other (horizontal surveillance) or to keep an eye on the government and companies (sousveillance).
20 May 2021
|
Report
:
Burgers en Sensoren
Municipalities are increasingly experimenting with Smart City projects
More and more municipalities in the Netherlands are investing in smart city projects, or are considering doing so. Data promises efficient solutions for the challenges facing municipalities. Namely, it promises to make our lives more efficient, comfortable, sustainable and safer.
31 May 2021
|
Report
:
Voeten in de Aarde
The implementation of Smart City projects has proven to be difficult due to several challenges
Smart city projects look good on paper, but implementation proves difficult. The main challenges are: It is not easy to bring and keep all participating parties (government, institutions, companies and citizens) on the same page. Furthermore, new practices are created by digitization that are not yet sufficiently covered by law. There is also a challenge to develop revenue models that respect public values and citizens' interests. In addition, the learning capacity of municipalities has not yet been professionalized enough in the usually experimental projects.
31 May 2021
|
Report
:
Voeten in de Aarde
Risk management of dependencies and vulnerabilities in the IT supply chain is increasingly important
Due to the increasing (digital) entanglement of (digital and physical) supply and production chains, disruptions in these chains can have a major impact. Organizations are increasingly dependent on a network of providers for the continuity and security of their processes, with whom they do not always have a contract. Risk management on all those dependencies in the supply chain is becoming increasingly important, both to provide insight into risks and to control them with possible measures.
3 June 2021
|
Report
:
TNO 2021 R10245: Vraagstukken en perspectieven voor ICT SCRM – een initiële verkenning
A broad view of supply chain risks is important but sometimes difficult to organize in practice
A broad view of supply chain risks is important but this is sometimes difficult to organize in practice and is certainly not always well invested. The complexity of supply chains means that only a part of suppliers and dependencies can be mapped. Is it a supplier's product or one of the components, such as firmware or chips, does it deal with outsourcing or even the subcontractors? They do not have the capacity to map out more than the first-line suppliers in their own IT chains and the complexity of these relationships is also too great. There is a need to get a better grip on this and to engage with sector partners.
3 June 2021
|
Report
:
TNO 2021 R10245: Vraagstukken en perspectieven voor ICT SCRM – een initiële verkenning
Increasing use of cloud services poses cybersecurity risks
Managing the risks arising from the purchase of cloud services has emerged as a challenge. The trend of migration from IT infrastructures to cloud services will play an important role in the SCRM issue. The customer of the cloud service has no insight into which suppliers contribute to product development within the cloud environment, which is precisely the strength, the knowledge lies with the supplier and the customer does not have to worry about this, but one needs more insight here. Moreover, there is a limited number of large suppliers of cloud services, as a result of which different organizations (will) purchase the same service from the same party. This results in a shared dependency, which means that a disruption of this service can manifest itself all the more extensively. On the other hand, in general, these larger suppliers are reliable in cloud services and this is also the reason that many organizations use them. When looking at what kinds of risks or challenges are seen, this ranges from general cybersecurity threats, such as data leaks, hacked data, or a vulnerability that is used as a stepping stone, to specific risks.
3 June 2021
|
Report
:
TNO 2021 R10245: Vraagstukken en perspectieven voor ICT SCRM – een initiële verkenning
Society is confronted with new risks under the influence of developments in technology, demography and climate
Society is confronted with new risks under the influence of developments in technology, demography and climate. Although risks are inherently uncertain, the uncertainty surrounding new risks is even greater, partly due to the lack of risk data and the multitude of factors that influence the risk. The new risk and crisis types are clearly different from the more regular or routine crises, such as fires and minor floods. These new or unprecedented crises are difficult to identify, are not limited to one particular sector and can escalate very quickly. New technological risks also lead to more fear and uncertainty.
8 June 2021
|
Report
:
Cyberrisico's en Veiligheidsregio's
Most safety regions prepare for cyber scenarios, but many are still looking for ways to adequately prepare for digital disruptions
The majority of security regions are already preparing for possible cyber scenarios. The main activities are building and maintaining regional/national networks, building cyber knowledge and expertise, and practicing cyber scenarios. The security regions rate their own preparation for cyber vigilance and cyber-consequence response with a 5 and 6 respectively. However, The ambiguity and unfamiliarity exist about roles, tasks and powers of the actors involved, procedures for alerting, scaling up and decision-making, and the required own expertise in the field of cyber-consequence prevention.
8 June 2021
|
Report
:
Cyberrisico's en Veiligheidsregio's
Less than half of the safety regions actively collaborate with partners in identifying cyber risks
Currently, less than half of the security regions actively collaborate with partners in identifying cyber risks. Where exchange takes place, vital partners and other security regions are mainly consulted. Sharing 'risk information' between security regions and their partners is not always self-evident.
8 June 2021
|
Report
:
Cyberrisico's en Veiligheidsregio's
Safety regions have difficulty translating national risks into regional risks
Methods such as the 'Regional Risk Profile Guide' offer little substantive guidance and, above all, process information for the inventory of (cyber) risks within one's own region. In addition, it is not always transparent how security regions assess risks, which makes it difficult to compare the methods and outcomes used. 'The Cyber Security Image Netherlands' (CSBN), on the other hand, contains important information for security regions about developments in the field of cyber. The main challenge for many security regions is translating these developments to their own region.
8 June 2021
|
Report
:
Cyberrisico's en Veiligheidsregio's
In most safety regions' risk profiles 'cyber' is regarded as a possible cause of a physical incident
Most risk profiles focus on the failure of utilities (especially ICT and telecommunications), failures at hospitals and BRZO companies and cascade effects. The top 4 risks include failure of vital infrastructure, disruption of the continuity of own assistance, disruption of BRZO companies, and hack of data centers.
8 June 2021
|
Report
:
Cyberrisico's en Veiligheidsregio's
Hybrid conflict has become more salient
Hybrid conflict became more salient during the 2010s and is not likely to wither away in the 2020s. The Netherlands, together with likewise partners in its network of alliances, requires a strategic posture to deal with it. In the case of hybrid threats, a strategic posture
can:
• assist in defining and preparing the pre-requisites for counter hybrid action in terms of capabilities, legal and doctrinal frameworks, and mandate allocation;
• be instrumental in creating unity of action and synergy between counter hybrid measures by tying them together in one coherent whole;
• help in communicating to opponents and allies what are considered to be acceptable forms of hybrid behavior. It can thereby be instrumental in the development of international norms that limit hybrid threat behavior;
• thus ultimately shape the cost calculus of an adversary which in turn can prompt changes in adversarial behavior.
15 June 2021
|
Report
:
A Framework for Cross-Domain Strategies Against Hybrid Threats
The effectiveness of strategies against hybrid threats varies by domain of application
Modern communication technologies allow for diplomatic negotiations to take place faster as well as more frequently. Likewise, the contemporary information environment presents aggravated asymmetries between offense and defense, as the attack surface of open societies is large and vulnerable to aggressive state and criminal non-state actors. Similarly, the growing prominence of cyberspace as a domain presents new issues to traditional deterrence, given its novel asymmetries of ambiguity and relatively inexpensive offense, and expensive and rarely effective defense. Meanwhile, the military instrument remains a class of its own because it is the only one via which violence and damage can be applied directly. In contrast, the economic domain continues to grow in importance due to the ever-increasing interconnectedness of the public and private sector. In comparison to other domains, the shaping power of law is most dependent upon the perception and commitment of all parties. But even in an antagonized world, law can be a relevant instrument, if only because abiding by its tenets may convey a moral high-ground which can be capitalized on.
15 June 2021
|
Report
:
A Framework for Cross-Domain Strategies Against Hybrid Threats
Hybrid threats are difficult to prevent through deterrence alone, different strategies are necessary
Two axes differentiate between the range of strategies that can be applied against hybrid threat actors. The vertical axis consists of five general strategies: cooperation, persuasion, protection, coercion, and control. In addition, one can also escalate horizontally. For this, the framework uses the well-known DIMEL categorization of instruments and measures of state power, distinguishing between diplomatic, information, military, economic, and legal domains. Five kinds of assessment need to be conducted before, during, and after the employment of strategies in the cross-domain context: cost-benefit assessment, cross-domain orchestration assessment, proportionality assessment, signaling assessment, legal and normative frameworks assessment.
15 June 2021
|
Report
:
A Framework for Cross-Domain Strategies Against Hybrid Threats
Technological opportunities and weaknesses in The Netherlands
The role of advanced technologies, such as virtual reality, augmented reality and Artificial Intelligence, is growing. Risky applications, such as deepfakes, call for vigilance to safeguard privacy and fundamental rights. In addition to risks, advanced technologies also provide opportunities for an open, prosperous society and more efficient service delivery. For example, advanced technology is helping to combat the corona crisis. Technology is also being used and further developed for the benefit of detection. Applications that are
currently under development, such as metaverse and quantum computing, will also find their way into government, business and society.
16 February 2022
|
Report
:
Strategisch Omgevingsbeeld 2021
Cyber-espionage threat actors adjust their tactics, techniques and procedures to embrace new technologies
Cyber-Espionage threat actors adjust their tactics, techniques, and procedures (TTPs) to embrace new technology, while keeping their tried-and-true TTPs operational. For example, Phishing (Social) and Backdoor (Malware) have served as go-to Action varieties. Downloader (Malware), Capture stored data (Malware) and Spyware/Keylogger (Malware) have all steadily declined from the 2014 DBIR to the 2020 DBIR, with Scan network (Malware) completely falling off the top 10 list by the time we get to the 2020 DBIR.
25 August 2021
|
External
:
Cyber-Espionage Report
34% of all cyber-espionage breaches occur in Europe
From 2014-2020, most cyber-espionage breaches occur in the Asia-Pacific region (42%), followed by the Europe, Middle East and Africa (EMEA) region (34%), and North America (NA) (23%) region.
This contrasts sharply with all breaches for this same timeframe, as NA (65%)
dominates, followed by APAC (17%) and EMEA (16%).
25 August 2021
|
External
:
Cyber-Espionage Report
Most cyber-espionage breaches occur in the public domain
Some industries are impacted more heavily by cyber-espionage breaches than other industries. In particular, Public (31%), Manufacturing (22%) and Professional (11%) topped the list for Cyber-Espionage breaches.
25 August 2021
|
External
:
Cyber-Espionage Report
The top compromised attribute by cyber-espionage breaches is software installation integrity
Looking at cyber-espionage breaches and the top compromised attribute varieties for the 2014-2020 DBIR timeframe, it can be seen that software installation (Integrity) (91%), alter behaviour (Integrity) (84%) and secrets (Confidentiality) (73%) as the top compromised Attribute varieties.
25 August 2021
|
External
:
Cyber-Espionage Report
The top discovery method for cyber-espionage breaches is screening suspicious traffic
In terms of top discovery methods for cyber-espionage breaches in the 2014-2020 DBIR timeframe, it can be seen that the top two methods are Suspicious traffic (48%) and Antivirus (23%), with Emergency response team a distant third (7%). This contrasts sharply with the top discovery methods for all breaches for the same timeframe, in which it can be seen that Law enforcement (28%), Fraud detection (19%) and Customer (15%), respectively, at the top.
25 August 2021
|
External
:
Cyber-Espionage Report
External actors are the most involved actors regarding cyber-espionage
From 2014-2020, external actors have been the dominant actor regarding cyber-espionage, ranging 69% to 88% over this timeframe. In contrast, internal actors range from 12% to 34% in the same timeframe.
25 August 2021
|
External
:
Cyber-Espionage Report
Financial motives are the most prominent motive for cyber-espionage breaches
Over the course of 2014-2020, the most prominent motive for cyber-espionage breaches was financially related. In this timeframe, the financial motive lay between 67% and 86%.
25 August 2021
|
External
:
Cyber-Espionage Report
Dutch citizens believe they are well informed about digital and online security
Most Dutch people think that they are (reasonably) well informed about online safety (65%). Only a small number of people feel that they are under-informed (9%). A number of digital dangers have been presented to people in this study. Of most of these dangers, the Dutch indicate that they know what they are, especially identity fraud (89%). The high level of awareness of identity fraud may be caused by the fact that this form of fraud can also occur offline. Furthermore, about a quarter of Dutch people (23%) indicate that they have had to deal with phishing and 60% are familiar with phishing.
22 January 2021
|
Report
:
Veilig Online 2020
Two-thirds of Dutch citizens have come into contact with a digital risk in the past year. Dutch citizens have basic knowledge about how to recognize phishing messages
Almost half of Dutch citizens (45%) have received emails in the past 12 months with attempted phishing in a private situation, and 16% received such emails in a work situation. Phishing is therefore the most common digital threat. It is therefore important that Dutch citizens are familiar with phishing and can recognize phishing in order to protect themselves. More than four in five Dutch people (83%) are familiar with phishing, and of this group almost everyone knows how to recognize phishing (98%). Particular attention is paid to the e-mail address (59%), the request for personal data (52%) and the language use (50%).
To recognize phishing, the Dutch mainly look at the e-mail address of the sender (59%), whether personal information (52%) or money (40%) is requested and what the language use or writing style of the e-mail is (50%). ). Links in emails are viewed by 29%, and 34% look at the target address behind the link. Phishing is also increasingly done via SMS and WhatsApp. To unmask those phishing messages, Dutch people check whether the messages ask for certain information (55%), whether they are asked to enter login details and passwords (51%), whether money is requested (49%) and whether personal information is requested (44%).
22 January 2021
|
Report
:
Veilig Online 2020
Dutch citizens estimate that the chance that they will be harmed by digital risks is low
People's risk assessment of various digital risks is low. Risks are often abstract, so it is difficult for people to imagine. An added problem with this is that people tend to ignore risks. As a result, they often do not take preparatory measures or adjustments to their behavior to reduce their personal risk. In addition, people are often inclined to estimate risks lower or think that it is mainly other people who are at risk.
22 January 2021
|
Report
:
Veilig Online 2020
Dutch citizens have limited concerns about their digital security
46% of Dutch people indicate that they are only slightly concerned about their online security in their private situation. 6% are very concerned. Dutch people who are very concerned or somewhat concerned about their online security indicate that they are concerned because they are afraid of not being aware of cyber criminals' approach (48%), because they are afraid that people will be able to view their data (47%) and because they fear financial data will be stolen (44%). Dutch people who are not concerned about their online security say that they are not worried because they always check whether websites and links are false (43%), because they update their devices (43%) and because they regularly perform virus scans ( 42%). The degree to which Dutch people are concerned about their online security in their private situation has remained stable over the past three years (44-46% are (very) concerned).
22 January 2021
|
Report
:
Veilig Online 2020
The need among Dutch people who are lagging behind in online security to improve themselves in online security is low
Most Dutch people who are willing to take action are also those who have already taken action (61%). The need to improve their own online security in the group that has taken fewer actions for the time being is relatively low. Actions that these Dutch people may be willing to take are using antivirus software (48%), regularly performing (security) updates (43%), checking links (40%), regularly making backups ( 40%) and immediate software updates (39%).
22 January 2021
|
Report
:
Veilig Online 2020
Dutch citizens do not want to pay for better services to increase security and have difficulty with security instructions
Most obstacles Dutch citizens experience are of financial nature. 58% does not want to pay for a service (such as a password manager) and 40% thinks the price of security software / virus scanner is an obstacle. Free services for password managers and virus scanners are not trusted by a third of Dutch people (33%). Most Dutch people indicate that they have no trouble making backups (57%) and know what a good virus scanner is (45%). The Dutch have more difficulty with security instructions (35%) and constantly creating new passwords (34%). They also find it a hassle to have a different password for each device and account (44%). However, they do indicate that they handle their passwords well (69%) and use different passwords (66%).
22 January 2021
|
Report
:
Veilig Online 2020
Dutch citizens often consider their online behavior to be safe
A majority of the Dutch people consider that they deal reasonably to very safely with the various issues presented with regard to safe online behavior. For example, a majority consider that they are good at updating their software (79%), with attempts at phishing emails (73%), the use of their devices by others (61%), making backups (58%), the granting of permissions on web shops (56%) and the use of USB sticks (55%).
Furthermore, Dutch people indicate that they have often adjusted the privacy settings of their social media accounts (48%). In addition, the Dutch pay attention to locks on websites (55%). 60% think a website is safe if it has a lock on it.
The Dutch people give themselves an average of 7.0 when it comes to dealing safely with online dangers. Dutch people who give themselves an unsatisfactory score feel that they have little understanding of online dangers (37%) and indicate that they are not always aware of them (27%). Dutch people who give themselves a satisfactory score, think that they are well informed (30%) and indicate that they are alert to online dangers (20%).
22 January 2021
|
Report
:
Veilig Online 2020
Few worries about digital security in a work situation
73% say they worry very little about their online safety in a work situation. This percentage is higher than last year (66%).
22 January 2021
|
Report
:
Veilig Online 2020
Employees' home network is the weak spot for companies: Three out of ten people who work from home still have the default password on their router
The occurrence of online risks is more closely monitored and observed in the work situation than in the private situation. Companies do a lot to have online security in order. However, with a lot of people working from home due to the pandemic, the home network and home situation could well become the Achilles heel of the corporate network; router passwords are not changed and children use company hardware.
Most Dutch people also do not have a clear picture of what safe online behavior means at work (57%) or in a private situation (52%). The corona crisis has forced more people to work from home. 48% of working Dutch people indicate that they have worked from home in the past 12 months. They often use a network connection with a password at home (78%). This password still appears to be the default password of the router relatively often (29%). Employees are often unable to state what their employer has done about special measures to make working from home possible since the corona crisis (57%). 16% indicate that his / her employer has made business equipment available.
22 January 2021
|
Report
:
Veilig Online 2020
Most companies have agreements about how to behave safely online. It is not difficult to keep to work agreements, but these agreements can be communicated more clearly
Seven out of ten (69%) working Dutch people indicate that agreements have been made with their company / organization about online safe behavior. 13% indicate that no agreements have been made at their company / organization. Agreements that have been made often concern the secure sending / exchange of files (35%), the use of websites and / or e-mail (33%), that only system administrators can install software (31%) and send exchange of personal data (31%).
Those who have work agreements (69%) do not find it difficult to (always) keep those agreements (81%). About half (46%) do experience obstacles in guaranteeing agreements about safe online behavior. This is mainly due to the way of communication. This is not always clear (13%), not sufficient (13%) or unambiguous (12%).
22 January 2021
|
Report
:
Veilig Online 2020
The distribution of security jobs mirrors the distribution of economic activity in the Netherlands
Zuid-Holland has the greatest number of security jobs, both in terms of primary and secondary security jobs. Utrecht had the largest share of security jobs of all provinces. Generally, the distribution of security jobs mirrors the distribution of economic activity in the Netherlands. The provinces Zuid-Holland and Noord-Holland are economically large and populous, whereas this is less so for Drenthe and Zeeland.
20 May 2021
|
Report
:
Education and Labour Market in the Security Domain
In 2018 over 1.1 million employed persons were employed in a security related occupation
In 2018 over 1.1 million employed persons or 13 percent were employed in a security
related occupation. Almost 11 percent of all employed persons worked in an occupation
classified as secondary security. The remaining more than 2 percent worked in an
occupation classified as primary security. Compared to employed persons in other occupations, employed persons in security related occupations more often have a full-time job, are more often employee with a permanent contract, often fall into the middle age range (25–45) and are more often highly educated.
20 May 2021
|
Report
:
Education and Labour Market in the Security Domain
The share of students following security related courses increased between school year 2013/’14 and school year 2018/’19
Generally, we see that the share of students following security related courses increased
between school year 2013/’14 (9.3 percent) and school year 2018/’19 (10.6 percent).
This trend is mainly due to the increase in students studying at higher professional level, although there is also a slight increase at university level. Upper secondary vocational security education decreased however (from 7.1 percent in school year 2013/’14 to 5.7 percent in school year 2018/’19). This reduction was particularly severe between school years 2015/’16 and 2018/’19.
20 May 2021
|
Report
:
Education and Labour Market in the Security Domain
Increase in highly educated security workers and the education of security workers is more often security related
In general, we see a trend towards more highly educated security workers and that
education of security workers is more often security related. The share of employed persons who are highly educated has increased from 54 percent in 2013 to 58 percent in 2018. However, we also see that only 22 percent of all employed persons with a security related education actually worked in a security occupation, and this percentage has stayed
relatively constant over time. In other words, while those working in security were more
often educated to work in security, the share of those educated in security and working in
security has not increased.
20 May 2021
|
Report
:
Education and Labour Market in the Security Domain
More security graduates are finding work, wages vary by province and level of education
The share of graduates of different programmes who found work after study was
marginally lower for security related programmes than the overall share. For example,
83 percent of graduates in upper secondary vocational security related programmes of
school year 2015/’16 found work within one year, whereas the share for all upper
secondary vocational programmes in that year was 85 percent. This difference was smaller
for higher professional programmes and was effectively zero for university programmes.
Over time the general trend is that more graduates are finding work. This trend is
particularly pronounced for university graduates from engineering programmes; 72 percent
of the university graduates in security related programmes of school year 2015/’16 found
work immediately and 89 percent within one year. Hourly wages varied per province. Generally, wages seem to be higher than the national median in Noord-Holland and Zuid-Holland. The level of education was however an important determinant of hourly wages per province. Wage growth was positive for all programmes in higher professional and university education.
20 May 2021
|
Report
:
Education and Labour Market in the Security Domain
The release and uses of the Operational Technology Cyber Attack Database (OTCAD)
OTCAD is a new cyber attack database that is unique in its size, as it is mapped to a single framework. This allows for structural analysis of the OT threat landscape. The database is publicly accessible and can be extended and adjusted through collaborative means. These factors combined form an exciting and useful new database that can open up many new areas of research in the coming years.
28 September 2021
|
Report
:
OTCAD: Operational Technology Cyber Attack Database
Insider threats in Dutch SME's
Insider threats are incidents that are caused by the deliberate or unconscious actions of own staff. For example, a former employee can remove data from a server because that person still has access to that server wrongfully, an employee can share data in an unsafe way so that third parties can view it, or a trainee can post a photo on social media showing sensitive information about the organization. The research group has therefore started a line of research into insider threats in order to contribute to the security of organizations in the Netherlands. They are currently conducting two parallel lines of research: a systematic review of the empirical literature on these insider threats and a study of the nature and extent of such incidents in the Netherlands.
30 November 2021
|
Report
:
Van Theorie naar Praktijk
Cyber resilience for SME's
Cyber resilience is defined here as the ability to resist known and unknown forms of cyber
crime and recover quickly from a cyber crisis. The report investigated how SMEs in the metals sector organize their cyber-security and related security measures and how this process can be improved. It turns out that the companies surveyed are fully digitized and dependent on ICT for their primary process. The implementation and maintenance of this ICT is outsourced to external ICT suppliers. Many directors also (partially) outsource security to these ICT suppliers. As a result, these ICT suppliers implement generic technical measures without specifically looking at the organization in question and its risks. Crucial measures aimed at the organization of the company and the behavior of personnel are then often omitted.
30 November 2021
|
Report
:
Van Theorie naar Praktijk
Dutch people are more aware of online risks, whilst the number of cybercrime victims is increasing
Two-thirds of Dutch people find their knowledge about digital and online security fairly to very good, and more than half of the people (56%) take measures after a cyber-attack, an increase compared to last year. At the same time, the number of victims of cybercrime are increasing: 71% of the Dutch people have had to deal with this at some time.
More than ever before, the Dutch are aware of digital risks. For instance, the number of people who are familiar with phishing mails is growing, they more often only visit websites with a green lock (51%), more often make backups (46%) and are more secure with their passwords. Almost a quarter uses a password safe or manager to protect their passwords.
24 August 2021
|
News
:
Dutch People More Aware of Online Risks, but Number of Victims Increases
The Internet of Things (IoT) is growing at a staggering rate
The Internet of Things (IoT) is growing at a staggering rate. It is forecasted that the number of connected things in use globally will surge from 8.4 billion in 2017 to 20.4 billion by 2020, with total spending on endpoints and services exceeding $2 trillion. IoT unlocks tremendous value for the individual, for organisations and for governments.
4 June 2021
|
Report
:
The IoT Security Landscape
There is a need for stronger collaboration towards tackling IoT security challenges
Many government agencies, academic institutes, industry alliances and individual vendors have made efforts towards tackling IoT security challenges; however, there is limited collaboration between these initiatives. Consequently, there exist hundreds of documents with significant duplications and possible contradictions. IoT product developers, and vendors involved in the IoT supply chain and life cycle, may find themselves overwhelmed – or they may take advantage of the lack of clarity to do nothing at all. There is an immediate need for harmonisation on security recommendations and guidelines as well as coordination on security assurances in the form of regulation and certification. Given the continuing exponential growth in the number of IoT devices, there is no time to lose.
4 June 2021
|
Report
:
The IoT Security Landscape
IoT security challenge: cybersecurity and privacy by design
To build cybersecurity and privacy by design into IoT, a set of security principles should be adopted and adhered to. There is currently no single set of IoT security and privacy principles that is internationally recognized and adopted. The diversity in proposed IoT security principles between different countries and initiatives illustrates a lack of collaboration, especially between governments. Due to the lack of globally-adopted principles, a language towards common understanding of shared IoT challenges and issues is lacking. Such a language is required to define a global governance process. Consumers and companies are not uniformly aware of the cybersecurity risks and may not be equipped to respond properly.
7 June 2021
|
Report
:
The IoT Security Landscape
IoT security challenge: lack of standardization
Security standards and guidelines are required for development and operations to stimulate the adoption of secure IoT devices. While numerous standards exist in the IoT space, IoT security has not been standardized significantly until now; a recent ETSI standard is one of the first efforts to standardize IoT security. Manufacturers may not have the expertise to make use of the available guidelines and recommendation. Usability of security guidelines is a challenge and requires more research. While numerous sets of IoT security recommendations exist, it is important to harmonize and align these for global acceptance and adoption as a precursor to developing evaluation and certification schemes.
7 June 2021
|
Report
:
The IoT Security Landscape
IoT security challenge: evaluation and certification
There is a distinct lack of labels to inform end users about IoT device security and risks. However, efforts to create a labelling scheme are under way in various parts of the world. It should be ensured that these schemes are aligned in order to create a level playing field for
vendors. There are as yet no CC cPPs specifically for IoT devices. It should be determined whether these can be generic or specific to application domains. Non-CC alternatives can provide a light-touch approach to certification and should be explored.
7 June 2021
|
Report
:
The IoT Security Landscape
IoT security challenge: future-proof legislation
Although there are numerous industry initiatives and best practices in this area, their adoption is voluntary. IoT security legislation is in its infancy and virtually nonexistent outside the US and EU. Enforcing procurement by governments of secure IoT devices can contribute towards IoT security when large countries participate; smaller economies such as Singapore and the Netherlands can work together for greater impact. The EU’s single digital market approach can support IoT security as well. Legislative policy solutions should be sufficiently flexible to deal with societal needs as well as constantly evolving technologies. Regulatory measures for IoT security should make use of inputs from consumers as well as industry representatives on the rights and responsibilities of consumers and vendors.
7 June 2021
|
Report
:
The IoT Security Landscape
IoT security challenge: responsible industry ecosystem
Owing to the lack of legislation and regulation to enforce security in IoT devices, there is no level playing field for IoT device vendors nor a common expectation of security functionality. Liability is likely to be an effective mechanism to drive the industry towards IoT security, but legislation needs to be modernized to address IoT. Encouragingly, numerous industry collaborations exist and provide opportunities for knowledge sharing and mutual learning; however, the role of governments in such initiatives appears limited especially outside the EU.
7 June 2021
|
Report
:
The IoT Security Landscape
IoT security challenge: supply chain security
Modern products are assemblies of parts and components supplied by multiple vendors. To accelerate time-to-market and to reduce costs, device manufacturers increasingly use as many as possible off-the-shelf components using complex, globally distributed, and interconnected supply chains composed of various entities with multiple tiers of outsourcing. However, vulnerabilities can be introduced and exploited at any point in the supply chain. IoT hardware and software manufacturers and suppliers should adopt a cyber supply chain risk management framework (ISO28000, NIST). Cybersecurity requirements, risk and liability should be cascaded into the supply chain via contractual agreements. Organisations wield both contractual and economic power over suppliers. It is important to encourage the use of open frameworks and provide transparency for supply chain security information flows.
7 June 2021
|
Report
:
The IoT Security Landscape
IoT security challenge: product lifecycle support
Keeping software up to date and allowing for patches and updates is critical for a secure IoT device. Updates should be delivered and deployed using a secure and verifiable methodology. Device manufacturers should adopt a secure software development lifecycle, with a documented vulnerability management process in accordance with ISO/IEC 29147
and ISO/IEC 30111. The manufacturer should bear responsibility for an IoT device throughout its product lifecycle, including a responsibility to manage suppliers. Existing device lifecycle management protocols include OMA LWM2M. Cloud-based IoT platforms offer comprehensive, albeit unstandardised, device management functionality.
7 June 2021
|
Report
:
The IoT Security Landscape
IoT security challenge: device identity and root of trust
A hardware RoT is the only immutable trust anchor; the chain of trust should build on a hardware RoT. Currently, only 4% of IoT devices use a hardware RoT. RoT-based cybersecurity can be provided by several solutions including Secure Elements, TPMs, TEEs, Cisco Trust Anchor, Microsoft’s Pluton Security Subsystem, and SIM cards. Solutions to secure firmware and booting are being proposed as a joint effort of the hardware and software industry, however, their adoption for IoT devices is still in the initial stage.
7 June 2021
|
Report
:
The IoT Security Landscape
IoT security challenge: secure OS, cloud and applications
The diversity of operating systems, cloud solutions and application development frameworks that populate the IoT market is large. An in-depth evaluation is required on
the security claims made for each solution. Standards are required for software development, deployment and operation processes to secure the OS, cloud back-ends, and applications. IoT-specific secure software development life cycle (SDLC) guidelines need to be defined for developers of IoT applications.
7 June 2021
|
Report
:
The IoT Security Landscape
IoT security challenge: secure communications and infrastructure
The networking and interoperability challenge has seen extensive work as well as significant standardisation; however, an in-depth review is required of the security of these communication solutions and the security and privacy requirements on each level of the communication stack in the IoT ecosystem. Good practices are lacking regarding the technical feasibility of security controls running on resource constrained devices. Security reference architectures are required. Secure gateways can provide high-security deployments even with low-cost IoT devices.
7 June 2021
|
Report
:
The IoT Security Landscape
IoT security challenge: security monitoring and analytics
Data collection and analytics for massive numbers of IoT devices is a major challenge. New metrics and methodologies are required to support IoT infrastructure analytics given the data characteristics of resource-constrained IoT devices. Monitoring and analytics capabilities should provide input for vulnerability management programs. In case vulnerabilities are not solved by the supplier, monitoring tools should be able to detect and disconnect vulnerable devices from the internet. The industry should act as a global community when learning from incidents. This requires an open culture of sharing incidents and mutual learning where security is a joint responsibility.
7 June 2021
|
Report
:
The IoT Security Landscape
Supply chain vulnerability and resilience
Supply chains contain cyber risks. Cooperation in the system is usually based on mutual trust and mitigating the cyber risks is mostly absent. Stepping stone attacks are used to infiltrated a vulnerable organization in the supply chain in order to attack a larger and better protected company. Investments in the resilience of the supply chain as well as the individual organization is necessary to contain threats.
30 March 2021
|
Report
:
Cyber-Ketenweerbaarheid
Cyber attacks make clear that the world needs a Cyberstability Framework
Over the last decade, the number and sophistication of cyber attacks have increased, including attacks on government systems and critical infrastructures. Cyber attacks, which are conducted by both state and non-state actors, make clear that the world needs a Cyberstability Framework. Such a framework will serve to reduce the potential for significant disruptions of cyberspace that will undermine its benefits and reduce people’s well-being, including their rights and freedoms
20 May 2021
|
Report
:
Advancing Cyberstability
Technologies such as artificial intelligence will be further implemented in the coming years, with positive and negative consequences for digital security
The coming years will be characterized by the further implementation of technologies that have been written about and discussed for some time. An example is the application of artificial intelligence. The dissemination of autonomous systems increases digital vulnerability, and smart algorithms have positive and negative effects on digital security.
13 January 2021
|
Report
:
Cybersecuritybeeld Nederland
In the coming years, digital security will be affected by the interaction between technology and other developments
1. For example, the further transition to a data-driven economy, with additional concerns about privacy and digital security, will increase the importance of digital security.
2. The COVID-19 pandemic has further increased the use of digital services and the digital space. This can be an incentive for further digitization. That also increases the importance of digital security.
The increasing dependence on foreign technology also increases the importance of digital security. This offers opportunities, but also makes it vulnerable to actions by malicious parties, especially when it concerns foreign parties assertively pursuing their own geopolitical agenda, and to dropouts. Dependence on ICT products or services from countries that have been identified as having an offensive cyber program against the Netherlands is a risk-increasing factor.
4. And rising geopolitical tensions will increase the digital threat from state actors.
13 January 2021
|
Report
:
Cybersecuritybeeld Nederland
Threat against primary targets and targets as a springboard
The annual report (= het jaarbeeld) shows that many types of organizations are targeted by attackers. It can vary by country and by type of espionage at which state actors focus their political espionage activities. For example, top sectors in the Netherlands are an obvious target for economic espionage and the national government for political espionage. Vital processes are a popular target for sabotage by state actors. Wealthy organizations are a favorite target of cyber criminals. In addition to the "primary" targets mentioned, attackers also target targets that can form a springboard to other targets. The digital space, the mostly global supplier chains and concentrations of personal data are ideally suited for this. This concerns, for example, suppliers of hardware and software, vital processes, such as those of telecom companies, or organizations that collect and process personal data on a large scale, including medical and employee data. For these "derived" targets, actors actively look for weak links in chains, as a stepping stone to (more) interesting targets. This means that sectors or organizations that seem to be of no interest to attackers can still be interesting as a stepping stone to another primary target.
The threat also exists because outages can occur at or via these targets. For example, system failure due to technical failure or failure due to human errors in implementation
13 January 2021
|
Report
:
Cybersecuritybeeld Nederland
Digital risks seem to be underestimated
Despite the potentially major impact of cyber incidents, they are difficult to put on the agenda. To be able to make a decision, parties must be aware of digital risks. The Scientific Council for Government Policy (WRR) argues that the absence of truly disruptive events makes it difficult to put disruption on the agenda, let alone underline its urgency and gain it widely accepted. investing in digital security is not easy. Ideally, an assessment is also required of the risks, possibilities and costs of increasing resilience, but that is not easy. According to the Central Planning Bureau (CPB), organizations have an incomplete picture of the costs and benefits of investing in cyber security and there are various uncertainties. The investment level can then be too high or too low. The first reason for the incomplete picture is that several advice and guidelines are circulating about the optimal level of investments and about necessary measures. A second reason is that information is lacking about the magnitude of digital risks and the financial consequences because organizations: 1) do not notice every attack, 2) do not want to make every attack public, and 3) cannot always estimate the consequences of an attack. are the long term. A third reason is that some of the consequences of inadequate cybersecurity can affect third parties, the aforementioned external effects. Scientific - especially economic - literature also points to an "information problem" for making decisions about cybersecurity.
13 January 2021
|
Report
:
Cybersecuritybeeld Nederland
Organizations are unable to cope with phishing
It is complex for organizations (and citizens) to arm themselves against phishing, which is again the most used (first step of an) attack method in the past reporting period. Nevertheless, basic measures can be used to create barriers or limit further damage. To make phishing less effective, more and more organizations are running campaigns among employees to raise awareness of the dangers of phishing. The government also started an awareness campaign. Research has shown that this has an effect: click rates in phishing exercises drop. In 2018, Google reported that, due to the use of security keys (physical hardware keys, for example USB), none of their more than 85,000 employees has been successfully phished. Due to the use of the keys, the click behavior of the user was no longer relevant. The use of security keys is not (yet) considered a basic measure, but it does show that it is possible to greatly reduce the success rate of phishing. Phishing requires constant vigilance. There is less and less clicking on wrong links, but it still happens. Attackers also adjust their working method. Phishing traditionally takes place via e-mail, but the annual report indicates that cyber criminals also use phishing via SMS (smishing). Attackers also increasingly successfully steal sensitive information via social media in order to approach someone in a targeted manner, which is so-called spear phishing. This makes it difficult for a recipient to recognize that it is phishing.
13 January 2021
|
Report
:
Cybersecuritybeeld Nederland
Resilience against digital threats is not yet in order everywhere. Parties are therefore extra vulnerable to cyber incidents.
This is certainly the case when insufficient basic measures have been taken to create initial barriers against attacks, limit damage and simplify recovery when incidents do occur.
The vast majority of cyber attacks still use simple methods. These remain effective because basic measures are insufficiently implemented. Basic measures can also help against advanced attacks.
13 January 2021
|
Report
:
Cybersecuritybeeld Nederland
Unsafe products and services are the Achilles heel of digital security
Digitally unsafe products and services are still a fundamental cause of cyber incidents. They lower the threshold for attackers because they make it easier to carry out successful attacks. The insecurity can for example arise because suppliers supply insecure configurations by default. For example, 2019 saw an increase in abuse of misconfigured cloud applications. This included publicly accessible cloud storage, unsecured databases and unprotected backup servers. Insecurity can also arise because suppliers no longer make security updates available, or because these updates are not easy to install or because update mechanisms can be compromised.
13 January 2021
|
Report
:
Cybersecuritybeeld Nederland
Complete and clear picture resilience of vital processes is (still) missing
A complete and clear picture of the digital resilience of vital processes and associated systems is (still) lacking. Gaining a complete understanding, including the extent to which measures are effective and efficient, is complex. For example, reliable methods and techniques to measure resilience for an assessment of the risks to national security are still under development. The supervision of cyber security in the context of the Wbni has not existed for very long for a number of supervisors. This year, however, the first effects are visible of better insight among regulators into the digital resilience of providers of vital processes.
13 January 2021
|
Report
:
Cybersecuritybeeld Nederland
According to the Court of Audit, the information security of the ministries and government organizations investigated is still not in order.
In May 2020, the Court of Audit found that the importance of information security is more prominent than it previously was at ministries and government organizations and that efforts have been made nationwide. Six of the sixteen ministries and government organizations surveyed have information security in order instead of the three from the previous year. Nine others are not that far yet. The Court of Audit notes that the level of security differs per ministry and points out that the ministries are dependent on each other when exchanging (secret) information. Here, the weakest link determines the strength of the chain.
As in previous years, the Court of Audit has critical comments on the management and maintenance of ICT. Management is about whether the systems are working properly and whether there are few failures. The IT management still leaves something to be desired. Good management means, among other things, that only authorized persons have access to the systems, that employees do not have wider rights than is necessary and that changes are tested before commissioning. Maintenance must ensure that the systems keep up with the times and that they continue to function in the future. The Court of Audit finds that six of the eleven ministries examined have sufficient knowledge about the state of the ICT systems, what it costs to keep them up and running and the risk of malfunctions. The Court of Audit is more critical of the other ministries.
13 January 2021
|
Report
:
Cybersecuritybeeld Nederland
Investment in innovation grows
The good news is that most organizations, on average, spend 10.9 percent of their IT budgets on cybersecurity programs. Leaders spend slightly more at 11.2 percent which is insufficient to account for their dramatically higher levels of performance. And their investments in advanced technologies, such as artificial intelligence, machine learning or robotic process automation, are rising substantially. Today, 84 percent of organizations spend more than 20 percent of their cybersecurity budgets on tools that use these three technologies as fundamental components. The finding represents a good step up from the 67 percent being spent three years ago. The increase is even more impressive with respect to the leaders. Three years ago, only 41 percent of leaders were spending more than 20 percent of their cybersecurity budgets on advanced technologies. Today, that has doubled, to 82 percent.
22 January 2021
|
Report
:
Third Annual State of Cyber Resilience
The basics seem better
The suggestion that organizations are making progress in cybersecurity is valid. In fact, more than four out of five respondents agreed that cybersecurity tools have advanced significantly over the past few years and are noticeably improving their organization’s cyber resilience.
Improvements in basic security hygiene back up this finding. Being able to accurately assess the number of cyberattacks against an organization depends on the ability of each organization to detect them. On the other hand, security breaches are real events and likely to be more precisely recorded. With this in mind, cybersecurity teams across industries and geographies deserve recognition for the improved levels of cybersecurity protection over the past year. For example, the total number of cyberattacks dropped 11 percent, from 232 to 206 targeted attacks. At the same time, we have seen a larger drop of 27 percent in the number of security breaches which indicates the basics seem to be improving. On average, organizations now face 22 security breaches per year compared with 30 in the previous year.
22 January 2021
|
Report
:
Third Annual State of Cyber Resilience
Progress masks hidden threats
Indirect attacks against weak links in the supply chain now account for 40 percent of security breaches.
A closer look at the sources of cyberattacks reveals 40 percent of security breaches are now indirect, as threat actors target the weak links in the supply chain or business ecosystem. This shift is blurring the true scale of cyberthreats. If we apply the same average number of security breaches to indirect cyberattacks, the total number—both direct and indirect—could jump to about 280, a potential increase of 20 percent over the prior year.
Organizations should look beyond their four walls to protect their business ecosystems and supply chains as well. On average, cybersecurity programs actively protect only about 60 percent of an organization’s business ecosystem. That is an issue when 40 percent of breaches come via this route. In such an environment, few organizations have the luxury of standing still. Fully 83 percent of our respondents agreed that their organizations need to think beyond securing their enterprises and take steps to secure their ecosystems to be effective.
22 January 2021
|
Report
:
Third Annual State of Cyber Resilience
Unsustainable cost increases
Another threat is cost increases beginning to reach what many respondents consider unsustainable levels. Despite rising investments in new technologies for cybersecurity programs, our research highlights many areas where the cybersecurity technologies being purchased by this spending are failing.
Looking at a broad range of 17 different components of cybersecurity protection, 60 percent of respondents reported cost increases on all 17 components over the last two years. A significant number, almost one quarter, reported cost increases of more than 25 percent a year across all 17 components. The three areas of cybersecurity protection with the largest increases in cost are network security, threat detection and security monitoring. Reflecting these trends, 69 percent of our respondents said staying ahead of attackers is a constant battle and the cost is unsustainable
22 January 2021
|
Report
:
Third Annual State of Cyber Resilience
Security investments are failing
Failures lead to gaps in protection, lower detection rates, longer business impact and more customer data loss.
More bad news is threatening organizations’ cyber resilience in several areas and causing security investments to fail. Our research identifies serious gaps in protection, very low detection rates, much longer business impact and customer data being exposed. Yet, our leaders are, once again, proving the exception in many of these areas.
With only a little more than half of their organization covered by their cybersecurity programs, non-leaders are at risk of having many areas unprotected. This contrasts with leaders who are able to cover 85 percent of their organization with their cybersecurity programs. The difference reflects a substantial gap in protection between the two groups.
22 January 2021
|
Report
:
Third Annual State of Cyber Resilience
Fintech’s with a predominant tech focus or tech driven solution outperform in the market
Overall the Holland fintech's top 20 by growth is dominated by those companies that have a strong tech component or offer a tech driven solution, confirming that tech is the predominant driver for fintech adoption. In 2019, Factris, Geophy and Onegini saw the largest growth, in number of employees. Though all have a very distinct offering they also are very tech driven companies. Factris offers an online platform with financing solutions for the SMB market, Geophy uses data science and AI-powered valuation solutions to
value commercial property, Onegini offers secure identity cloud offerings for regulated industries. This top 3 is indicative of the current trends in fintech, where we see an increased focus on alternative finance platforms, continued growth of sub segments like regtech, legaltech, wealthtech, Proptech and insurtech, and the increased focus on secure identity solutions. In addition, enabling technologies, such as robo-advisory, AI, biometrics, blockchain, API’s and data analytics tools transition the fintech industry into a more mature phase. These enabling technologies continue to spur investments in the Fintech scene,
emphasizing the tech side more than ever.
10 June 2021
|
Report
:
State of the Dutch Fintech Market 2020
The second most significant threat encountered by European cybercrime investigators in 2018 was compromised data.
Compromised data refers mostly to easily-monetized financial data such as payment information or personal data and login credentials that can be used in subsequent cyber attacks. Employed means for stealing data are phishing, data breaches and information gathering malware. Increasingly the threat comes from malicious insiders.
14 April 2021
|
Report
:
Internet Organised Crime Threat Assessment 2019
Collaboration is a strategic imperative for growth & expansion of the fintech market
The Achilles Heel lies in the fact that it is still relatively complicated to achieve successful cooperation between large companies and startups, 18% of the respondents indicate poor conditions here. A missed opportunity as most studies indicate that collaboration is essential to stimulate and grow innovation. In this respect, collaboration should not be seen as a ‘nice to have’ but should be seen as a strategic imperative to further grow and expand business opportunity.
11 June 2021
|
Report
:
State of the Dutch Fintech Market 2020
Risk & security is high on the agenda of many in the fintech industry
82% of the respondents made regular or substantial investments into risk & security in 2020. Fintech's are extremely vulnerable when it comes to data and security breaches. The more an industry gets digitized, the higher the digital or cyber threat will become. With online banking emerging and digitization of banking and related financial services, this topic will remain high on the agenda for the foreseeable future. 74% of the respondents indicate that they invested a considerable or substantial amount into general software development this year. This includes elements such as security or compliance. Compliance in general is high on the agenda of Fintech’s as well.
11 June 2021
|
Report
:
State of the Dutch Fintech Market 2020
The Dutch market for cloud services continuous to grow
The Dutch market for cloud services continuous to grow, especially cloud-based services in the area of application hosting, web hosting, server platforms, as well as storage, backup, security and workplace automation is growing fast in the Netherlands. Leading vendors are Amazon Web Services (AWS), Microsoft and Google. Overall, the financial services industry is highly digitized, and therefore technology adoption rates are
relatively high. At the same time, the uptake of cloud services in this industry has been relatively slow, due to concerns on compliance, security and privacy.
11 June 2021
|
Report
:
State of the Dutch Fintech Market 2020
Data security is one of the main drivers for development of the Dutch fintech scene
Access to funding, data access & data quality as well as the entrepreneurial business climate were considered drivers for the Dutch fintech scene, the COVID-19 virus has shifted that completely to the entrepreneurial business climate. Respondents indicate that they expect this to be an important driver for growth post-lockdown. This is followed – though with some distance, by existing customer trust & data security, assuming that respondents see the developments in open banking and the associated regulation as well as the increase of attention on data security as a driver for customer trust.
11 June 2021
|
Report
:
State of the Dutch Fintech Market 2020
The use of API’s in the fintech sector will be one of the most promising developments
App to app integration - is probably the most dynamic technology area at the moment as it
has the largest proportion of respondents planning to invest. With the emergence of open banking, increased data accessibility and interconnectivity, the use of API’s in the Fintech
sector will be one of the most promising developments to watch for the time to come. With the implementation of PSD2, more and more API opportunities will open up in the financial services industry.
11 June 2021
|
Report
:
State of the Dutch Fintech Market 2020
The most mentioned safety and security problems for multinationals in The Hague are cybercrime, reputational damage and lack of innovation
According to research conducted by the HSD, the most mentioned safety and security problems for multinationals in The Hague are cybercrime, reputational damage and lack of innovation. Other problems that arise are: interruption of business operations, distribution or logistic failure, failure to attract or retain talent, economic slowdown, unethical behaviour, geopolitical tensions and occupational accidents.
22 June 2021
|
News
:
HSD Research: Utilization of Transactional Environment for Safety & Security within Multinationals
Most commonly feared cyberthreats amongst Dutch organisations
The most commonly feared cyberthreats among Dutch organisations are data leakages (40%), phishing attacks, malware attacks / vulnerability exploits (35%) and extortion / destruction of the organisation's data (25%). In case of a ransomware attack, 30% of Dutch organisations would pay the ransom in order to get their data back. However, opinions vary widely on this topic. For example, about 50% of the surveyed CxOs would pay the ransom, compared to the 29% of CISOs.
23 August 2021
|
News
:
Results Dutch Cyber Security Landscape Survey
92% of Dutch organisations claim to have an up-to-date cyber security strategy
92% of Dutch organisations claim to have an up-to-date cyber security strategy. On the other hand, 6% of Dutch organisations are starting to set up their strategy, while 15% are already working on a next-level strategy.
Furthermore, many success factors are cited for achieving cyber security goals. The most frequently cited factors are increased operational excellence, clear cyber security communication, cyber security awareness training and compliance.
23 August 2021
|
News
:
Results Dutch Cyber Security Landscape Survey
Researchers are collaborating on an international scale against DDoS attacks
Over forty researchers from the Netherlands and the United States are sharing knowledge, insights and experiences regarding Distributed Denial of Service (DDoS) attacks. For example regarding orphan domain names can be used for malicious content and DDoS attacks that are conducted via poorly secured IoT devices.
24 August 2021
|
News
:
International Collaboration Against DDoS Attacks
1.2 million people have fallen victim to cybercrime
8.5% of internet users in the age group of 12 years and older stated that they were a victim of digital crime in in the past twelve months in 2018. This concerns 1,2 million people. Especially young people fell victim. Financial fraud was on top of the list of crime according to a recent report.
24 August 2021
|
News
:
CBS: 1,2 Million Victims of Cybercrime
People Centric Security Trends
Although the 2020 pandemic changed how many people work and interact with organizations, people are still at the center of all business. And they need digitalized processes to function in today’s environment.
30 March 2021
|
External
:
Gartner Top Strategic Technology Trends for 2021
Location Independent Strategic Technology Trends
Location independence: COVID-19 has shifted where employees, customers, suppliers and organizational ecosystems physically exist. Location independence requires a technology shift to support this new version of business.
30 March 2021
|
External
:
Gartner Top Strategic Technology Trends for 2021
Avoid Supply Chain Disruptions By Tooling Its Management
The current pandemic has greatly contributed to supply chain failures and, consequently, disruption of critical services. Forrester predicts that firms will use supply chain risk intelligence solutions and mapping tools integrated with GRC solutions to mitigate supply chain risk and improve overall business resiliency.
30 March 2021
|
External
:
The Top Security Technology Trends To Watch, 2020
COVID-19 Forces Changes To Access Controls And Adoption Of New Security Tooling
COVID-19 will lead to reduced security budgets, forcing firms be more efficient in their security spend. In response, firms will use the MITRE ATT&CK framework, adopt Zero Trust-based identity-centric access controls, protect data with antisurveillance tools, and invest in securing and protecting cloud platforms and workloads.
30 March 2021
|
External
:
The Top Security Technology Trends To Watch, 2020
Doing Less With More Bolsters Security Resourcefulness And Automation
Companies facing security budget cuts will need to become more resourceful: Focusing
on automation, building in-house security technologies, and increasing customer-facing security are early areas of investment. Firms striving to be leaner will need to develop stronger business justification processes and reduce internal process complexities for easier security to keep firms protected.
30 March 2021
|
External
:
The Top Security Technology Trends To Watch, 2020
Increasing use of sensors and sensor data by the police
The police are increasingly working with sensors. In the late 1990s, the police also used sensors, such as cameras to photograph crime scenes and surveillance cameras on the street. But the number and type of digital sensors that the police have at their disposal has grown enormously. Police officers on the street are supported by digital sensor technology. This affects the role of the police officer. Agents make decisions based in part on information that comes from sensors. In this sense, the actions of the police are informed
by data. It is conceivable that sensor data will play a more guiding role in the near future.
20 May 2021
|
Report
:
Burgers en Sensoren
The police automates some of its core activities with smart sensor technology
A smart sensor can also perform core police activities. By the "smart sensor" we actually mean an automated robotic system. The definition of a robot is a "machine that can perceive, think and act". In that case, the three steps of the cybernetic loop are automated. For example, an ANPR camera can collect images continuously. A police officer still decides on the basis of an analysis of these images what action is needed. A fully automated intervention is also conceivable. For example, the Central Judicial Collection Agency (CJIB) could have ANPR cameras automatically issue fines for section controls. In that case, the ANPR camera system collects the data, analyzes it and takes action without human intervention.
20 May 2021
|
Report
:
Burgers en Sensoren
Citizens, businesses and municipalities are collecting more and more sensor data
In the past twenty years, the use of digital sensors in society has grown explosively. Citizens and businesses own a thousand times as many security cameras as the police. That is without all smartphones and other sensors. In practice, these are a great many digital witnesses who can support police work.
20 May 2021
|
Report
:
Burgers en Sensoren
The police are looking for new forms of cooperation to use sensor data from society for livability and safety
In the Netherlands we see various examples in which the police cooperate with citizens, companies and municipalities to promote quality of life and safety with sensor data.
An example is that the police stimulate citizens to do their own investigative work, for example by developing new digital platforms that facilitate citizens to do their own investigative work.
20 May 2021
|
Report
:
Burgers en Sensoren
Private parties will carry out and enforce their own investigative work with sensor data
In addition to the police and municipalities, private parties (citizens and companies) are increasingly using sensors and sensor data to make their own living environment more liveable and safer. Citizens and companies not only collect sensor data to share with the police (witnesses), but also analyze the data themselves (detect it) and take action (enforce it). This kind of 'do-it-yourself-policing' takes place on their own initiative. We see this happening more often in the business world, but also by citizens.
20 May 2021
|
Report
:
Burgers en Sensoren
Digital sensors have become more extensive, more mobile and smarter in recent years
Digital sensors have become more extensive, more mobile and smarter in recent years.
More extensive: The functions of digital sensors have expanded and have, in fact, digitized all of our senses: they can "look", "hear, "smell", "taste" and "feel".
More mobile: Digital sensors have become smaller and smaller. This makes digital sensors more mobile. They are in smartphones, can be worn on the body (such as smart watches and glasses) and can be controlled remotely.
Smarter: A camera that can recognize faces is an example of a "smart" camera.
21 May 2021
|
Report
:
Burgers en Sensoren
Multiple factors play a role in people's views on sensor surveillance
Citizens are not simply for or against a particular sensor application. Three personal dimensions can play a role in people's considerations, namely personal characteristics, attitudes, and the direct social environment. Additionally, three dimensions of sensor applications can play a role in people's considerations, namely:
1. Sensor technology: how sensor technology works.
2. Social practice and actors: the social practice in which the technology is applied and the actors who play a role in this.
3. Social, institutional context: the broader social, cultural and institutional context in which the sensor is applied
21 May 2021
|
Report
:
Burgers en Sensoren
Citizens expect the police and society to find a good balance between different values in the use of sensor technology
In addition to security and privacy, citizens find the following values important: democratic rights, efficient and effective business operations, capacity for innovation, transparency, liveability, autonomy or personal freedom and human contact.
21 May 2021
|
Report
:
Burgers en Sensoren
The acceptance of sensor deployment depends on the degree of safety and the type of living environment
The acceptance of sensor deployment depends on the degree of safety: the more unsafe citizens perceive a situation, the more they consider it permissible to use sensors to increase safety and quality of life. The acceptance also depends on the type of living environment: the use of sensors in private space is less acceptable than the application in public space, especially when there is a lot of traffic there.
21 May 2021
|
Report
:
Burgers en Sensoren
Administrative concern about the unprecedented crisis
The Netherlands is faced with new threats. Climate change, the energy transition and advancing digitization create new and complex issues for our society. New and even unprecedented crises seem to be emerging. Concern about the unprecedented crisis is fed by the realization that the increasing interdependence and complexity of technological and infrastructural systems make our society vulnerable to the consequences of minor disruptions in those systems. Such a disruption can cause all kinds of unexpected knock-on effects in other systems and thus suddenly bring entire sectors to a standstill. The social impact of such crises can be great and quickly transcends the regional and even the national level. The question is whether the Netherlands is prepared for such crises and the consequential societal disruptions.
25 May 2021
|
Report
:
Naar een gezamenlijke aanpak van ongekende crises
Societal disruption: small chance, big consequences
social disruption is an unlikely outcome of a complex process. A lot has to go wrong before the conditions are in place that enable a process of social disruption. It is a unique combination: a widely shared fear of a long-term failure of critical facilities, a dwindling confidence in the capacity of government and society to solve the problem and collective behavior that makes the situation worse. It can happen but it rarely happens. But when a society becomes disrupted, the process is difficult to stop. That's because this dynamic process has a self-reinforcing effect (a vicious circle is created). Without timely and adequate intervention, collective behavior can develop that will promote a deepening of the disruption. Here the problem arises that local, regional and national authorities appear to be not or hardly prepared for the specific challenges they will face in such a situation. In fact, the approach and arrangements, which usually seem to work during "ordinary" crises, can be counterproductive in a situation of social disruption.
25 May 2021
|
Report
:
Naar een gezamenlijke aanpak van ongekende crises
Societal disruption requires a specific response: resilience
Limiting the consequences of societal disruption is possible but difficult due to the chance of failure of critical facilities, the difficulty of effective government intervention, the lack of self-reliance in citizens, and the complexity of collaboration between organizations .The most effective response in countering social disruption stems from a high degree of resilience. This is a frequently used term in a variety of policy documents and the confusion surrounding this abstract concept is considerable. There is a distinction between administrative, institutional and social resilience. The general usefulness of resilience is rarely questioned. Now resilience is not something that can be achieved in the short term and with a few simple steps. Organizing resilience requires a long-term strategy and significant investments. However, it is rarely clear how local and regional authorities can strengthen that resilience. Recommendations for authorities therefore include: choose resilience, improve detection and monitoring, work on a resilient organization, and think through planning capacities.
25 May 2021
|
Report
:
Naar een gezamenlijke aanpak van ongekende crises
Cyber disruptions pose specific challenges that can further fuel the process of social disruption
Cyber disruptions can lead to social disruption. Cyber disruptions entail the following specific challenges that can further fuel the process of social disruption:
-Unpredictable consequences and complexity
-Disinformation and fake news
-Lack of expertise and experience
-Cross-border reconciliation
However, the social process - which is accompanied by social disruption - is not very different from a disruption of a different nature.
25 May 2021
|
Report
:
Naar een gezamenlijke aanpak van ongekende crises
CIO's lead the bold disruptors: 30% of firms will increase spend on cloud, security and risk, networks, and mobility
In 2021, 30% of businesses will continue to accelerate their spend on cloud, security and risk, networks, and mobility — including struggling businesses looking to leapfrog less wily competitors and gain advantage coming out of the pandemic.
Leading CIOs will embrace cloud-first and platform strategies for speed and adaptiveness, eschewing stovepipes for end-to-end solutions. Interviews with leading CIOs found that they are collaborating more across organisations, objectives, and budgets, extending IT-business partnerships into enterprise- level shared accountability. They will also invest aggressively in employees, breaking down old ideals and resolving resistance within the organisation.
In fact, CIOs focused on employee experience (EX) will help their businesses attract, develop, and retain talent that can provide competitive advantage in a critical year. They will make the investments to foster social collaboration, make information easier to find and use, and provide less distracting security. CIOs who are slow or unable to adapt will become mired in short- term fixes that lead to digital sameness, not differentiation, and their top talent will get frustrated and leave for more visionary pastures.
22 January 2021
|
External
:
European Predictions 2021
Insurers hone in on cost control, containing claim leakage becomes the top priority for general insurance
Along with the coronavirus pandemic and social and economic crises, 2020 has been, for insurers, a year of claims. 2021 promises more of the same as the virus and other events continue to pressure insurers globally.
A key focus for insurers will be controlling claims costs. Along with hefty losses from global natural disasters, COVID-19-related general insurance claim losses could reach $100 billion. The magnitude of the losses will heighten focus on claim leakage, or dollars lost through claims management inefficiencies. As one third-party administrator we interviewed noted, claim leakage is “absolutely a big priority because in our world, anything paid incorrectly comes from our bottom line."
In 2021, expect a flurry of smart analytics investments to identify leakage potential at first notice of loss, as well as a sharper focus overall on claim leakage, with management consultants adopting an improved playbook.
22 January 2021
|
External
:
European Predictions 2021
EU takes bold steps in regulating AI, the European Parliament will draft new AI rules and abandon e-privacy reform
We expect that the European Parliament will not only fail to adopt the e-privacy regulation proposal that’s currently on the table in 2021 but will shelve it altogether. But with Google ending support for third-party cookies in its browser and the advertising industry embracing “cookie-less” approaches, the lack of updated e-privacy rules will have limited impact.
Meanwhile, data suggests that many EU citizens find current legislation inadequate for regulating AI-based activities. In just three months, the European Commission collected more than 1,200 formal opinions for its White Paper on Artificial Intelligence. And companies such as Rolls-Royce have announced their own AI ethics frameworks.
Forrester predicts that the European Parliament will finalise a draft of a new AI regulation that will be the world’s first. Thus, companies that do business with Europeans should invest in ethical AI approaches now.
22 January 2021
|
External
:
European Predictions 2021
Critical year for cloud competition in EU, GAIA-X will not make a significant impact in 2021
Europe is buzzing about the new GAIA-X sovereign cloud initiative — but the foundation’s members must now deliver concrete services and a clear value proposition. Three US- based hyperscalers — AWS, Microsoft, and Google — are the primary public cloud vendors for 46% of respondents at European companies, and their expanding network of European data centres and compliance with national rules will help them keep growing.
Despite the invalidation of EU-US Privacy Shield, legal (standard contract clauses) and technical (encryption) measures still help when you must transfer personal data outside the EU. If GAIA-X develops sensible policies for data sharing and use, we expect all major cloud providers to engage; if your provider doesn’t, it’s time to find a new supplier.
But in 2021, satisfied clients of the “keep my data in Europe” services from non-European-headquartered cloud businesses can stick with their current suppliers.
22 January 2021
|
External
:
European Predictions 2021
Risk management becomes a top supply chain priority, supply chains reconfigure to become resilient collaborative supply networks by 2022
To boost supply chain resilience, most large manufacturers will regularly pool data about supplier and carrier performance.
Supplier rationalisation will yield to supplier risk mitigation as most large manufacturers revisit existing ERP capabilities to automate multivendor sourcing based on risk. By 2022, event monitoring and dynamic production or logistics rescheduling platforms will raise a billion dollars in funding. A minority of global manufacturers will source indirect materials through markets like Alibaba or Amazon, but most will source direct materials from specialist industry marketplaces.
Secure product fingerprints will still be too costly for most items in the supply chain to make blockchain verification viable. Companies will focus on working with trusted suppliers using networks such as Trust Your Supplier. Manufacturing leaders must learn to federate data and distribute trust to collaborate with customers and suppliers in multi-enterprise supply networks.
22 January 2021
|
External
:
European Predictions 2021
Supply chain cybersecurity: a sometimes overlooked essential to securing your business.
In today’s networked digital infrastructures, it is no longer enough to ensure the security of one’s own IT networks and systems. Incidents elsewhere in the chain can have an immense impact as they trickle down. Suppliers, vendors, contractors, and other third parties have become part of the security risk area. Meanwhile, hostile hackers no longer require to actually gain access to their main target to get to their end goal. Supply chains have essentially become supply networks. And while the challenges for protecting an organization continue to rise, the connectivity offers a learning opportunity and potential cost savings as well. For companies that have already been attacked, it is worth sharing their experiences and best practices. Those who haven’t would be wise to learn from others, because it’s improving their security posture as well as the supply network that they’re part of.
28 January 2022
|
Report
:
Als de Keten Zelf de Zwakste Schakel is
Increase in operational technology (OT) targeting incidents
According to X-Force data, a 2000 percent increase in operational technology (OT) targeting incidents in 2019 could portend the rising interest of threat actors to attack industrial systems as we move into 2020.
22 January 2021
|
External
:
X-force threat intelligence index
The malware landscape shifted in 2019, with threat actors returning to ransomware and building out botnets
The malware landscape shifted in 2019, with threat actors returning to ransomware and building out botnets. Throughout 2019, X-Force IRIS responded to ransomware engagements in 12 different countries in 5 different continents and across 13 different industries. Additionally, destructive malware activity shows that this potentially catastrophic malware trend continues to be a rising threat.
22 January 2021
|
External
:
X-force threat intelligence index 2020
The top three initial infection vectors were Phishing, Scan and Exploit and Stolen Credentials
The top three initial infection vectors seen in X-Force IRIS engagements in 2019 were a very close first, second, and third: Phishing (31 percent), Scan and Exploit (30 percent) and Stolen Credentials (29 percent). Phishing, most notably, went from making up nearly half of the total incidents in 2018 to less than a third in 2019. By contrast, the scanning and exploitation of vulnerabilities increased to nearly one-third of the incidents from only making up eight percent in 2018.
22 January 2021
|
External
:
X-force threat intelligence index 2020
Spam email continues to use a limited subset of vulnerabilities
X-Force analysis of global spam activity indicates that spam email continues to use a limited subset of vulnerabilities, with particular focus on just two CVEs: 2017-0199 and 2017-11882. Both of these are patched vulnerabilities that have accounted for nearly 90 percent of the vulnerabilities threat actors attempted to exploit via spam campaigns.
22 January 2021
|
External
:
X-force threat intelligence index 2020
Most targeted sectors were financial Services, Retail, Media, Education, and Government
Though Financial Services retained its top spot as the most targeted sector in 2019, industry-specific targeting highlighted shifting priorities for threat actors, with Retail, Media, Education, and Government all moving up on the global chart of the most targeted sectors.
22 January 2021
|
External
:
X-force threat intelligence index 2020
Attack activity in Europe: RDP compromise, POS malware, insider threats
Most notable attack activity observed in X-Force incident response engagements in 2019 in Europe specifically: RDP compromise, POS malware, insider threats
22 January 2021
|
External
:
X-force threat intelligence index 2020
Europe: Mainly financially-motivated threat actors
Unlike Asia, which is mostly affected by rivaling nation states, Europe appeared to be primarily targeted by financially-motivated threat actors. This difference may be explained by the greater potential for theft from European-based companies based on currency exchange rates. Alternatively, criminal motivations could be in pursuit of intellectual property, which can be sold to competitors for significant gain.
22 January 2021
|
External
:
X-force threat intelligence index 2020
The risk surface will continue to grow in 2020
The risk surface will continue to grow in 2020, with more than 150,000 current vulnerabilities and new ones reported regularly
22 January 2021
|
External
:
X-force threat intelligence index 2020
the year 2020 could see another big number of lost records due to breaches and attacks
With over four times as many records breached in 2019 as in 2018, the year 2020 could see another big number of lost records due to breaches and attacks.
22 January 2021
|
External
:
X-force threat intelligence index 2020
Threat actors continue to shift their sights to different attack vectors in 2020
Threat actors continue to shift their sights to different attack vectors, with increased targeting of IoT devices, Operational Technology (OT), and connected industrial and medical systems, to name a few.
22 January 2021
|
External
:
X-force threat intelligence index 2020
Malware use by threat actors continues to fluctuate in 2020
Malware use by threat actors continues to fluctuate, with ransomware, cryptominers, and botnets all taking lead at different points in 2019. We expect this trend to continue in 2020, meaning organizations will need to protect themselves against varied threats that change over time.
22 January 2021
|
External
:
X-force threat intelligence index 2020
Spam activity continues unabated in 2020
Spam activity continues unabated, requiring diligent blacklisting, vulnerability patching and threat monitoring by organizations.
22 January 2021
|
External
:
X-force threat intelligence index 2020
The year-over-year shift in industry-specific targeting highlights the risk to all industry sectors
The year-over-year shift in industry-specific targeting highlights the risk to all industry sectors and a need for meaningful advancements and maturity in cybersecurity programs across the board.
22 January 2021
|
External
:
X-force threat intelligence index 2020
The human factor is the primary risk concern in the aviation industry
There are renewed concerns over human behaviour posing threats and vulnerabilities. This is apparent across multiple sectors. For example, 87% of executives around the world noted that untrained staff is the greatest cyber risk to their business. In the aviation industry in particular, individual organisations considered the human factor to be the primary risk concern. Consequently, most incidents emerged from social engineering (such as social phishing).
23 April 2021
|
External
:
Advancing Cyber Resilience in Aviation: An Industry Analysis
Many knowledge institutions have invested extra in measures that increase cyber resilience
Many institutions have invested extra in measures that increase resilience. Investments were made in particular in VPN solutions, multi-factor authentication, patch management, backups and awareness. A new trend is the interest in insurance against cybercrime.
3 June 2021
|
Report
:
Cyberdreigingsbeeld onderwijs en onderzoek 2020-2021
Increased reliance on a small number of major cloud providers from outside the EEA makes education and research vulnerable
To facilitate distance education and working from home, institutions are deploying new tooling, including video conferencing tools and tools for online proctoring. They usually use cloud services for this. This has made institutions even more dependent on a limited number of large cloud providers, which can disrupt continuity in the event of a disaster.
3 June 2021
|
Report
:
Cyberdreigingsbeeld onderwijs en onderzoek 2020-2021
Disruption, espionage and sabotage are the largest cyberthreats to the Netherlands
The Dutch society is, for a large part, dependent on digital processes. Datanetworks, data, services and systems are becoming more interconnected, making them larger and complex in nature. If digital (vital) processes are affected, the consequent disruption can lead to large-scale societal damage. The extent of the threat, especially by espionage and sabotage, and the lack of cyber resilience pose major risks to Dutch society.
4 June 2021
|
Report
:
Strategisch Omgevingsbeeld 2020
No major shifts in types of cyber threats over time
There are no major shifts compared to 2019 in the types of threats observed. Obtaining and disclosing data, identity fraud and disruption of ICT facilities are still the most common threats. Takeover and misuse of ICT resources is a threat that has increased in 2020.
4 June 2021
|
Report
:
Cyberdreigingsbeeld onderwijs en onderzoek 2020-2021
Knowledge institutions pay more attention to knowledge security
Knowledge institutions pay more attention to knowledge security. Partly because of the changed international relations, they assess the exchange of knowledge in partnerships or the participation of some foreign students in a different way. They also check whether unwanted knowledge and technology transfer to third countries cannot take place in this way
4 June 2021
|
Report
:
Cyberdreigingsbeeld onderwijs en onderzoek 2020-2021
Cybersecurity expertise and resources are still scarce, this calls for even more collaboration
Expertise and resources are still scarce. Collaboration on the theme of cybersecurity within education, research and beyond is as important as ever. Nearly half of institutions spend less than 5% of their total IT budget on information security. It is striking that the percentage of 'unknown' has increased slightly compared to 2019. Almost half of the institutions indicate that they have between 2 and 5 FTEs available for information security. This is a slight increase compared to 2019, but in the coming years, there will still be a great scarcity of cybersecurity expertise
4 June 2021
|
Report
:
Cyberdreigingsbeeld onderwijs en onderzoek 2020-2021
Cybersecurity awareness and training is increasingly crucial
Phishing attempts have exploded and methods continue to become more sophisticated. Investing in training and awareness is becoming increasingly crucial, so that the user also becomes more resilient against the latest threats. Most institutions regularly conduct awareness campaigns. About a quarter of the institutions indicate that new employees receive awareness training when they are hired.
4 June 2021
|
Report
:
Cyberdreigingsbeeld onderwijs en onderzoek 2020-2021
Information sharing about ongoing cyber attacks has decreased
The number of institutions that report directly to the board in the event of a serious incident has decreased slightly compared to 2019; then it was 93%, now 85%. However, the percentage that does not immediately report a serious incident has increased from 5% to 11%:
4 June 2021
|
Report
:
Cyberdreigingsbeeld onderwijs en onderzoek 2020-2021
Cyber risk perception has generally increased
the risks are estimated to be higher in the education process, the research process and the operational management than in 2019. Only in the case of Consciously damaging the image, the risk is estimated slightly lower in all 3 processes. A slightly lower risk assessment is also made for Espionage in the educational process and in operational management.
4 June 2021
|
Report
:
Cyberdreigingsbeeld onderwijs en onderzoek 2020-2021
Governments are adjusting their cyber ecosystems in order to increase cybersecurity
Cyber attacks can spread and threaten multiple organisations, clients, industries and sectors at once. Governments are interested in utilising the growing information ecosystem. However, this ecosystem is accompanied with new risks. Reliable cybersecurity requires breaking down internal silos, recrafting external relationships, and making sure the public workforce comprises the best cyber talent.
26 August 2021
|
Report
:
Overheidstrends 2021: De rol van de overheid ten aanzien van cyber
In Europe, more supply chain attacks have taken place since 2020
Supply chain attackers managed to have significant impacts in terms of the downtime of systems, monetary losses and reputational damages in 2020. Based on previously observed trends and patterns, supply chain attacks will continue to pose risks in 2021. It is estimated that there will be four times more supply chain attacks in 2021 than in 2020. With half of the attacks being attributed to Advanced Persistence Threat (APT) actors, their complexity and resources greatly exceed the more common non-targeted attacks, and, therefore, there is an increasing need for new protective methods that incorporate suppliers in order to guarantee that organisations remain secure.
26 August 2021
|
Report
:
ENISA Threat Landscape for Supply Chain Attacks
Most common attack techniques and targeted assets in supply chain attacks
Most attack techniques that are used to compromise a supplier in a supply chain attack are unknown (66%), or conducted through exploiting software vulnerabilities (16%). Most assets that are targeted are code (66%), data (20%) and processes (12%). Furthermore, the compromised suppliers' assets are used as an attack vector to compromise customers. Those attacks are most done by abusing the trust of the customers (62%) or by using malware (62%).
26 August 2021
|
Report
:
ENISA Threat Landscape for Supply Chain Attacks
Delloite's 2021 Future of Cyber Survey showcases the current cybersecurity landscape from the perspective of executives.
As organizations navigate an evolving threat landscape and an increase in cybersecurity incidents, it’s important to have plans in place to mitigate such attacks, while also contending with both talent shortages and technology challenges. But how do the cybersecurity views of executives in the US stack-up against those of executives in the rest of the world? Deloitte Touche Tohmatsu Limited’s 2021 Future of Cyber report surveyed over 577 C-suite executives globally –159 in the US and 418 outside of the US in the ROW – across several industries regarding their organizations’ cybersecurity programs.
3 November 2021
|
Report
:
Deloitte Future of Cyber Survey
The digital infrastructure is critical for the functioning of society
The digital infrastructure of a society must remain in order, just like air, water, road and rail. If digital processes do not work properly, this can have major impact on society. Organisations can be unable to do their work, personal data can be exposed and facilities may stop functioning. For example: a hack at a cheese packaging company, a data leak at an ICT service providers for car companies and an ICT malfunction at an hospital can lead to such an impact.
In the past year, a great difference can be seen in the cyber security resilience of companies and organisations. Experts are concerned that this gap will expand in the future. Also, due to the Covid-19 pandemic, more processes have been digitised, thereby increasing the importance of digital security even further.
23 August 2021
|
News
:
Cyber Attacks Affect the Nervous System of Society
The risk of anarchic uprising
Young activists, fed up with corruption, inequality and suffering, mobilize against elites. AI-powered social media is exploited to spread disinformation, fomenting social chaos.
1 June 2021
|
External
:
The Global Risks Report 2021
The risk of a collapse of an established democracy
A democracy turns authoritarian through the progressive hollowing out of the body of law. A legal rather than a violent coup erodes the system, with knock-on effects on other democratic systems.
1 June 2021
|
External
:
The Global Risks Report 2021
Technological developments ask for new knowledge and skills
There are worries about the preparation of the youth for a digital future. New technological developments, such as artificial intelligence, ask for new knowledge and skills. Specialists working in those areas of technology are heavily needed and will continue to be needed. One way in which we can work on those new knowledge and skills is through education at universities, but also in secondary or primary education by implementing new curriculum.
23 May 2021
|
Report
:
CSR Magazine
The distribution of jobs in the security domain across branches of industry is relatively constant over time
The largest branches, in terms of the number of security jobs (both primary and secondary) are, in order, Health and social work, Public administration and services and Information and communication and this order remained relatively constant since 2013. There is slightly more variation over time in the percentage of security workers within a branch. For example, between 2016 and 2018, the share of security workers in the ‘electricity and gas supply’ branch has become greater than the share of security workers in the ‘Health and social work’ branch). But again, the situation remains relatively constant over time.
19 May 2021
|
Report
:
Education and Labour Market in the Security Domain
The application of Artificial Intelligence is widespread
Artificial Intelligence can be applied to almost every sector and domain. For example, AI can be used for the development of self-driving cars, intelligent search engines, navigation systems and chatbots. 86% of companies therefore say that AI will have a big impact in their sector.
11 August 2021
|
Report
:
Strategisch Actieplan voor Artificiële Intelligentie
Universities of Applied Sciences are collaborating in the field of safety and security
Four Dutch Universities of Applied Sciences are collaborating in the field of safety and security. The themes that are central for the collaboration are subversion, cyber crime and cyber security, data and intelligence. The angle of the research is strongly practice-oriented and therefore directly supportive of what practice demands.
21 June 2021
|
News
:
Institutes for Higher Education Join Forces in National Lector Platform Security
Cross-cutting crime facilitators and challenges to criminal investigations: Social engineering
Social engineering remains a top threat to facilitate other types of cybercrime.
22 January 2021
|
Report
:
Internet Organised Crime Threat Assessment 2020
Cross-cutting crime facilitators and challenges to criminal investigations: cryptocurrencies
Crypto currencies continue to facilitate payments for various forms of cybercrime, as developments evolve with respect to privacy oriented crypto coins and services.
22 January 2021
|
Report
:
Internet Organised Crime Threat Assessment 2020
Cross-cutting crime facilitators and challenges to criminal investigations: crime reporting
Challenges with reporting hinder the ability to create an accurate overview of crime prevalence across the EU.
22 January 2021
|
Report
:
Internet Organised Crime Threat Assessment 2020
Cyber-dependent crime: ransomware
Ransomware remains the most dominant threat as criminals increase pressure by threatening publication of data if victims do not pay. Ransomware on third-party providers also creates potential significant damage for other organisations in the supply chain and critical infrastructure.
22 January 2021
|
Report
:
Internet Organised Crime Threat Assessment 2020
Cyber-dependent crime: emotet
Emotet is omnipresent given its versatile use and leads the way as the benchmark of modern malware.
22 January 2021
|
Report
:
Internet Organised Crime Threat Assessment 2020
Cyber-dependent crime: DDoS attacks
The threat potential of DDoS attacks is higher than its current impact in the EU.
22 January 2021
|
Report
:
Internet Organised Crime Threat Assessment 2020
Child sexual exploitation online
The amount of online CSAM detected continues to increase, further exacerbated by the COVID-19 crisis, which has serious consequences for the capacity of law enforcement authorities. The use of encrypted chat apps and industry proposals to expand this market pose a substantial risk for abuse and make it more difficult for law enforcement to detect and investigate online CSE activities. Online offender communities exhibit considerable resilience and are continuously evolving. Livestreaming of child sexual abuse continues to increase and became even more prevalent during the COVID-19 crisis. The commercialisation of online CSE is becoming a more widespread issue, with individuals uploading material to hosting sites and subsequently acquiring credit on the basis of the number of downloads.
22 January 2021
|
Report
:
Internet Organised Crime Threat Assessment 2020
Payment fraud: SIM swapping
SIM swapping is a key trend that allows perpetrators to take over accounts and has demonstrated a steep rise over the last year.
22 January 2021
|
Report
:
Internet Organised Crime Threat Assessment 2020
Payment fraud: BEC
BEC remains an area of concern as it has increased, grown in sophistication, and become more targeted.
22 January 2021
|
Report
:
Internet Organised Crime Threat Assessment 2020
Payment fraud: online investment fraud
Online investment fraud is one of the fastest growing crimes, generating millions in losses and affecting thousands of victims.
22 January 2021
|
Report
:
Internet Organised Crime Threat Assessment 2020
Payment fraud: card-not-present (CNP) fraud
Card-not-present (CNP) fraud continues to increase as criminals diversify in terms of target sectors and electronic skimming (e-skimming) modi operandi.
22 January 2021
|
Report
:
Internet Organised Crime Threat Assessment 2020
The criminal abuse of the Darkweb: the Darkweb environment has remained volatile
The Darkweb environment has remained volatile, lifecycles of Darkweb market places have shortened, and no clear dominant market has risen over the past year compared to previous years to fill the vacuum left by the takedowns in 2019.
The nature of the Darkweb community at administrator-level shows how adaptive it is under challenging times, including more effective cooperation in the search for better security solutions and safe Darkweb interaction.
22 January 2021
|
Report
:
Internet Organised Crime Threat Assessment 2020
The criminal abuse of the Darkweb: Privacy-enhanced cryptocurrencies and privacy-enhanced coinjoin concepts
There has been an increase in the use of privacy-enhanced cryptocurrencies and an emergence of privacy-enhanced coinjoin concepts, such as Wasabi and Samurai.
22 January 2021
|
Report
:
Internet Organised Crime Threat Assessment 2020
The criminal abuse of the Darkweb: surface web e-commerce sites and encrypted communication platforms
Surface web e-commerce sites and encrypted communication platforms offer an additional dimension to Darkweb trading to enhance the overall business model.
22 January 2021
|
Report
:
Internet Organised Crime Threat Assessment 2020
Key transformative technology that will contribute to the changing dynamics of cyberspace: Ubiquitous connectivity
Devices, networks and services are increasingly hyperconnected and interdependent, operating on sophisticated shared infrastructures. Factors such as the speed, reliability, low latency, agility and intelligence of communications architectures are leading to significant changes in the way in which they are used and relied upon pervasively throughout our environments.
Systemic risks related to this development:
-Scale and criticality: The sheer scale of the connected ecosystem means that the potential attack surface is expanding rapidly. As previously unconnected systems become connected to each other and to the internet, there is an increased risk to the confidentiality, integrity and availability of digital assets – whether it’s data, information, algorithms or digital services. The potential implications in terms of compromise for industry and society are becoming more severe.
-Interdependency: A range of new entangled relationships between actors in the digital ecosystem is evolving. The emergence
of new products and growth of new service-based models is creating complex interdependencies between organizations, supply chains, sectors and individuals. This interdependency creates a risk of unforeseen cascade effects: Incidents occurring in one part of the ecosystem could harm those actors and systems dependent on it. Imbalance in perceptions of risk could lead to situations where high-value business., assets are connected to third-party systems whose owners assess them to be low risk and that therefore do not have the appropriate levels of protection. A failure to maintain the visibility and assign the accountability that is needed to assure end-to-end processes across multiple parts of the ecosystem could lead to gaps in security and heightened risk.
-Shared resources: Many entities are sharing a growing dependence on a concentrated underpinning infrastructure and set of shared services, including cloud, internet service providers, hardware, software and the equipment supply chain. This creates an attack
surface of high-value shared resources with a high probability of attack, and the potential for compromise to have severe and systemic
impacts. The homogeneity of the shared technology infrastructure that results from its being delivered by a small pool of providers may result in systemic risk, as the exploitation of a vulnerability found in a widely used resource could affect vast swathes of the ecosystem. Similarly, there is a risk of collateral damage occurring as a result of targeted attacks against a single client via this shared infrastructure. Identifying the critical shared resources, who owns them and their key dependencies is a complex task.
22 January 2021
|
Report
:
Cybersecurity, emerging technology and systemic risk
Key transformative technology that will contribute to the changing dynamics of cyberspace: Quantum
Quantum computers will demonstrate an advantage over classical computers in solving a range of computational and modelling problems (although predictions of the timelines on which this will happen vary). Some problems may become tractable for the first time, enabling new functionalities and presenting new risks to conventional security measures.
Risks:
Disrupting cryptographic infrastructures:
The principal cybersecurity risk is posed by the impact quantum computing will have on currently widely adopted asymmetric cryptography. A sufficiently powerful and error-corrected quantum computer would solve some of the classical mathematical problems on the intractability of which many of these cryptography methods rely. It would therefore have the potential to break the cryptographic security on which enterprises and the wider digital economy rely.
‘Download now, decrypt later’:
The potential future quantum threat to cryptography is relevant to the risk decisions being made today. There is a “download now, decrypt later” risk for datasets with extended periods of sensitivity: data that exists now could be harvested by adversaries for decryption in the future.
Novel and secondary security risks arising from broader economic and industrial transformation:
As organizations face a need to outsource quantum computations on their most valuable IP to third- party services, they could face risks of adversarial interference. There is also a risk that unintended functionalities arising from quantum algorithms. There are also several shared infrastructures that depend on the collective application of quantum-vulnerable cryptography. This includes the interconnected systems and interdependent business models of the industrial internet of things (IIoT), and the distributed-ledger technologies being rolled out across a range of industrial applications. In many cases, “ownership” of these shared infrastructures is highly distributed, and it is not necessarily clear who is responsible for ensuring that they are made quantum-safe.
Geopolitical risk and equitable access:
The potential concentration of the first sovereign quantum capabilities (technologies and experts) in a small number of advanced nations has geopolitical implications. As with all new technologies that raise the bar in terms of competitiveness, there is a global risk that competition and protectionism will interfere with international collaboration and equitable access. This could act as a major barrier to unlocking the full potential economic and societal benefits of quantum technology to the wider economy, and widen asymmetries in terms of security and industrial capability. If equitable access to the technologies is not ensured, nations that have sovereign quantum capabilities may use them to create a strategic advantage, while other nations fall into “quantum poverty”.
22 January 2021
|
Report
:
Cybersecurity, emerging technology and systemic risk
Key transformative technology that will contribute to the changing dynamics of cyberspace: identity and access management
Emerging next-generation approaches to identity and access management will enable new services, applications and operating models, with efficiency and low friction that can support the fast speed and large scale of the emerging cyberspace.
The risks to the security of emerging identity systems can be considered in terms of their confidentiality, integrity and availability.
• There will be a major confidentiality risk to the large amounts of personal information managed by identity systems (including personally identifiable information [PII], and biometric, behavioural and locational data). Minimizing the risk to this data will be critical.
• There is a risk that the integrity of the identity ecosystem will be subverted, reducing the confidence of participants in it. For participating actors, there are challenges to establishing the integrity of the components they depend on (particularly in cases where there is a trust deficit), and establishing their competence in protecting their part of the ecosystem against abuse.
• There is an availability risk: that attackers will attempt to prevent access to or use of identity infrastructure. If the infrastructure does not have the necessary resilience and fallback modes, then attacks on the availability of systems on which services depend critically could have grave consequences. Achieving resilience will be particularly challenging in those elements of society where infrastructure (both technical and governance) is weak.
22 January 2021
|
Report
:
Cybersecurity, emerging technology and systemic risk
Opportunities for safety from emerging technologies
Advances in robotics are creating opportunities to remove humans from hazardous environments (e.g. in manufacturing) and to remove human error from safety-critical decisions. Advances in sensing and analytics could help predict natural disasters.
22 January 2021
|
Report
:
Cybersecurity, emerging technology and systemic risk
Hidden cyber-resilience deficit
It is a fact that even today many organizations can find themselves unknowingly dependent on components of the ecosystem due to a lack of transparency downstream and upstream in supply chains. Without intervention, this may simply grow in complexity: Dependencies will become increasingly unmanageable and opaque as the ecosystem becomes more entangled. This means that it will not be possible to account for the aggregation of cyber risk, and where there is a lack of resilience within organizations, we may be developing a growing and hidden cyber-resilience deficit.
22 January 2021
|
Report
:
Cybersecurity, emerging technology and systemic risk
Widening cybersecurity skills gap
There is already a global capacity shortage in cybersecurity (both specialists and across the wider workforce), and as new technologies emerge, the existing skills gap in delivering cybersecurity is likely to grow. Unless education and training are accelerated significantly, the workforce will not have the necessary cybersecurity capacity and mindset. A lack of cyber literacy among leaders and innovators will prevent appreciation of the risks to organizations and the ecosystem, and prevent the necessary investments being made for cyber resilience.
22 January 2021
|
Report
:
Cybersecurity, emerging technology and systemic risk
Fragmentation of technical and policy approaches
Emerging technologies are driving an increasing interdependence and entanglement at a time when global governance of cyberspace is weak. Many of the relevant technical standards and governance principles are divided into jurisdictional and sectoral siloes. There is a risk of further divergence at the public policy level; geopolitical divergence and protectionist stances make this difficult to reconcile. A lack of interoperability at a governance level could lead to: a failure to realize the potential value of a secure global digital ecosystem: incompatible security-compliance requirements; and suboptimal (and thus costly) security in parts of the ecosystem.
22 January 2021
|
Report
:
Cybersecurity, emerging technology and systemic risk
Existing operational-security capabilities and technologies not fit for purpose
Mitigating threats and responding to incidents individually and collaboratively will require new approaches. Existing operational capabilities are not sufficient technically to address new technologies and data formats and will not deliver the pace and scale
of collaborative operations (including information sharing, collective response, and detection, disruption and deterrence of cybercrime) that will be needed to address the emerging risks. There is a need to increase the level of automation within cyber-defence capabilities, ensure that the cybersecurity tools developed can interoperate effectively, and support enriched intelligence sharing at the pace necessary to address emerging threats.
22 January 2021
|
Report
:
Cybersecurity, emerging technology and systemic risk
Underinvestment in support (knowledge, guidance, research investment) and incentives (market forces, regulation) for developing emerging technologies securely
Security is not being considered an integral component of technology innovations. This means it is likely that technologies will be developed with little or no consideration for malicious threats, as has happened in the past. Without the right incentives to prevent this, there is a risk of insufficient security functionality and later costly retrofit. Further, the complexity of supply chains and systems may mean that innovators will make false assumptions about the security inherent in the systems upon which their solutions are layered, causing hidden risk. This hidden risk may also manifest where organizations exploit machine learning without an ability to determine the integrity of and absence of bias in the algorithms.
22 January 2021
|
Report
:
Cybersecurity, emerging technology and systemic risk
Ambiguous accountability
While shared dependence widens the pool of actors affected by the resilience of a part of the ecosystem, it can also create ambiguity in the accountability for ensuring this resilience. Complexity and entanglement are exacerbating a lack of clarity about accountability and where the liability lies for assuring end-to-end services and shared critical infrastructures. Risk transfer (e.g. via contracts or via tech E&O [errors and omissions] insurance) cannot cover the full scope of sideways exposure.
22 January 2021
|
Report
:
Cybersecurity, emerging technology and systemic risk
Key transformative technology that will contribute to the changing dynamics of cyberspace: Artificial intelligence/advanced machine learning
As it becomes possible to automate increasingly sophisticated calculations, activities can be carried out in cyberspace faster and on a larger scale – and most importantly, using huge datasets for training. The ability to aggregate and process such data will lead to huge increases in the predictive powers of algorithms. Substantial investments are being made in AI research and development globally, in particular using machine learning techniques. Global spending on AI was estimated to be $37.5 billion in 2019, and is forecast to reach $97.9 billion in 2023,35 with China and the US dominating global AI funding.36 The emerging technologies are capable of faster, more precise analytics and decision-making, and of deriving insights from big data, outperforming traditional digital approaches and some aspects of human capabilities in diverse fields such as transport, manufacturing, finance, commerce and healthcare. Large corporations in every industry are seeking to create value by taking advantage of new means of data exploitation, business-process improvements (e.g. in sales, production and supply-chain management), cost-efficiency gains and the ability to enhance customer experiences.37 It is anticipated that within the next 5–10 years, AI systems will play an increasingly critical and unsupervised role within organizations, including the use of robotics in physical manufacturing tasks, for example.
22 January 2021
|
Report
:
Cybersecurity, emerging technology and systemic risk
A limited number of Smart City initiatives in the security domain move from innovation to implementation
In the Netherlands, there has been a lot of experimentation in recent years with technology and data-driven innovation around security issues in cities, usually under the heading "Smart City". This often takes place in testing grounds, living labs, or in the form of a pilot. However, the operational implementation of successful innovations resulting from those experiments, which can be of great societal value, remains limited so far.
Reasons include focusing too much on the technical solution rather than the societal issue at hand, no clear role division, legal obstacles, a lacking follow up of collected data, obstacles in public-private partnerships, obstacles in collaboration between departments within municipalities, and the complexity of citizen participation.
19 May 2021
|
Report
:
Van Innovatie Naar Implementatie In Smart Cities: Aanbevelingen Voor Succes
Business continuity risks are increasing for Dutch municipalities
Risks regarding the business continuity of municipalities is increasing, due to the growing standardisation of online processes. Such risks are both technical (such as faulty hard- and software) and non-technical (such as pandemics, fires and floods).
19 May 2021
|
Report
:
Dreigingsbeeld Informatiebeveiliging Nederlandse Gemeenten 2021/2022
Actors and their roles differ per phase in Smart City initiatives
On average fewer actors are involved in the implementation phase (average 7) than in the innovation phase (average 13) of Smart City initiatives. In addition, the diversity in the types of actors involved also decreases in the implementation phase, as for example citizens and knowledge institutes are no longer involved. In the innovation phase, a relatively large number of roles are divided among several parties. In the implementation phase however, this is no longer the case. local and national public parties (mainly municipalities and the police) have many roles in both phases, divided over departments within these organizations.
20 May 2021
|
Report
:
Van Innovatie Naar Implementatie In Smart Cities: Aanbevelingen Voor Succes
Criminals and state actors are joining forces against healthcare with varying motives and agendas
Attacks on healthcare are low-risk, high-reward crimes. Acting with near impunity, criminals and state actors are joining forces against healthcare with varying motives and agendas. Attacking healthcare is a lucrative and global business. Attacking healthcare serves geopolitical interests. Not only does attacking healthcare provide state or state-sponsored threat actors with an attractive target for data theft regarding vaccine research and private medical records, but cyberattacks also weaken geopolitical rivals. Attacks on healthcare are widely under-reported. Many organizations don't know what to report and how to do so. The fear of facing liabilities or reputational loss is hampering reporting as is a lack of faith that reporting will lead to prosecution. Threat actors enjoy near impunity, as attribution and prosecution lag behind. There are no transparent and independent mechanisms to track accountability in cyberspace.
28 May 2021
|
Report
:
Playing with Lives: Cyberattacks on Healthcare are Attacks on People
The COVID-19 pandemic has given rise to a concerning convergence of malicious activities and an exacerbation of its existent threat landscape
The COVID-19 pandemic has given rise to a concerning
convergence of malicious activities as well as an exacerbation of its existent
threat landscape. Healthcare is increasingly under attack owing to a
combination of three factors:
• Healthcare services are critical to maintain as patient health depends on
them. This has made hospitals a target of choice for digital extortion.
• Healthcare is the custodian of valuable and sensitive information, such as
medical records and vaccine research, making it an attractive target for
data theft and cyberespionage.
• Healthcare has found itself at the center of strategic inter-state rivalries
due to the pandemic, which have spilled into malicious activities such as
disinformation campaigns against the sector.
28 May 2021
|
Report
:
Playing with Lives: Cyberattacks on Healthcare are Attacks on People
The involvement of human beings bears risk in relation to algorithmic decision making
The involvement of human beings bears risk in relation to algorithmic decision making, especially from a perspective of equality and non-discrimination. Human reasoning is flawed and includes bias, logical errors and fallacies. These human shortcomings can become encoded within the algorithms.
29 May 2021
|
Report
:
Algorithmic discrimination in Europe
The Ministry of Justice and Security wants to innovate more easily and faster
The Ministry of Justice and Security (JenV) wants to innovate more easily and quickly. They want to focus on:
1. The actual conversion of innovation ideas into the operational process
2. Making more capacity available to address the major strategic issues (for example with regard to new technologies) for the future
3. Stimulating cooperation between the various JenV units
The Ministry increases innovation from five perspectives: strategy, ecosystem, process & governance, results and culture. These five perspectives are put into practice on 4 levels: basic facilities, structural implementation, managed implementation, and proactive implementation.
15 June 2021
|
Report
:
Vijf Perspectieven Op Een Volwassen Innovatiefunctie
Growing world market for Intruder Alarm/Perimeter Protection (IA/PP) products
The world market for IA/PP products reached $6.98Bn in 2019 and will grow to $8.83Bn in 2024 at a CAGR of approximately 4.8%, the highest growth we have recorded in the last 11 years. Perimeter security has become a much more important issue in critical infrastructures such as utilities, transportation, government and defense establishments because of the increasing number of threats, which could disrupt operations and lead to huge losses across the whole economy. Demand for IA/PP systems has grown at a faster pace through the integration with Video Surveillance and Access Control. Demand for intruder sensors and alarm products being the staple products of this business have had only a marginal impact on growth in demand. IA/PP is now pushing forward by applying and connecting; radar, thermal / multi-sensor cameras, advanced sensor technologies, wireless technology and also deeper integration with video surveillance & access control. The main driver for growth in the next five years will be the increase in investment in industrial complexes particularly in Asia and the BRIC countries and advances in sensor technologies microwave, active infrared, passive infrared, fiber optics and acoustic sensors. These sensors usually cover large areas and offer volumetric protection by detecting the motion of the intruder within the protected space.
12 May 2021
|
External
:
Major Trends in the Intruder/Perimeter Protection Market 2020
NIS-2 shows: chain and network dependencies are increasingly important in risk management
It has become clear that the protection and security of network- and information systems are extremely network dependent. There are certain risks attached to being involved in an ecosystem and being dependent on chains for important processes. In the EU NIS-2 Regulation, more and more sectors are being designated as vital, so that those organisations and sectors will have to take more steps to ensure the safety of their network- and information systems.
10 November 2022
|
Report
:
NCSC Onderzoeksagenda 2023 - 2026
Development of the national covering system
The purpose of the system is
enabling organizations (public and private) to build their resilience
level and thus their effectiveness
increase through information about cybersecurity
widely, efficiently and effectively
11 January 2023
|
Report
:
Nederlandse Cybersecuritystrategie 2022-2028
Cyber security requirements for a larger group of companies (NIB2)
Cyber incidents do not stop at national borders.
The EU is therefore also involved in strengthening the digital security and resilience within the Union.
11 January 2023
|
Report
:
Nederlandse Cybersecuritystrategie 2022-2028
Organizations respond, recover and learn quickly on and from cyber incidents and crises.
For a response to a national cyber crisis, a
efficient cooperation between government organisations, industry, science and
social organizations of great importance ─
also across local, regional and national borders.
12 January 2023
|
Report
:
Nederlandse Cybersecuritystrategie 2022-2028
The Netherlands has a strong cybersecurity knowledge and innovation chain
To be able to take measures now and in the future
taking action against digital threats must involve the development and application of Dutch knowledge and expertise
in the field of cybersecurity are continuously strengthened.
12 January 2023
|
Report
:
Nederlandse Cybersecuritystrategie 2022-2028
Alert overload
Organisations worldwide use on average about 29 security monitoring software systems. This can result in an alert overload which causes security teams to wrongly prioritise and maintain cybersecurity risks
23 January 2023
|
Report
:
KPN Cyber Security Perspectives 2021
Citizens respond quickly and adequately to cyber incidents
It is important that citizens are enabled to respond quickly and effectively to digital threats, attacks and disruptions. This can be done by being informed at an early stage about current threats that are relevant to them and, in particular, about what they themselves can do to stay safe from them.
26 January 2023
|
Report
:
Nederlandse Cybersecuritystrategie 2022-2028
Governance, direction and cooperation
Within the cabinet, the ministers involved work closely together under the responsibility of the Minister of Justice and Security as the coordinating minister for cybersecurity.
26 January 2023
|
Report
:
Nederlandse Cybersecuritystrategie 2022-2028
Financial substantiation for digital resilience.
This government is investing an additional 111 million euros structurally in cybersecurity, the breakdown per department is shown below. These resources are part of a broader structural investment of 300 million that will strengthen the AIVD and MIVD, among other things, and investments will be made in the field of economic security and vital infrastructure.
26 January 2023
|
Report
:
Nederlandse Cybersecuritystrategie 2022-2028
It is necessary to AI technology is transparent and verifiable
The public sector is increasingly experimenting and working on a modest scale with Artificial Intelligence (AI), for example in the field of mobility and health. In order to do this in an honest and responsible way, it is necessary that AI technology is transparent and verifiable.
Artificial Intelligence has had a major impact on our daily lives. For example, AI is in our smartphones, helps us shop and contributes to scientific research. As such, AI can have great benefits, such as recognition of speech, images and patterns, translation machines, robots and question and answer systems can improve convenience and our user experience.
24 August 2021
|
News
:
TNO and CBS are Joining Forces on Transparent and Verifiable AI Use
Increase in the use of sensing for safety
Sensing offers a sixth sense for the security sector. The technological developments cannot be stopped. However, ready-made sensing solutions are hardly available. Seven building blocks that provide tools for successful application in practice are: testing in practice, business agility, culture of information-driven action, collaboration in an ecosystem, microservice architecture with open source software, meeting legal and ethical requirements, and IT competences for sensing. With attention to legal and ethical frameworks, sensing can contribute to a safer future.
20 January 2021
|
Report
:
Trends in Veiligheid 2020
The Development of a Recognized Cyber Picture
A military commander wants to gain insight into both his cyber and his regular area of operations at a glance. Such an integral picture does not yet exist.
• The techniques and tactics in the operational cyber domain are constantly changing. In order to achieve and maintain a sustainable strategic advantage, this image must therefore be constantly adjusted. For this, the commander needs an extensive team of analysts, architects and developers.
• Current insights and technology from the civil technology domain are projected on the needs of military commanders. These results are now being processed by NATO in the further development of the Recognized Cyber Picture.
• This will ultimately lead to future military commanders being able to make simultaneous decisions about the deployment of physical and digital weapon systems in their area of operations.
20 January 2021
|
Report
:
Trends in Veiligheid 2020
Citizen participation in online investigation
• Public OSINT initiatives such as Bellingcat are increasingly making important contributions to criminal investigations
• The success of public OSINT researchers is due to a combination of much available open information and a well-cooperating network of various specialists, also internationally.
• Investigation authorities can make passive use of such results, but also actively seek cooperation in hackatons or by consciously sharing certain information.
• Points for attention in this collaboration are the protection of the research, but also privacy legislation and the safety of civilian participants.
20 January 2021
|
Report
:
Trends in Veiligheid 2020
Physical safety feeling decreases, but people do feel safe digitally
Ten years ago, 33% of the Dutch sometimes felt unsafe. Now that is 45%. The Dutch have started to feel somewhat less safe in the past 10 years. Online people do feel safe. The Dutch are increasingly aware of their own responsibility in online security, and they take it too. Almost half of the people are even willing to sacrifice privacy if it benefits the fight against crime. We are concerned about the influence of social media on the information we read, for example regarding the elections.
20 January 2021
|
Report
:
Trends in Veiligheid 2020
Stability and chaos required: on the way to a new control room system
Keeping up with technological trends also requires creating some chaos:
• Room for experimentation offers the opportunity to "do things differently" and to innovate permanently.
• Experimenting with "couleur locale", with data analysis, knowledge technology and with new functionalities is a goal in itself.
• Managing critical data independent of context versus using and analyzing it within any predictable or unthinkable scenario is a basic skill.
20 January 2021
|
Report
:
Trends in Veiligheid 2020
Digital resilience and decentralization require citizen participation and support
• There are many innovations that can be used in the interest of digital resilience, but we must not forget what this security is for.
• The Digiwacht are volunteers who guarantee local digital resilience.
• A municipal cybersheriff, elected by citizens to ensure their digital resilience.
• National artificial intelligence to protect the digital Netherlands, trained throughout the Netherlands.
20 January 2021
|
Report
:
Trends in Veiligheid 2020
Capacity challenges in the police force, shift to Information-Driven Action
• Due to demographic developments, among other things, the police have capacity challenges. In 2040 there will be only 2 working people per 1 pensioner.
• To be future-proof, the police must change their way of working.
• We propose to act Information-driven, to really realize the use of new technologies in a pressure cooker environment and to apply digital triage.
• By working in these innovative ways, the police can solve more cases and strengthen confidence in the police.
20 January 2021
|
Report
:
Trends in Veiligheid 2020
Knowledge and opportunities of artificial intelligence in the security domain
• Artificial intelligence (AI) is still new and unknown to many - and the unknown is scary.
• AI is everything that machines cannot yet do.
• Nuance 'science' and 'fiction' from AI.
• Mirror performance of AI with performance of humans.
• Focus on knowledge and prevent a digital skills gap.
20 January 2021
|
Report
:
Trends in Veiligheid 2020
The decentralization of supervision of Public Order and Safety leads to fragmentation of information
• Responsibilities of the police are increasingly shifting to the municipal BOAs.
• Recording data in municipal systems detracts from the formation of an integrated security picture.
• A more valuable and smarter information provision can lead to early insight and identification, and possible prevention of criminal activities in the future.
• Communication between the authorities remains important. Mainly for information, knowledge
and share "gut feeling" about potential offenders.
20 January 2021
|
Report
:
Trends in Veiligheid 2020
There is a continuing strong relationship between executives and security professionals
Over the years in our survey, we’ve measured four critical practices for fostering a mutually beneficial relationship between executives and the security organization . This exercise evaluates top-down security buy-in, where we’ve found a slight downward trend from last year . Looking at these results:
• Eighty nine percent of respondents said that their executive leadership still considers security a high priority; however, this is down slightly (7%) across the preceding four years.
• The percentage of organizations who have clarified the security roles and responsibilities within the executive team has fluctuated over the past few years – landing at 89% this year. Considering cybersecurity’s growing visibility and the dire need for security leaders at top levels, clarifying roles and responsibilities needs to remain high.
• The incorporation of cyber risk assessments into overall risk assessment processes is down by 5% from last year, but is still high with 91% of respondents saying they use them.
• Although down by 6% from last year, executive teams establishing clear metrics for assessing the effectiveness of security programs is still rather high with 90% of our respondents doing so.
Over four years, these responses are slightly down, which may indicate: 1) that the scope of security responsibility is changing, 2) that communication with the executive team isn’t as clear as it used to be, 3) that executive management has other business priorities, or 4) that CISOs and executives are re-evaluating their metrics.
And although these numbers are down, they are still very high . Perhaps this is because security has now become operationalized, but requires a greater voice at the executive table. The fact that the numbers are still very high indicates a continuing strong relationship between executives and security professionals.
22 January 2021
|
Report
:
Securing What's Now and What's Next
time-to-detect and time-to remediate are important metrics for assessing the effectiveness of an organization's security program
90% agreed their organization’s executives had established clear metrics for assessing the effectiveness of their security program. IT decision-makers responding to our survey rated time-to-detect highest as a key performance indicator (KPI). Establishing clear metrics is an integral activity for a security framework, and it isn't an easy task to agree across multiple executives and security teams how to measure operational improvement and security outcomes .
IT decision-makers responding to our survey rated time-to-detect highest as a key performance indicator (KPI). However, when you’re reporting to the C-suite or board of directors, time-to-remediate ranks just as important, as it represents an aggregate of total impact that may include: system downtime, records affected, cost of investigation, lost revenue, lost customers, lost opportunities, and out-of-pocket costs. It can also be a proxy metric for the overall effectiveness of the IT organization, as remediation can require a lot of collaborative work across departments .
22 January 2021
|
Report
:
Securing What's Now and What's Next
the best way to allocate security spend is through outcome-based objectives and metrics
Sixty one percent are using this planning method, a 10% increase from the previous year and an encouraging trend. ‘Percent of revenue’ and ‘outsourcing costs’ were the least used factors to determine security budgets. Fifty-four percent base spending on the previous years’ budget. Although this may not seem like a precise way to quantify security costs – especially when the average cost of a data breach globally ($3 .92M) is rarely factored in – if your budget is flat year over year or you have predictable SaaS subscriptions, your forecasted budget will probably see very little change .
22 January 2021
|
Report
:
Securing What's Now and What's Next
Organizations are spending more on prevention versus being reactive in their cybersecurity posture
In exploring how security budgets are spent, we surveyed our respondents on five categories (Identify, Protect, Detect, Respond, and Recover) that describe the lifecycle of cybersecurity defense and breach management:
• The category Identify saw a rise in expenditures from 21% to 27% from 2019 to 2020
• Protect and Detect remained basically the same at 25% and 18% respectively
• Spending in the Respond and Recover categories declined somewhat in the same timeframe to 15% and 14% respectively
Enterprises are always trying to find the right balance between being proactive and being responsive and resilient, and that pendulum swings back and forth every year. Last year, organizations may have been concentrating their efforts on the basics (asset inventory, discovery, etc.). And theoretically, if you spend right on Identify, Protect and Detect up front, you shouldn't need to spend as much on Respond and Recover, as they aren’t needed as often.
22 January 2021
|
Report
:
Securing What's Now and What's Next
The business impacts of security breaches
Organizations having more than 100,000 records impacted from their most severe data breach rose from 15% last year to beyond 19% this year.
Large enterprises (10K or more employees) are more likely to have less downtime (0-4 hours), as they will likely have more resources available to help respond and recover . Small to mid-sized organizations dominated the 5-16 hour recovery timespan, and catastrophic downtimes of 17-48 hours were similarly low for organizations of all sizes.
The most impacted business areas were operations and brand reputation.
the number of respondents experiencing a hit to brand reputation from major breaches has risen from 26% to 33% in three years. With the impact to the overall brand on the rise, it’s crucial to include crisis communications planning into your overall incidence response plan.
22 January 2021
|
Report
:
Securing What's Now and What's Next
At 61%, the percentage of survey respondents reporting that they voluntarily disclosed a breach last year is at the highest level in the previous four years
This shows that, overall, organizations are proactively reporting breaches, perhaps as a result of new legislation – or maybe from increased social consciousness and a desire to maintain customer trust.
The upside to this is that more than double the number of organizations that experienced a breach that lasted over 17 hours disclosed the breach voluntarily versus those that disclosed the breach involuntarily or due to reporting requirements.
More than half of all breaches (51%) put organizations on the defensive, having
to manage the public scrutiny that comes with a breach. But while governmental reporting requirements have increased, involuntary disclosure remains largely the same at just over a quarter (27%) of breaches. And 61% of respondents are now finding that their credibility rises when they voluntarily disclose a major breach, thus preserving their brand reputation.
22 January 2021
|
Report
:
Securing What's Now and What's Next
Outsourcing of security has increased significantly
Compared to last year’s report, outsourcing has increased significantly, possibly indicating a historical trend as vendor landscapes become so complex to manage in-house. Interestingly, organizations reported that they’re expecting their outsourcing to decrease in the future.
Our respondents are outsourcing for a variety of core reasons, and it’s not only cost. Cost efficiency is marginally ahead as the number one reason at 55%. However, it's quickly followed by security teams that want more timely responses to incidents (53%).
We found that 34% of you are outsourcing incident response services, and 36% are using external/third-party services to analyze compromised systems, which has risen from last year. Using an incident response service has become an efficient approach for protecting assets, mitigating risk, and maintaining compliance. It can help your organization protect against the unknown by having proactive planning and expertise to coordinate and carry out a response.
22 January 2021
|
Report
:
Securing What's Now and What's Next
Patching is critical in breach defense, as 46% of organizations (up from 30% in last year’s report) had an incident caused by an unpatched vulnerability
In addition, those that had a major breach due to an unpatched vulnerability last year experienced higher levels of data loss. For example, 68% of organizations breached from an unpatched vulnerability suffered losses of 10,000 data records or more last year. For those who said they suffered a breach from other causes, only 41% lost 10,000 or more records in the same timeframe.
It’s well known that patching can be difficult and cause disruptions. However, these results show that there is a tangible ROI in implementing a minimum baseline policy for the most recently released patches. Organizations should maintain an up-to- date inventory of all devices in their environment and perform a risk analysis for any missing patches. Then, create a change management process to enforce version control and documentation.
22 January 2021
|
Report
:
Securing What's Now and What's Next
The most common causes of downtime are malware and malicious spam
Interestingly, the third cause diverges depending on the length of downtime . For breaches with downtime between 0-4 hours, phishing is the third most common cause . For downtime between 4-24 hours, it’s spyware. For anything over 24 hours, it’s ransomware. Significantly, ransomware doesn’t discriminate; it was the most destructive threat for both small and enterprise organizations in terms of downtime. The large amounts of resultant downtime may be due to the depth of investigation needed to assess the damage, attempt to restore backups, and fix the entry vectors.
22 January 2021
|
Report
:
Securing What's Now and What's Next
More than half (52%) told us that mobile devices are now very or extremely challenging to defend
They’ve overtaken user behavior, which was the biggest challenge from last year’s report .
With a zero-trust framework, you can identify and verify every person and device trying to access your infrastructure. Zero trust is a pragmatic and future-proof framework that can help bring effective security across your architecture – spanning the workforce, workload, and workplace.
A zero-trust framework achieves these three success metrics, among others:
• The user is known and authenticated
• The device is checked and found to be adequate
• The user is limited to where they can go within your environment
Having zero trust in place removes much of the guesswork in protecting your infrastructure from all potential threats, including mobile devices.
22 January 2021
|
Report
:
Securing What's Now and What's Next
Only 27% of organizations are currently using multi-factor authentication (MFA)
This number is low for such a valuable zero-trust technology. Survey respondents from the following countries showed the highest adoption rates of MFA in this order: USA, China, Italy, India, Germany, and the UK. The industries with the highest adoption rates (in this order) are software development, financial services, government, retail, manufacturing, and telecommunications.
22 January 2021
|
Report
:
Securing What's Now and What's Next
Private cloud infrastructure is a top security challenge for organizations
Private cloud infrastructure is a top security challenge for organizations. (Fifty percent of organizations find it very or extremely difficult to defend).
22 January 2021
|
Report
:
Securing What's Now and What's Next
In 2020, we continued to see more than 83% of organizations managing more than 20% of their IT infrastructure in the cloud (whether internally or externally)
Through our research, we’ve found that increased effectiveness, efficiency, and visibility are some of the main drivers for organizations to move their security (88%) and infrastructure (89%) to the cloud. And it’s not surprising to see that 86% say utilizing cloud security has increased visibility into their networks.
22 January 2021
|
Report
:
Securing What's Now and What's Next
The overwhelming number of security alerts is having an impact on cybersecurity fatigue
Of those who say they are suffering from cyber fatigue, 93% of them receive more than 5,000 alerts every day.
Defined as virtually giving up on proactively defending against malicious actors, 42% of respondents are suffering from cybersecurity fatigue.
The overall number of daily alerts you are dealing with has increased over previous years. In 2017, 50% of organizations were receiving 5,000 or fewer daily alerts; now only 36% are in this category. And the amount of organizations who receive 100,000 or more daily alerts has grown from 11% in 2017 to 17% in 2020.
Perhaps because of this increase in volume and the processing resources needed, alert investigation is at its lowest level in over four years at just under 48%. (The number was 56% in 2017, and it’s been decreasing every year since.) The rate of legitimate incidents at 26% is consistent year-over-year and suggests that many investigations are turning up false positives.
On a positive note, the number of legitimate threats that are remediated has improved since last year’s report, and we’re now back to 2017 levels at 50%. However, this still means that half of all real incidents are being left unattended.
To deal with the increasing noise and volume of alerts, we advocate for an approach that has automation at its heart. Automation enables policies to be enforced more consistently, quickly, and efficiently. When a device is determined to be infected or vulnerable, it’s automatically quarantined or denied access with no action required from an administrator.
22 January 2021
|
Report
:
Securing What's Now and What's Next
Shift in focus towards industry
We have seen a shift in the hackers’ behaviour in the last six to 12 months as they focus more on industries such as energy and manufacturing. We believe there are three reasons for this. Firstly, reliance on automation (i.e. managed by computers). Secondly low maturity in cyber resilience (e.g. poor back-ups, limited disaster recovery planning or testing). Finally, low tolerance to what is often a high-impact outage. This offers rich pickings for ransomware attacks.
14 April 2021
|
Report
:
Hiscox Cyber Readiness Report 2020
Evolved ransomware techniques
We are seeing hackers’ ransomware techniques evolve. Typically in larger attacks there are two distinct phases after the initial infection. The first phase is lateral movement. This is where attackers look for valuable assets (e.g. finance data) and assess the size of the target to set the ransom amount. The second phase is ransomware attack. This often happens at the weekend when there is less chance to react and when hackers can cause the most damage. There can typically be a period of one to three weeks between these two phases. Companies with good detection capabilities can stop the attack in this time and therefore suffer shorter outages, lower overall costs and less impact to business.
14 April 2021
|
Report
:
Hiscox Cyber Readiness Report 2020
Two commonly seen types of ransomware attack
We commonly see two types of ransomware attack. The first is targeted attacks. These are focused on larger organisations (so called ‘big game ransomware’) where a hacker group will specifically target key individuals with highly personalised phishing scams. The second
is mass scanning. This is where hackers will look for key weaknesses in servers exposed on the internet (e.g. remote access and VPN servers). In these cases, the attacks are mostly indiscriminate, and the attackers will infect any company they find vulnerable.
14 April 2021
|
Report
:
Hiscox Cyber Readiness Report 2020
Standalone cyber insurance
As a cyber insurer, it is only natural that we would promote standalone cyber insurance. But it is important to point out that standalone cyber insurance is dedicated to getting businesses back up and running quickly after a cyber attack. Cyber insurance provides a range of services like IT forensic response, crisis communication, legal advice and, if necessary, credit card monitoring. Coverage in other policies rarely provides all these specialised services, and, in some cases, may not respond at all.
14 April 2021
|
Report
:
Hiscox Cyber Readiness Report 2020
Cybersecurity incidents increased as well as the costs of insider threats.
Cybersecurity incidents increased by 47%. The cost of insider threats rose by 31%.
19 April 2021
|
Report
:
Insider Threat
More organisations are choosing to use Zero-Trust principles for securing their IT-infrastructure
More and more organisations are choosing to use Zero-Trust principles for securing their IT-infrastructure. Zero-Trust principles provide organisations with new possibilities to minimise (unknown) risks. With the number of malware and ransomware attacks increasing, a new vision on securing IT-infrastructures is necessary.
26 August 2021
|
Report
:
Factsheet 'Bereid u voor op Zero Trust'
Successful implementation of Zero Trust leads to minimal exposure of cyber attacks
When Zero Trust principles are implemented successfully into an IT-infrastructure this leads to minimal exposure of cyber attacks, a higher continuity of critical processes, an increased and cost-effective compliance and a 'future-proof' architecture.
26 August 2021
|
Report
:
Factsheet 'Bereid u voor op Zero Trust'
Blockchain has great disruptive potential
Blockchain is believed to have great disruptive potential, whether applied alone or in combination with other capabilities. Interest in DLT has exploded, with blockchain- and cryptocurrency-focused startups collecting almost $3.9 billion in investments in the first three quarters of 2018 – that’s nearly three times the total for all of 2017. The World Economic Forum also predicts that blockchain technology will account for 10 percent of the global GDP by 2027. With all the attention on blockchain technology, we’ve also seen great progress in this field – this is mainly driven by smaller open-source parties, rather than bigger technology companies.
28 May 2021
|
External
:
Technology Trend Report 2020
Digital experience, analytics, and cloud as enabling technologies that have proven their value
Digital experience is one of the 9 macro technology forces and a pillar of innovation. Digital experience is an enabling technology that has proven its value. It continues to be a critical driver of enterprise transformation. 64% of participants in Deloitte's 2018 global CIO survey say digital technologies will affect their business in the next three years.
Analytics includes foundational capabilities and tools that generate powerful
insights. Data management, data governance, and supporting architecture are age- old problems that not only are critical building blocks for AI programs but are tactical concerns as organizations work in a dynamic and complex regulatory environment with mandates on data residency, privacy, and usage. CIOs understand what’s at stake: 60 percent of them say that data and analytics will affect their businesses in the next three years.
Cloud's takeover of the enterprise is nearly complete: 90% of organizations use cloud-based services. cloud investments are expected to double as a percentage of IT budget over the next three years.
17 May 2021
|
Report
:
Tech Trends 2020
Digital reality, cognitive technologies, and blockchain as disruptive technology
As the change agents of the coming decade, these newer trends may no longer be considered novel, but they’re on the cusp of becoming as familiar and significant as their predecessors.
- Digital reality technologies have the goal to promote more natural user engagement by seamlessly extending a human-centric experience beyond the confines of keyboards and screens. Commercial application is growing, for example: many companies are using digital reality technologies to deepen emotional connections and empathy among customers and employees.
- Cognitive technologies have the potential to transform nearly every industry. These technologies personalize and contextualize the human-technology interaction, allowing businesses to provide tailored language- and image-based information and services, with
minimal or no human involvement. Demand for these technologies is skyrocketing.
- Financial services and fintech companies continue to lead blockchain development, but other sectors are also advancing blockchain initiatives.
17 May 2021
|
Report
:
Tech Trends 2020
To carry the weight of technology driven transformation foundational technologies need to be stable, strong and sustainable
Three foundational technologies
- Business of technology:
- Risk
- Core modernization
The business of technology, risk, and core modernization are foundational technologies. To carry the weight of technology-driven transformation and innovation initiatives, they need to be stable, strong, and sustainable.
The business of technology, risk, and core modernization may seem prosaic and dull, but these forces are undeniably the heart of the business. And companies continue to make considerable investments and advances in these well-established domains. Combined, they provide a reliable, scalable foundation for digital transformation, innovation, and growth, and are a requirement for successful investments in analytics, cognitive, blockchain, and other disruptive technologies.
17 May 2021
|
Report
:
Tech Trends 2020
Emerging forces on the horizon: ambient experience, exponential intelligence, and quantum
Three technology developments and innovations—the horizon next—are waiting in the
wings. We will begin to feel their impact toward the end of the 2020s.
- Ambient experience: technology as part of the environment. As devices become seamless and ubiquitous, they and we are becoming increasingly inseparable.
- Exponential intelligence: will build on today's cognitive capabilities. Today, AI lacks the ability to recognize and respond to the nuances of human interaction and emotion. The future promises more.
-Quantum: harnesses the counterintuitive properties of subatomic particles to process information and perform new types of computation, communicate “unhackably,” miniaturize tech, and more
17 May 2021
|
Report
:
Tech Trends 2020
Earning trust in a time of constant tech disruption as a challenge and opportunity
With the advent of digital technology, businesses have been asking customers to trust them in new and deeper ways, from asking for personal information to tracking online behavior. In what is recognized as an emerging trend, some companies are approaching trust not as a compliance or public relations issue, but as a business-critical goal that must be pursued.
18 May 2021
|
Report
:
Tech Trends 2020
It and finance leaders work together to develop flexible approaches for funding innovation
An obstacle for innovation ambitions slowing innovation efforts is the sourcing and distribution of funds. IT's operations and development processes are becoming nimbler and product-focused while the finance function continues to budget, fund, and report in the same way as it has been doing for decades, leading to tension between IT needs and finance procedures.
Over the next 18 to 25 months, there is the expectation to see more It and finance leaders working together to develop flexible approaches for funding innovation at the speed of agile.
18 May 2021
|
Report
:
Tech Trends 2020
Leveraging next-generation digital twin capabilities to design, optimize, and transform the enterprise
Companies are using digital twin capabilities in a variety of ways. Digital twins can simulate any aspect of a physical object or process. They may take many forms, but they all capture and utilize data that represents the physical world. As the digital twins trend accelerates in the coming years, more organizations may explore opportunities to use digital twins to optimize processes, make data-driven decision in real time, and design new products, services, and business models. Sectors that have capital-intensive assets and processes like manufacturing, utilities, and energy are pioneering digital twin use cases already. Others will follow as early adopters demonstrate first-mover advantage in their respective sectors. Longer term, realizing digital twins' full promise may require integrating systems and data across entire ecosystems.
Recent MarketsandMarkets research suggests efforts are already underway: The digital twins market had an estimated worth of US$3.8 billion in 2019 and is projected to reach US$35.8 billion in value by 2025. Over the course of the last decade, deployment of digital twin capabilities has accelerated due to a number of factors:
- Simulation: tools for building digital twins are growing in power and sophistication.
- New sources of data
- Interoperability: the ability to integrate digital technology with the real world has improved dramatically.
- Visualization: The sheer volume of data required to create digital twin simulations can complicate analysis and make efforts to gain meaningful insights challenging. Advanced data visualization can help meet this challenge by filtering and distilling information in real time.
- Instrumentation: IoT sensors, both embedded and external, are becoming smaller, more accurate, cheaper, and more powerful.
- Platform: Increased availability of and access to powerful and inexpensive computing power, network, and storage are key enablers of digital twins.
18 May 2021
|
Report
:
Tech Trends 2020
Reshaping human-machine connections through AI, neuroscience, and human-centered design
The way we experience technology will be changed with a growing class of AI-powered solutions (referred to as affective computing or emotion AI). As part of the emerging human experience platforms trend, during the next 18 to 24 months more companies will ramp up their responses to a growing demand for technology to better understand humans and to respond to us more appropriately.
Early trend participants recognize that the stakes are high. The ability to leverage emotionally intelligent platforms to recognize and use emotional data at scale will be one of the biggest, most important opportunities for companies going forward. The human experience platforms trend reverses traditional design approaches by starting with the human and emotion-led experience we want to achieve, and then determining which combination of affective and AI technologies can deliver them. The big challenge that companies will face is identifying the specific responses and behaviors that will resonate with—and elicit an emotional response from—a diverse group of customers, employees, and other stakeholders, and then developing the emotional technologies that can recognize and replicate those traits in an experience.
In the coming months, we expect growing demand for technologies to become more human. We’ve reached a point in the digital revolution at which everyone’s connected to technology but not necessarily to each other
The human experiences platforms trend is fueled by a growing demand from system users that technologies engage us in more meaningful, human-like ways. In the coming years, we expect this demand to become a nonnegotiable expectation. Today, trend pioneers are integrating affective computing, AI, and neuroscientific research into their strategies and systems to transform the rules of user engagement. In the near future, “emotionally intelligent” technologies and tactics will likely give rise to new business models and ways of working.
18 May 2021
|
Report
:
Tech Trends 2020
Evolve the role of architects to transform systems architecture and support the speed of business
The 'architecture awakens' trend is a direct response to external pressures many CIOs face today as established organizations are struggling to keep pace with the changing technology landscape. In the coming months we expect to see more organizations move architects out of their traditional ivory towers and into the trenches with the goal to move the most experienced architect to software development teams that are designing complex technology. Once redeployed and empowered to drive change, architects can help simplify technical stacks and create technical agility that currently gives younger competitors a market advantage.
The role of the architect will be redefined to be more collaborative, creative, and responsive to stakeholder needs. Going forward, their mission will be to do bold new things not only with traditional architectural components but with disruptive forces (blockchain, AI, Machine learning).
18 May 2021
|
Report
:
Tech Trends 2020
BEC fraud is increasingly occurring in the Netherlands
CEO- and digital invoice fraud, also known as BEC fraud is amongst the top three forms of cybercrime that cause the most financial damage. According to the FBI, between 2016 and 2019, BEC fraud caused 26 billion-dollars in financial damages worldwide. BEC fraud is also increasingly occurring in the Netherlands.
22 June 2021
|
News
:
New Approach Against CEO- and Digital Invoice Fraud to Oppose Cyber Criminals
In the biological, physical and digital domain, new technologies are rapidly developing
Many new technologies are developing in the biological, physical and digital domain. In particular, the development of Artificial Intelligence (AI) and the emergence cyber-physical systems are important. The latter technology provides a link between the physical and the digital world. Such technologies can provide new ways of delivering services, but can also facilitate new forms of crime. For example, AI can be utilised in order to commit identity forgery, AI snooping and vehicle hacking.
30 April 2021
|
Report
:
The future challenges facing criminal justice systems
Responsive government: further digitization and fast development result in datafication of society and the economy
Responsive government: further digitization and fast development of data technology result in datafication of society and the economy. Data sharing is no longer a means of automation or the digitizing of existing processes. It is the backbone of many public tasks and a source of economic growth. In addition to bringing opportunities, this age of datafication also poses challenges causing more attention is being paid to safeguarding public value in the digital society. Government is increasingly seeking cooperation with business and civil society to seize opportunities and keep a grip on the risks.
23 May 2021
|
Report
:
De Overheid als Partner bij Datadelen
OT reliance threatens secure operations due to increasing cyber risk
There is a wide range of reliance on operational technology (OT) systems ranging from purely manual to highly automated processes. OT is hardware and software that monitors or controls industrial equipment, assets, processes and events. This OT reliance threatens secure operations due to increasing cyber risk. The operational technology domain culturally has been more safety-aware than security-aware compared with IT, challenging effective security governance and policy in integrated IT/OT environments. Additionally, from a security perspective, OT networks have been unmanaged for many years. They are a mix of OT protocols, unidentified assets, legacy systems and devices with unsecure communications. Third, applying a “one-size-fits-all” security controls methodology across IT and OT, as well as not fully accounting for differing security requirements, lead to decreased security efficacy from a cyber security perspective.
1 June 2021
|
Report
:
HSD Report: Implications of OT and IT Integration for Cyber Security
The interconnectivity between IT and OT increases risk of cyber-attacks in both environments
With the raise of technologies such as Big Data, Data Analytics and the Internet of Things, organisations have increasing business needs to integrate OT with IT networks via connections to the internet. This interconnectivity is mostly used for the exchange of data for the purpose of management information and to provide access for suppliers and maintenance personnel. This development introduces the IT personnel as stakeholders in the OT field. Due to the interconnectivity between IT and OT both environments are more conducive to cyber-attacks.
3 June 2021
|
Report
:
HSD Report: Implications of OT and IT Integration for Cyber Security
There is no clear concept of an 'OT security person'
There is no clear concept of an ‘OT security person’. Whereas there is a general consensus on IT roles and functions with their according tasks and responsibilities, these functions are lacking for OT. This hiatus shows for example through the scarcity of OT security job vacancies. Also, the OT counterpart of IT security study programmes is not established. Young professionals in OT usually have a solid basic knowledge, but universities and schools embed little attention to security in their programmes.
3 June 2021
|
Report
:
HSD Report: Implications of OT and IT Integration for Cyber Security
Unclarity regarding OT security responsibilities
Who is, or should be, in charge of OT security? Is it someone in the operational part of the organisation? Or an IT or HSE officer? Maybe OT is a shared responsibility, that can not be attributed to one person. OT security often comes down to the IT manager as a side task; but the IT manager also does not have the appropriate knowledge. This may result in a wrong approach to OT security.
3 June 2021
|
Report
:
HSD Report: Implications of OT and IT Integration for Cyber Security
Lack of OT security awareness on boardroom level
The general awareness at boardroom level is not sufficient yet. Boardroom members usually do not have a technical background: explaining to them why OT security is important, is therefore a challenge. At the same time, organisations are willing to learn. Internally, stakeholders see that employees at all levels are increasingly open to OT security training and awareness sessions.
3 June 2021
|
Report
:
HSD Report: Implications of OT and IT Integration for Cyber Security
Lack of organisational communication about cyber attacks
The general tendency in companies is to not communicate about cyber attacks that they have endured, due to not knowing about the attack, feelings of embarrassment, or fear of reputational damage. The persistent silence about cyber attacks counteracts the learning process. Severe cyber incidents must be connected with business continuity management and crisis management.
3 June 2021
|
Report
:
HSD Report: Implications of OT and IT Integration for Cyber Security
Asset management and validation is lacking in OT environments
In OT environments asset validation is lacking – at least on the Dutch market. The problem here is that the source code of OT assets is often not provided by the supplier. As a result, companies possibly use these assets without being able to test these components for security.
3 June 2021
|
Report
:
HSD Report: Implications of OT and IT Integration for Cyber Security
Patching is a challenge in OT environments
Patching, the installation of software updates, is a challenge in OT environments. A patch can result in unforeseen incompatibility with connected systems, thereby disturbing the production process. This is even more of a challenge because organisations cannot simply put their systems on hold for a couple of hours. To prevent compatibility issues, organisations usually wait for vendor approval for a patch. Dependent on the vendor, it can
take some time before a patch can be installed, possibly leaving the system vulnerable in the meantime.
3 June 2021
|
Report
:
HSD Report: Implications of OT and IT Integration for Cyber Security
Testing OT environments is challenging
Testing within OT environments is not as trivial as testing within IT environments. Testing on the production environment can cause undesired, or severe, disruptions in the production
process. Because, whereas the simulation of IT environments can be done relatively easily and cost effective by cloning the IT environment on a separate network or to the cloud, you cannot ‘copy-paste’ an OT environment with its the physical components. Regarding the latter, the development of OT simulation software is evolving; this software enables so-called digital twins.
3 June 2021
|
Report
:
HSD Report: Implications of OT and IT Integration for Cyber Security
Lack of Root Cause Analysis in OT security
A lack of, or unjust, root cause analysis is a problem in OT environments. When a defect or an unplanned disruption in the system happens, it is sometimes classified as a maintenance issue such as ‘component is defect – must be replaced’, while the actual cause could be a hack. In this case, there is a wrongly diagnosed root cause and a solution that will not solve the problem.
3 June 2021
|
Report
:
HSD Report: Implications of OT and IT Integration for Cyber Security
Digital Security cluster contains various technologies crucial to a nation's security (JenV)
The cluster Digital Security in the TechAgenda of JenV contains various technologies that are crucial in securing society. These are technologies that impact the security of data-exchange, communication, identification, data storage and use of networks and infrastructure. These include: cybersecurity and post-quantum cryptography, but also blockchain. Important terms and developments within blockchain are privacy enhancing technologies (PETs), self sovereign identity (SSI), smart contracts. Within cybersecurity, automated vulnerability scanning and automated response are crucial and need to be implemented into the ministry.
Digital security is not only important for society, but it is also something that the ministry itself needs to work on.
13 January 2023
|
Report
:
TechnologieAgenda JenV
In the US there is a huge need for privacy advice and compliance management
"During my visit in 2018, I saw that the security and compliance market in the US is or can be enormous. That is when I thought, this is the place to be for us!”. We noticed that in the US there is a huge need for privacy advice, also with the CCPA (California Consumer Privacy Act) coming in effect in 2020, and our compliance management framework (software-tooling). In 2020, we have managed to interest the first four partners and are going to be in the US before the phase of a final offer. We extended our lease contract with Bwtech. At the beginning of 2020, we want to go back to the US. We are currently preparing for this.
18 May 2021
|
News
:
How Audittrail Entered the US Market Through Soft-Landing Programme
Hardware vulnerabilities with (potentially) major consequences announced
The past year saw further growth in the number of vulnerabilities in hardware. A certain type of attack (transient execution attack) again led to changes this year in all Intel processors and all popular operating systems. SSDs with hardware encryption contain such serious vulnerabilities that the encryption is of no value. Even newly released memory chips (DRAM) appear to have known vulnerabilities. The "DRAM vulnerability" is particularly worrying because there is no solution for it and will remain for years to come. There are currently no alternatives.
13 January 2021
|
Report
:
Cybersecuritybeeld Nederland
53% of cybersecurity attacks cause over US$500,000 in damage
53% of cybersecurity attacks cause over US$500,000 in damage
22 January 2021
|
Report
:
2020 Global Networking Trends Report
Increased mobility causes cybersecurity risks
According to the Cisco “VNI Forecast Highlights Tool,” global business mobile data traffic will grow sixfold from 2017 to 2022 at an annual growth rate of 42%.12 Business mobile users will continue to expect immediate and high- performance connectivity anywhere, anytime, and on any device over Wi-Fi and public 4G and 5G networks. At the same time, wireless IoT devices will become increasingly ubiquitous in all aspects of our lives.
Employees accessing cloud applications from corporate and private devices when off network is creating a lack of visibility and control that network and security administrators haven’t faced. And a wave of IoT devices will add to wireless networking requirements in terms of scale, different traffic patterns, and security.
22 January 2021
|
Report
:
2020 Global Networking Trends Report
Cybersecurity threats are becoming increasingly sophisticated and dangerous across a broader attack surface that is no longer contained within well-defined and defended perimeters
Cybersecurity threats are becoming increasingly sophisticated and dangerous across a broader attack surface that is no longer contained within well-defined and defended perimeters.
In particular, as workloads move off-premises, there is a danger that IT will lose visibility.
While the network will continue to be a powerful ally in identifying and containing threats, network and security operations need to share data and integrate tools and workflows to best combat the continued rise in number and sophistication of attacks. In addition, the network can extend the reach of IT into cloud environments to help protect applications and data even when not directly under their control.
22 January 2021
|
Report
:
2020 Global Networking Trends Report
Changing role of network security
Key findings
• Network strategists identified security as a top investment area, second only to AI.
• 43% of network teams identified improved embedded network security capabilities as a priority.
• In 2019, 48% of CISOs identified “time to remediation” as a main key performance indicator (KPI), up from 30% in 2018.
• Almost 75% of network leaders were confident they will have AI-enabled adaptive or automated policy definition and enforcement in two years.
22 January 2021
|
Report
:
2020 Global Networking Trends Report
IT talent survey: Top skills and expertise are needed
Data from our IT talent survey reveals that across IT in general, advanced technologies such as cloud expertise, enterprise architecture, big data and analytics, DevOps, and cybersecurity top the list of technical skills and expertise in need.
Our own IT talent survey reveals that a lack of business acumen is the number-one skills gap in IT today. Filling this gap will be critical as organizations transition to intent-based networks. By speaking the language of the business, IT can effectively translate business objectives, or intent, into high-level IT policies, which in turn can determine infrastructure and device configurations.
22 January 2021
|
Report
:
2020 Global Networking Trends Report
Smaller organizations faced about the same level of public scrutiny as their larger counterparts.
One common myth is that the media only wants to talk about massive and devastating corporate or governmental data breaches. This could lead some smaller organizations into believing that they won’t face much, if any, public scrutiny when they suffer a cyberattack. This is false. Last year, smaller organizations faced about the same level of public scrutiny as their larger counterparts.
30 March 2021
|
Report
:
Big Security in a Small Business World
Downtime
When an SMB gets hit by a cyberattack that results in a level of downtime (loss of business hours), the myth suggests that they don’t have the resources to rebound nearly as fast as their larger counterparts.
This is false. Data suggests that there is very little difference in the amount of downtime suffered by SMBs and larger organizations.
30 March 2021
|
Report
:
Big Security in a Small Business World
Lack of dedicated security personnel
With everyone pitching in wherever necessary in SMBs, there’s an assumption that cybersecurity is just one aspect of someone’s job. And that this person is also balancing other aspects of IT management such as managing data centers and evaluating new hardware. The myth is that SMBs have few, if any, dedicated resources for cybersecurity.
This is false. While this may be the case for some, SMBs overwhelmingly told us that they do have dedicated employees for cybersecurity. In fact, less than 1% of SMBs told us that they didn’t have anyone dedicated to security. Perhaps even more surprising, 60% said they had over 20 people dedicated to security – although we didn’t specify what level of involvement that dedication may entail or if the employees were outsourced with a managed security service provider (MSSP).
30 March 2021
|
Report
:
Big Security in a Small Business World
Keeping infrastructure up-to-date
With the frequency of consumers upgrading to the latest smartphone, it may seem that larger organizations can afford to replace each element of their security infrastructure. But what about smaller businesses, where that cycled investment might have greater impact on their annual IT budget?
This is partially true. When asked to describe their infrastructures, and their strategy for investing and replacing key security technologies, here’s what SMBs told us: Almost all SMBs are diligent about keeping their infrastructure up to date.
30 March 2021
|
Report
:
Big Security in a Small Business World
Difference in threats between SME's and Corporates
Cyber criminals want the biggest prize, so they’ll use their most stealth and dangerous tactics against the larger businesses, right?
This is partially true. We compared the types of cyberattacks that SMBs and large enterprises reported they’ve experienced in the past year, with how much downtime (loss of business hours) the attacks caused. We did this using four categories based on organizational number of employees and ranked the events most likely to create more than 24 hours of downtime.
30 March 2021
|
Report
:
The future challenges facing criminal justice systems
Threat hunting
Threat hunting is a proactive security exercise, with the intent of finding and rooting out attackers that have penetrated your environment and haven’t raised any alerts. This contrasts with traditional investigations and responses that stem from alerts that appear after potentially malicious activity has been detected.
The whole concept of threat hunting sounds like it involves a mysterious crime scene investigation, with its nuances and complexity out of reach for smaller businesses. SMBs have their hands full trying to investigate alerts; they don’t have time to go hunting for other threats, right?
FALSE: From our survey data, not only do 72% of SMBs have employees dedicated to threat hunting, but this is also close to the percentage of large organizations who have a threat hunting department.
Although their levels of maturity may differ from larger organizations due to less resources, our data suggests that SMBs recognize the value of, and are embracing a proactive approach towards cybersecurity.
30 March 2021
|
Report
:
Big Security in a Small Business World
Testing incident response plans with drills/exercises
As Mike Tyson often said, “Everyone has a plan until they get punched in the face.” Until you know how your incident response plan performs in action, it’s only worth the words on the page.
But smaller businesses don’t have the luxury of time and resources to test their plans, right? Surely that would cause more disruption than it would be worth.
FALSE: This myth is simply not true. Only one percent of SMBs never test their plan, and four percent rarely test. Twelve percent test every two years, 36% test annually, and the largest percentage (45%) test every 6 months.
30 March 2021
|
Report
:
Big Security in a Small Business World
SME Leadership Taking Security and Data Privacy Seriously
Here’s the big one – the one that the collective industry has unfortunately been peddling for years. As an SMB, you’re in the dark on how much danger you’re in – and haven’t nurtured an organizational culture around security and data privacy.
FALSE: Our data proves that this myth is very far removed from the actual truth. And there are three ways to prove this from our survey of IT decision-makers from different sized organizations.
30 March 2021
|
Report
:
The future challenges facing criminal justice systems
SME's patching vulnerabilities
Patching often falls under the basics of cybersecurity, but in practice, it can be challenging to implement. One myth suggests that SMBs would rather use their resources elsewhere than find ways to minimize the disruption caused by patching.
This is false: Fifty-six percent of SMBs patch daily or weekly, compared to 58% of large businesses – showing that for the very regular patching routines, all business sizes approach it the same.
30 March 2021
|
Report
:
The future challenges facing criminal justice systems
Measure the efficacy of security programs
Assumptions have been made that smaller businesses employ more of a ‘spray and pray’ approach to cybersecurity. The implication is that they don’t have the measures in place to be able to monitor and measure what’s really working, and therefore can’t optimize what they have.
This is false. An impressive 86% of SMBs say they have clear metrics for assessing the effectiveness of their security program, compared to 90% of larger organizations.
30 March 2021
|
Report
:
Big Security in a Small Business World
AI race underway in the financial services sector
Currently, a third of financial service providers use AI applications on a functional level. In three years, 95 percent of the market expects to use AI in their day-to-day operations. There will be an AI race within the financial services industry. Within the financial services industry, the idea is maturing that artificial intelligence will fundamentally change competitive dynamics. more than half of the companies have prioritized the coordination of the AI strategy to 'board level', due to the expected impact of AI technology on the overall value chain within the financial services industry.
7 June 2021
|
External
:
Ai-race op komst in de financiële dienstverlening
AI technologies provide opportunities in the Justice, Police and Defence sectors
AI technologies can be utilised to improve various security related issues. For example, the police can use AI to improve the selection of case material, the selection of promising cold cases or the handling of alerts. In the justice domain, AI can be used to gain insights into child abuse or financial debts. Lastly, defence can use AI to improve weapon- and detection systems.
11 August 2021
|
Report
:
Strategisch Actieplan voor Artificiële Intelligentie
AI technologies provide opportunities in the Healthcare, Agriculture and Energy sectors
AI technologies can be utilised to improve various issues. For example in the healthcare sector, AI is used to precisely analyse cells, read röntgen images or establish diagnostics. In the agriculture domain, AI is used for 'precision agriculture', the selection of new crop strains and system integration. Lastly, the energy sector uses AI to reduce traffic jams, reduce emissions and the automatic detection of flaws in power grids.
11 August 2021
|
Report
:
Strategisch Actieplan voor Artificiële Intelligentie
Cybersecurity can only be tackled in a holistic way
According to ANSSI, the French counterpart to the NCSC, there are various actions needed to make a country more cyber resilient. First, strengthen prevent and respons capacities. Second, one needs to be able to rely on private partners. Third, the EU Competence Centre for industry, technology and research should work together with national coordination centers to increase knowledge on key technologies. Lastly, we need to facilitate response incident support across EU borders.
2 January 2023
|
Report
:
NCSC Magazine - Grenzeloze Samenwerking
Noticable disaster developing around data leaks
The impact of data leaks is huge and it i noticable that there is a disaster developing concerning leaks. Experts (Bird & Bird, Compumatica) tell us that working with security and privacy in practice is always a balancing act. Business awareness with regards to privacy is very important and that it is important to get clarity of security requirements at an early stage. Adjustments to security will always have to be made to take into account a flexible structure of databases.
14 June 2021
|
News
:
Recap HSD Café Security & Privacy: Noticeable Disaster Developing Around Data Leaks
There is a gap in the labor market between the supply and demand for cybersecurity expertise
Developments in the field of digitization are moving at lightning speed and digitization has penetrated into the capillaries of our society. The training or retraining of people who can adequately and efficiently address the safety aspects of this development, both on a technical and social science and humanities level, lags far behind, both in numbers (quantitative) and knowledge levels (qualitative). A gap has thus been created in the labor market between the demand for and the supply of cybersecurity expertise, in all areas, not only technical, but also organizational, administrative, legal, economic and ethical, for example.
24 May 2021
|
Report
:
Dcypher: Nationale Cyber Security Educatie Agenda
More qualified educators with cybersecurity knowledge and skills are needed
By including security and privacy in the digital world in the curriculum of primary and secondary education, young people become familiar with cybersecurity. Cybersecurity also comes into the picture in secondary education as a study choice. In primary education (PO) and secondary education (VO), more qualified teachers with cyber security knowledge and skills are therefore needed. Cybersecurity experts can be deployed to provide short-term knowledge transfer in education, for example to develop teaching materials that can be used by primary and secondary teachers. For the long term, new teacher training courses will have to be developed and current training courses adapted.
24 May 2021
|
Report
:
Dcypher: Nationale Cyber Security Educatie Agenda
A lack of a supported and accepted Body of Knowledge and Skills on cybersecurity hinders the development of the cybersecurity workforce
It is not immediately clear what the profile of a good information security officer or cybersecurity expert is. That makes it difficult for educational institutions to determine what the content of a curriculum should be. Students find it difficult to form an idea of what they want when determining their study choice. It is difficult for employers to formulate realistic expectations for starters. A supported and accepted Body of Knowledge and Skills (BoKS) helps with this. Due to the international dimension of the field, coordination on this is necessary. Professionals must be able to acquire an (inter) nationally recognized level of professional competence if they meet the requirements of education, experience and professional ethics.
24 May 2021
|
Report
:
Dcypher: Nationale Cyber Security Educatie Agenda
EU citizens' awareness of the risks and challenges of cyber space
European Commission prepared a special Eurobarometer survey in 2019 with the aim of understanding EU citizens’ awareness, experiences and perceptions of cybersecurity. The results of this survey show that Internet use in Europe continues to grow, particularly via smartphones, and citizens are more aware of the potential dangers when going online. According to the survey’s findings, concerns about online privacy and security have already led more than 9 in 10 Internet users to change their online behaviour – most often by not opening e-mails from unknown people, installing antivirus software, visiting only known and trusted websites and using only their own computers. While these results are quite encouraging, many users still fall into online fraud and e-mail phishing baits. This reveals that malicious actors are using sophisticated attacks that are harder to detect and avoid. Hence, mitigation strategies have to be updated regularly to accommodate the latest available intelligence (CTI) on attack techniques.
22 January 2021
|
Report
:
The Year in Review
Cyber-offenders: Sextortion attacks
Cyber-offenders are likely to Continue targeting teenagers and young adults with sextortion attacks (webcam blackmail) affecting psychologically and ultimately physically the victims.
22 January 2021
|
Report
:
The Year in Review
Cyber-offenders: Cyberbullying attacks
Cyber-offenders are likely to Increase the number of cyberbullying attacks during and after the COVID-19 pandemic with adolescents using digital platforms even more for personal or educational purposes.
22 January 2021
|
Report
:
The Year in Review
Cyber-criminals: AI-based tools to create deep fakes
Cyber-criminals are likely to Increase the use AI-based tools to create highly believable counterfeits (image, audio and video format) – commonly known as deep-fakes – to defraud companies.
22 January 2021
|
Report
:
The Year in Review
Cyber-criminals: Business Process Compromise (BPC)
Cyber-criminals are likely to Improve the tactics that compromise business processes to obtain financial advantage. The threat = Business process compromise (BPC)
22 January 2021
|
Report
:
The Year in Review
Cyber-criminals: Business e-mail compromise (BEC)
Cyber-criminals are likely to lower one level in the organisation - below executive – to compromise business emails. Business e-mail compromise (BEC)
22 January 2021
|
Report
:
The Year in Review
Cyber-criminals: Managed service providers (MSPs) to distribute malware
Cyber-criminals are likely to increase the use of managed service providers (MSPs) to distribute malware.
22 January 2021
|
Report
:
The Year in Review
Cybersecurity challenge: Dealing with systemic and complex risks
Cyber risk is characterised by the speed and scale of its propagation as well as the potential intent of threat actors. The interconnectedness of various systems and networks enables cyber incidents to spread quickly and widely, making cyber risks harder to assess and mitigate.
22 January 2021
|
Report
:
Emerging Trends
Cybersecurity challenge: widespread of adversarial AI detection
The detection of threats exploiting AI to launch an attack or avoid detection will constitute a major challenge for the future of cyber defence systems.
22 January 2021
|
Report
:
Emerging Trends
Cybersecurity challenge: supply chain and third party threats
The diversified supply chain that characterizes the technology industry today provides new opportunities for threat actors to take advantage of these complex systems and exploit the multiple vulnerabilities introduced by a heterogeneous ecosystem of third party providers.
22 January 2021
|
Report
:
Emerging Trends
Cybersecurity challenge: security orchestration and automation
Cyber threat intelligence and behavioural analytics will gain importance with the automation of processes and analysis. Investing in automation and orchestration will allow cybersecurity professionals to invest in the design of more robust cybersecurity strategies.
22 January 2021
|
Report
:
Emerging Trends
Cybersecurity challenge: reduction of false positives
This long waited promise is key in the future of the cybersecurity industry and in the fight against the alarm fatigue.
22 January 2021
|
Report
:
Emerging Trends
Cybersecurity challenge: zero-trust security strategies
With an increasing pressure on IT systems from new business requirements such as remote working, digitalization of the business model and data sprawl, zero trust is seen by many decision makers as the solution de facto to secure corporate assets.
22 January 2021
|
Report
:
Emerging Trends
Cybersecurity challenge: enterprise cloud migration errors
With many businesses migrating their data to cloud-based solutions, the number of configuration errors will increase exposing data to a potential breach. Cloud service providers will address the issue by implementing systems that identify these type of errors automatically.
22 January 2021
|
Report
:
Emerging Trends
Cybersecurity challenge: hybrid threats
New modus operandi adopt virtual and physical world threats. The spread of disinformation or fake news for example, is a key fixture of the hybrid threat landscape. The EUvsDisinfo15 is a flagship project of the European External Action Service’s East StratCom Task Force established to address the disinformation threat.
22 January 2021
|
Report
:
Emerging Trends
Cybersecurity spending
According to Gartner, many boards of directors will demand improved data and understanding of the returns after years of intensive investment in cybersecurity. This is mainly due to a growing spend in cybersecurity proportionately to the investment made in new technologies. According to a report from IDC22, spending on cybersecurity reached $103 billion (ca. €87,5 billion) in 2019, which is 9.4% higher than the previous year. Security managers will soon be scrutinised for the results obtained from years of investment and are essential to maintain improved data about the results obtained.
22 January 2021
|
Report
:
Emerging Trends
Cyber threat intelligence will help defining cybersecurity strategies
Cyber threat intelligence (CTI) aims at helping organisations becoming better prepared by improving their knowledge about the threat landscape. Instead of relying exclusively on information generated by internal systems or feeds (what is known about the known), the effectiveness of CTI will be determined by the knowledge about the why, the how and the what that is unknown to the cybersecurity team. The value proposition of any CTI capability or program is to improve the preparedness of the organisation to protect its critical assets from unknown threats. "With more cybersecurity automation and orchestration seen as a growing trend, cybersecurity teams will spend less time in monitoring activities and more in readiness and preparedness tasks.
22 January 2021
|
Report
:
Emerging Trends
Shortage in cybersecurity skills
The lack of highly-skilled tech professionals is already issue for Europe’s digitalisation ambition. According to a study, over 70% of European firms report that lack of skills is hampering their investment strategies, while 46% of firms report difficulties in filling vacancies due to skills shortages in key areas such cybersecurity.
22 January 2021
|
Report
:
Emerging Trends
Malware is getting an upgrade
Malware family strains are being upgraded into new versions with additional features, distribution and propagation mechanisms. Emotet for example, a malware originally designed as a banking Trojan back in 2014, has become one of the most effective malware distributors of 2019.
22 January 2021
|
Report
:
Emerging Trends
Threats will become fully mobile
Users are increasingly dependent on mobile devices to secure their most sensitive accounts. The use of 2fa tied to an app authenticator or via a text message is one of the examples. With more malware going fully mobile, fraudulent apps, SIMJacking and operating systems exploits make these devices the weakest link and therefore, extremely vulnerable to attacks.
22 January 2021
|
Report
:
Emerging Trends
Attackers are using new file types such as disc image files (ISO and IMG) for spreading malware.
DOC, PDF, ZIP and XLS files are still the most commonly used attachment type for spreading malware but other types are getting popular. A few campaigns distributing AgentTesla InfoStealer and NanoCore RAT were found using image file type in 2019.
22 January 2021
|
Report
:
Emerging Trends
Increase in targeted and coordinated ransomware attacks
In 2019, we saw an escalation of sophisticated and targeted ransomware exploits with the public sector, health care organisations and specific industries at the top of the list. Attackers are spending more time gathering intelligence about their victims, knowing exactly what to encrypt, achieving maximum disruption and higher ransoms.
22 January 2021
|
Report
:
Emerging Trends
Credential-stuffing attacks will widespread
Credential stuffing - the automated injection of stolen username and password combinations through large-scale automated login requests directed against a web application - will proliferate as a result from a decade of an abnormal number of data breaches and trillions of personal data records stolen.
22 January 2021
|
Report
:
Emerging Trends
Emerging trend in attack vectors: attacks will be massively distributed with a short duration and a wider impact
These attacks are meant to affect the highest number of devices possible to steal personal information or block the access to data by encrypting the files.
22 January 2021
|
Report
:
Emerging Trends
Emerging trend in attack vectors: finely targeted and persistent attacks will be meticulously planned with well-defined and long-term objectives
Malicious actors plan this type of attacks to reach high value data such as financial information, intellectual and industrial property, trade secrets, classified information, etc.
22 January 2021
|
Report
:
Emerging Trends
Emerging trend in attack vectors: malicious actors will use digital platforms in targeted attacks
Malicious actors will explore the potential of digital platforms to support targeted attacks (e.g. social media, gaming, messaging, streaming, etc.). From personal data theft for spear-phishing attacks to broad malware distribution, digital platforms with a high number of subscribers are efficient attack vectors increasingly popular among malicious actors.
22 January 2021
|
Report
:
Emerging Trends
Emerging trend in attack vectors: the exploitation of business processes will increase
With more automation and less human intervention, business processes can be maliciously altered to generate profit for an attacker. Commonly known as Business Process Compromise (BPC) this technique is often undervalued by process engineering specialists due to the lack of a proper risk assessment.
22 January 2021
|
Report
:
Emerging Trends
Emerging trend in attack vectors: the attack surface will continue expanding
E-mail is no longer the prime and only tool and top attack vector for phishing. Malicious actors are now using other platforms to communicate and attract victims to open compromised web pages. A new trend is emerging with the use of SMS, WhatsApp, SnapChat and social media messengers.
22 January 2021
|
Report
:
Emerging Trends
Emerging trend in attack vectors: teleworking will be exploited through home devices
With more people in teleworking and connecting their devices to corporate networks, the risk of opening new entry points for attackers will increase. With the COVID-19 pandemic, this trend will urge IT Managers to tighten security policies and make urgent changes in the IT infrastructure.
22 January 2021
|
Report
:
Emerging Trends
Emerging trend in attack vectors: obfuscation techniques will sophisticate
Threat actors are continuously innovating to make threats more effective and less susceptible to detections. The Anibus, an Android banking Trojan and bot, has been distributed by masquerading as innocuous app, primarily through Google Play Store.
22 January 2021
|
Report
:
Emerging Trends
Emerging trend in attack vectors: the automated exploitation of unpatched systems and discontinued applications will increase
The abnormal increase in Telnet traffic to port 445 observed in 2019 unveiled the expansion of worms and exploits such as Eternal Blue. Telnet, which is no longer used except in the realm of IoT devices, saw the greatest volumes during the period.
22 January 2021
|
Report
:
Emerging Trends
Emerging trend in attack vectors: cyber threats are moving to the edge
Edge devices are deployed at the boundaries between interconnected networks. We have seen a growing trend with attacks targeting these devices — such as routers, switches, and firewalls — having a significant impact to an enterprise and to the connected digital ecosystem.
22 January 2021
|
Report
:
Emerging Trends
Increase in collaborative innovation to tackle societal challenges
The world around us is constantly changing, partly due to rapid technological developments, social media and international connections. More and more challenges arise that are too large for one party to tackle. Think of the climate issue and the climate goals of Paris, or the debt problem. Collaboration with the market, government and science (triple helix) and even with society (quadruple helix) is increasingly taking place to solve these issues and create value together. On both social issues and technological developments. Investing in common ground, formal and informal structures, solidarity and honesty, in independence, is key for successful collaborative innovation
9 June 2021
|
Report
:
Innoveren over grenzen heen
AI will affect all sectors, tackling challenges together is crucial
AI will affect all sectors, if this is not already the case. Many parties run into the same problems, and it is best to tackle them jointly. Then companies can compete on their best propositions
9 June 2021
|
Report
:
Innoveren over grenzen heen
Creating a network in which organizations provide attributes that confirm reliability is key for data security
Data is increasingly taking on a leading role in our society. How do you ensure that that data can be trusted – and at the same time prevent your information from being endlessly double-checked? Collaboration is the key to success. By not placing the verification of data with one party, but by constructing a connection network in which several organizations provide attributes that confirm the reliability.
9 June 2021
|
Report
:
Innoveren over grenzen heen
There are several preconditions for successful application of technology in an urban environment
When applying technology in an urban environment, a number of preconditions are important, namely: privacy and societal acceptance, cybersecurity, embedding in existing infrastructure and processes, and the ability to scale up.
10 June 2021
|
Report
:
Technologieverkenning: Tech voor een gezonde en weerbare stad tijdens COVID-19 en erna
The ministry of defense will continue to focus on improving social safety in 2021
The ministry of defense wants to strengthen social safety within the organization with various measures in 2021. For example, there will be a (temporary) reporting and registration system where employees can go with suspicions of abuse, complaints or integrity violation. There will also be an analysis and revision of the internal integrity system. The Ministry of Defense is also committed to professionalizing the employees who deal with reports and complaints.
9 June 2021
|
External
:
Defensie zet in 2021 verder in op verbetering sociale veiligheid
Extended detection and response capabilities emerge to improve accuracy and productivity
Extended detection and response (XDR) solutions are emerging that automatically collect and correlate data from multiple security products to improve threat detection and provide an incident response capability. For example, an attack that caused alerts on email, endpoint and network can be combined into a single incident. The primary goals of an XDR solution are to increase detection accuracy and improve security operations efficiency and productivity.
21 January 2021
|
Report
:
Gartner Top 9 Security and Risk Trends for 2020
Security process automation emerges to eliminate repetitive tasks
The shortage of skilled security practitioners and the availability of automation within security tools have driven the use of more security process automation. This technology automates computer-centric security operations tasks based on predefined rules and templates.
Automated security tasks can be performed much faster, in a scalable way and with fewer errors. However, there are diminishing returns to building and maintaining automation. SRM leaders must invest in automation projects that help to eliminate repetitive tasks that consume a lot of time, leaving more time to focus on more critical security functions.
21 January 2021
|
Report
:
Gartner Top 9 Security and Risk Trends for 2020
Enterprise-level chief security officers (CSO's) emerge to bring together multiple security-oriented silos
In 2019, incidents, threats and vulnerability disclosures outside of traditional enterprise IT systems increased, and pushed leading organizations to rethink security across the cyber and physical worlds. Emerging threats such as ransomware attacks on business processes, potential siegeware attacks on building management systems, GPS spoofing and continuing OT/IOT system vulnerabilities straddle the cyber-physical world. Organizations primarily focused on information-security-centric efforts are not equipped to deal with the effect of security failures on physical safety.
As a result, leading organizations that deploy cyber-physical systems are implementing enterprise-level CSOs to bring together multiple security-oriented silos both for defensive purposes and, in some cases, to be a business enabler. The CSO can aggregate IT security, OT security, physical security, supply chain security, product management security, and health, safety and environmental programs into a centralized organization and governance model.
21 January 2021
|
Report
:
Gartner Top 9 Security and Risk Trends for 2020
Privacy is becoming a discipline of it's own
No longer “just a part of” compliance, legal or auditing, privacy is becoming an increasingly influential, defined discipline of its own, affecting almost all aspects of an organization.
As a rapidly growing stand-alone discipline, privacy needs to be more integrated throughout the organization. Specifically, the privacy discipline co-directs the corporate strategy, and as such needs to closely align with security, IT/OT/IoT, procurement, HR, legal, governance and more.
21 January 2021
|
Report
:
Gartner Top 9 Security and Risk Trends for 2020
New "digital trust and safety" teams focus on maintaining the integrity of all interactions where consumer meets the brand
Consumers interact with brands through an increasing variety of touchpoints, from social media to retail. How secure the consumer feels within that touchpoint is a business differentiator. Security for these touchpoints is often managed by discrete groups, with specific business units focusing on areas they run. However, companies are increasingly moving toward cross-functional trust and safety teams to oversee all the interactions, ensuring a standard level of safety across each space where consumers interact with the business.
21 January 2021
|
Report
:
Gartner Top 9 Security and Risk Trends for 2020
Network security transforms from the focus on LAN-based appliance models to SASE
Cloud-delivered security services are growing increasingly popular with the evolution of remote office technology. Secure access service edge (SASE) technology allows organizations to better protect mobile workers and cloud applications by routing traffic through a cloud-based security stack, versus backhauling the traffic so it flows through a physical security system in a data center.
21 January 2021
|
Report
:
Gartner Top 9 Security and Risk Trends for 2020
A full life cycle approach for protection of the dynamic requirements of cloud-native applications
Many organizations use the same security product on end-user-facing endpoints as they did for server workloads, a technique that often continued on during “lift and shift” cloud migrations. But cloud-native applications require different rules and techniques, leading to the development of cloud workload protection (CWPP). But as the applications grow increasingly dynamic, the security options need to shift as well. Combining CWPP with the emerging cloud security posture management (CSPM) accounts for all evolution in security needs.
21 January 2021
|
Report
:
Gartner Top 9 Security and Risk Trends for 2020
Zero-trust network access technology begins to replace VPN's
The COVID pandemic has highlighted many of the problems with traditional VPNs. Emerging zero-trust network access (ZTNA) enables enterprises to control remote access to specific applications. This is a more secure option, as it “hides” applications from the internet — ZTNA only communicates to the ZTNA service provider, and can only be accessed via the ZTNA provider’s cloud service.
This reduces the risk of an attacker piggybacking on the VPN connection to attack other applications. Full-scale ZTNA adoption does require enterprises to have an accurate mapping of which users need access to what applications, which will slow adoption.
21 January 2021
|
Report
:
Gartner Top 9 Security and Risk Trends for 2020
Experts foresee an AI growth path with three intelligence levels and two important conditions
Experts foresee a growth path with three intelligence levels: assisted AI (technology as support for human decision-making), augmented AI (technology as enrichment of human capabilities) and autonomous AI (technology as executing complex tasks without human control or guidance). two important conditions for going through this growth path are access to reliable data and support for experiments in the public sector. AI applications need data to train, improve and execute the algorithms. The required data is often not with one organization, data sharing between organizations and even between sectors is an important precondition for the development of AI solutions. Additionally, if no one dares to experiment, we cannot learn how to develop and deploy AI effectively, which means the technology will increasingly come from other parts of the world where different norms and values prevail.
8 June 2021
|
Report
:
Aan de slag met AI binnen de overheid
A growing number of organizations have CISO's
The importance of information security in the highly digitized world has increased significantly in recent decades and will continue to rise in the next decade. A continuous stream of examples of cyber attacks that paralyze entire institutions underlines this importance. It is therefore not surprising that more and more companies and institutions have a CISO (Chief Information Security Officer) or even an entire Information Security Office
27 May 2021
|
Report
:
HSD CISO Whitepaper: een robuustere cybersecurity
In recent years there has been a change in the role of the CISO
In recent years there has been a change in the role of the CISO, from a minimal realization of the role, to a more mature, full realization of the role. For example, the focus of the CISO has moved from technology to the organisation, the CISO has shifted from being difficult to being supportive, and there has been a growth in CISO Office team size as the mindset has shifted to security being essential for an organisation.
27 May 2021
|
Report
:
HSD CISO Whitepaper: een robuustere cybersecurity
Several factors can play a role in an increased focus on resilience and robustness in cybersecurity
factors can play a role in increasing resilience and robustness in cybersecurity:
-The management (board / board of directors) is often still too naive when it comes to cyber incidents and the resulting consequences. A business impact analysis and having the CISO speak the language of the board can solve this.
-Awareness campaigns are too rational, people do not "feel" the risk, and they are too focused on prevention. Practicing cyber incidents can solve this.
-Technical systems can contribute to increased robustness. Make sure to compartmentalize, standardize and simplify them.
-In a society that relies heavily on automation, the shortage of specialists, capacity and knowledge in the field of cybersecurity is a serious risk in the longer term
-The government plays an important role when it comes to the prevention of major cyber incidents and the preparation for dealing with such incidents should they occur.
27 May 2021
|
Report
:
HSD CISO Whitepaper: een robuustere cybersecurity
Safety of OT (Operational Technology) is underexposed
Safety of OT (Operational Technology) is underexposed. There are still too many legacy systems that hang unpatched and unprotected on the internet. More awareness is needed in this area.
27 May 2021
|
Report
:
HSD CISO Whitepaper: een robuustere cybersecurity
The Netherlands has an excellent position in the world when it comes to coordinated vulnerability disclosure
The Netherlands has an excellent position in the world when it comes to coordinated vulnerability disclosure (previously often referred to as responsible disclosure). This contributes to overall cyber security. There is still room for improvement on this.
27 May 2021
|
Report
:
HSD CISO Whitepaper: een robuustere cybersecurity
Child sexual abuse material (CSAM)
The area of child sexual abuse material (CSAM) has remained a grave concern during the pandemic; with children spending more time online, the potential increase in demand for CSAM and attempt to engage in child sexual exploitation continues to be a considerable threat.
22 January 2021
|
Report
:
How Covid-19-related Crime Infected Europe During 2020
Pandemic-themed campaigns in cybercrime activities
Pandemic-themed campaigns have appeared across a wide range of cybercrime activities, including phishing campaigns, ransomware, malware and business email compromise attacks. Healthcare and health-related organisations have also been targeted and fallen victim to ransomware attacks.
22 January 2021
|
Report
:
How Covid-19-related Crime Infected Europe During 2020
Fake news, conspiracy theories and harmful narratives
The volume of fake news, conspiracy theories and harmful narratives undermining public institutions disseminated online around the COVID-19 pandemic has been substantial.
22 January 2021
|
Report
:
How Covid-19-related Crime Infected Europe During 2020
The first- and second-most commonly cited causes of breach are malware and malicious spam.
The first- and second-most commonly cited causes of breach are malware and malicious spam. Ransomware causes the most destructive amount of downtime (over 17 hours) and also doesn’t discriminate – this includes small, medium and large businesses and enterprises. Brand reputation has increasingly become an area of security breaches, to such an extent that brand reputation is now the second-most impacted business area after operations. Businesses and enterprises who show collaboration between security, networking, endpoint management, or security groups, showed significantly lower breach costs. It therefore comes as no surprise that voluntary breach disclosure is at an all-time high.
21 June 2021
|
News
:
Cisco 2020 CISO Benchmark Report
Forty six percent of organizations had an incident caused by an unpatched vulnerability
Forty six percent of organizations (up from 30 percent in last year’s report) had an incident caused by an unpatched vulnerability.
21 June 2021
|
News
:
Cisco 2020 CISO Benchmark Report
It is necessary to explore the guidelines by which technology serves our society
In 2019, over 80 organisations in the Netherlands signed a declaration to accelerate innovation. One way that this is done is through the implementation of technology in our society, also known as 'Smart Society'.
"Learning from the development of a Smart Society requires us to shift our focus from technology to exploring the guidelines by which these technologies serve our society”.
“There are many opportunities for technology and data to improve the security of our cities. To realise these opportunities, we have to work in an agile way, innovate together and scale-up the discovered solutions”
12 August 2021
|
News
:
The Development of Smart Secure Cities
Digital and physical processes in society have become intertwined and crisismanagement should be able to deal with this
Most measures listed online focus on preventing a cyber emergency, only a very few concern the period during or after the emergency. This approach is too restricted. Digital and physical processes in society have become intertwined very rapidly. As a result, it's conceivable that a future cyber emergency will also affect the physical domains such as healthcare and transport. Fortunately, crisis and disaster management organizations are devoting more and more attention to the intensive interaction between the digital and physical spheres.
25 May 2021
|
Report
:
CSR Magazine
The human factor as a vital but weak link in cybersecurity requires testing and practise
The human factor is vital to achieving effective cybersecurity. There are three levels:
- organizations must have enough people on staff: minimal reliance on external parties
- people hired must be qualified for the job: personal must have mastered yesterday's technology, but be ready to work with the technology of today and tomorrow
- effective employee screening: government services must be kept secure
It is vital to keep conducting drills and surprise the organization with things like pen tests form outside the organization, mystery guests, external ethical hackers and more.
25 May 2021
|
Report
:
CSR Magazine
Water management as a (cyber)security issue
An interesting case for the Netherlands is the issue of water security. It is a traditional and typically Dutch security topic. Today, these efforts are being combined with a cyber related aspect. Today there is a desire to link the information from various water management structures together. However, this does entail increased risks.
25 May 2021
|
Report
:
CSR Magazine
European Commission working to put in place the building blocks of a truly Digital Single Market
Over the last four years, the European Commission has worked to put in place the building blocks of a truly Digital Single Market that supports the development of new technologies and applications and at the same time ensures legal certainty and the necessary protections for consumers and businesses alike. The Commission has proposed a dedicated funding stream for digital as part of the next EU budget period from 2021. The Digital Europe Program will invest over €9bn in artificial intelligence, supercomputing, cybersecurity, digital skills and the modernization and digitalization of the public sector.
25 May 2021
|
Report
:
CSR Magazine
The EU needs to become more resilient to cyber-attacks and create an effective cyber deterrence
Cyber-attacks have increased in numbers, but also in scale and geographical spread. It is clear that the EU needs to become more resilient to cyber-attacks and create an effective cyber deterrence. The human factor plays a very important part in this. With some 95% of incidents said to be enabled by some type of human error – intentional or not - there is a strong human factor at play. Technology can only take us so far in keeping us safe in the digital world. People - but also businesses and public administrations - need to have the skills and the right tools to be able to quickly detect and actively protect themselves against attacks. The legislative framework that is currently in place works to ensure the safety of networks and systems and to raise awareness of the risks. This framework is continuously being reexamined and adjusted, with the additions of Acts.
25 May 2021
|
Report
:
CSR Magazine
Efforts to prepare young people for tomorrow's labour market must be speeded up
Digital developments are progressing at lightning speed and their impact on our day-to-day lives is enormous. The application of artificial intelligence, Big Data and robotics serves to accelerate this process. It's crucial that we properly prepare young people for this reality: they are our future and must be ready to enter tomorrow's labour market. That is why it's so important that young people are taught the necessary skills, running the gamut from programming to how to use digital tools prudently and securely. A great deal of effort has already been made, but this must be speeded up. The shortage of teachers in primary and secondary educations means other solutions must be considered.
25 May 2021
|
Report
:
CSR Magazine
Training teacher through the use of hybrid teachers
In order for pupils to learn digital skills, teachers will have to be digitally literate. Public-private partnerships can offer assistance. However, even though most businesses are willing to help, they are often unsure of how to go about it. This is often because schools aren't certain of what they want from the business community.
What is needed: Combining strength and establishing shared goals and hol one another accountable for attaining those goals.
25 May 2021
|
Report
:
CSR Magazine
Chain dependence increases the cyber threat level in the manufacturing industry
Due to the high level of chain integration companies in the manufacturing industry are increasingly digitally connected. Companies are, generally speaking, very dependent on digital information-exchange, not only within the company, but across the chain. Consequently, it is important that the entire supply chain takes steps to increase cyber resilience. An important development in this industry is the Smart Connected Supplier Network (SCSN), which focuses on the (technical) rollout of digital messaging in the chain.
23 December 2022
|
Report
:
Verhogen cyberweerbaarheid bij bedrijven in de Zuid-Hollandse maakindustrie
Rapid development of IoT is expected to continue
A new era of connectivity is on the horizon. Over the past years, the number of connected devices out there has grown exponentially, and it is anticipated that figures will only continue to rise. By 2020, it’s predicted that there will be 31 billion connected devices in existence – a statistic that is expected to more than double to 75 billion by 2025. The catalyst that will boost IoT to its long-awaited full potential is the next generation of communication networks, as well as blockchain. The potential impact of IoT will be greatly heightened by other technological trends such as AI, 5G, and voice control technology, all of which ultimately serve to make connected devices smarter than ever.
28 May 2021
|
External
:
Technology Trend Report 2020
Quantum computing has evolved from a theoretical concept to a practical phenomenon
In recent years we’ve seen the relevant hardware and software necessary for QC move out of university labs and into business contexts – that is, the technology has evolved from a theoretical concept to a practical phenomenon. Companies are increasingly aware of this: Research shows that 40 percent of businesses are taking proactive steps towards QC, with 36 percent planning to take steps to invest in QC within the next two to five years. In the financial industry specifically, QC could make a difference in the areas of fraud detection,
dynamic portfolio analysis and optimisation, clustering and arbitrage.That said, QC still has a lot of maturing to do before it’s a viable computing option for enterprises that can deliver meaningful, cost-effective business results.
28 May 2021
|
External
:
Technology Trend Report 2020
Cybercrime, and specifically ransomware, is growing exponentially
Ransomware is a dynamically evolving risk, impacting organizations around the world with rapidly increasing loss frequency and severity. Claims have increased significantly in frequency and severity in recent years and continue to evolve.
- By 2025, Global cybercrime damage costs are expected to reach $10.5 trillion.
Global ransomware damage costs are predicted to reach $20bn in 2021, up from $325m in 2015.
- By 2021 a ransomware attack on businesses is predicted every 11 seconds.
- AIG has seen an increase of more than 150% in frequency of ransom and extortion claims notifications since 2018.
- All sizes of company are impacted by ransomware, across all types of industries.
Ransom and extortion claims accounted for 1 in every 5 cyber claims in 2020, up from 1 in every 10 claims in 2018.
Ransomware is rapidly evolving, fueled by the rise of ransomware as a service (RaaS), data exfiltration prior to encryption, and deeper, more invasive attacks.
28 May 2021
|
Report
:
Ransomware: a call for enhanced resiliency
Growth in the application of artificial intelligence
With 'big data' as fuel, Artificial Intelligence (AI) has the potential to provide insight into social phenomena and to improve policy and decision-making. Municipalities can use this to create new added value for their residents. The Dutch cabinet and Europe recognize the opportunities offered by AI. The starting shot has therefore been given to get started with this new technology. Narrow AI systems are rapidly penetrating the average living room and workplace.
Opportunities and threats
AI not only creates opportunities, but also presents us with challenges. Consider, for example, the issue of transparency of the operation of AI systems and the outcomes they generate. The social effects that AI systems generate are not necessarily positive. AI systems and the data that feed them, for example, can reinforce existing prejudices, unlawfully discriminate against individuals and systematically stigmatize population groups.
Legislation that offers opportunities and gives confidence
AI is technology in development, also when it comes to embedding it in society. Good, effective legislation can provide powerful support in this regard. An important condition is that sufficient space is built in to exploit the opportunities offered by AI and to strengthen confidence in this technology. Politicians, policymakers and society are faced with a fundamental challenge: how do we ensure that the relationship between desired and undesired outcomes and effects turns in the right direction?
Collaborate and knowledge sharing
Various municipalities are already off the starting blocks with AI projects and are thus gaining valuable experience. However, it is evident that a lot of knowledge still needs to be acquired by the government in general - and specifically by municipalities - in order to fully utilize the opportunities offered by AI. That knowledge is also necessary to be able to conduct the political conversation about socially responsible use of people and AI in a meaningful way.
22 January 2021
|
Report
:
Trends in de informatiesamenleving 2020
Digital security is becoming increasingly important
Digital security is becoming increasingly more important. We are seeing a shift in crime rates from "physical" to digital. Due to the growth in digital products and services, the potential digital vulnerability of society is increasing. In addition, the physical and digital world have become intertwined and that entails new risks. In order to do their job properly, drivers must be aware of these risks and vulnerabilities.
22 January 2021
|
Report
:
Trends in de informatiesamenleving 2020
‘AI for Good’ - values, ethics, legal
Europe is committed to AI that benefits public values, under the motto "AI for Good". This results in a great deal of attention for the ethical aspects of AI. This attention is also seen in the Netherlands, within the Cabinet and the government departments. The Platform for the Information Society recently published the essay "AI and Human Rights" on this subject. This essay convincingly argues that only under strict conditions can ethical frameworks suffice. If the ethical frameworks do not meet those conditions, then such frameworks must also have a legal form. In the letters to Parliament regarding this matter, these intentions to take action on this are expressed as well. However, we must continue to pay close attention that the frameworks for AI are constructed in the right way, also including the perspective of local governments.
22 January 2021
|
Report
:
Trends in de informatiesamenleving 2020
Knowledge gap in the field of AI
In the field of AI, there is a large knowledge gap between the large tech companies on the one hand and SMEs, governments and residents on the other. In comparison, the EU spent 1.1 billion Euros on AI research between 2014 and 2017, whereas big tech companies like Google spent between 20 and 30 billion dollars in 2016 alone. To ensure that public values are safeguarded in the use of AI, governments need more in-house knowledge from various disciplines (policy officer, lawyer, data scientist, financial specialist, etc.). With this knowledge, governments can build their own resources and regulate the market.
22 January 2021
|
Report
:
Trends in de informatiesamenleving 2020
Digital security & Covid 19
With the rapid development of digitization, digital security is a major challenge. The COVID-19 crisis once again underlines how important it is that our digital resources function properly and that residents can rely on government information and act safely in the digital world. However, that safety and reliability are far from self-evident. Europol notes, for example, that the number of cyber incidents since the crisis has increased in line with the widespread adoption of digital working. In the Netherlands, the Fraud Help Desk has to deal with a doubling of the number of monthly reports (from 6,500 per month in December to 15,000 in April), with the increase in Whatsapp fraud in particular being striking. The Tax and Customs Administration also sees more than a doubling of phishing reports. Prior to the current crisis, Statistics Netherlands noted in its annual Security Monitor that the number of victims of cybercrime is increasing, while traditional crime is decreasing.
22 January 2021
|
Report
:
Trends in de informatiesamenleving 2020
Municipalities and digital security
It is important to ensure the safe handling of information and systems in the DNA of the municipality and society. If we consider information as the most important raw material with which the municipality carries out its production, then information security deserves the same place in the organization as finance. In this construct, the Chief Information Security Officer (CISO) and Data Protection Officer (DPO) are the accountant and controller for the purpose of dealing with (information) systems and (personal) data. Municipalities are slowly but surely growing from a reactive and incident-driven approach to a preventive and risk-based cyclical approach. The major challenge is to also create digital awareness and risk awareness in the municipal 'regular' security function. The IT world can still learn a lot from the regular security world in the field of crisis management. Conversely, the municipal security arm can learn a lot from the CISO role about making digital risks transparent and manageable.
22 January 2021
|
Report
:
Trends in de informatiesamenleving 2020
Chain spreading of digital risks
In general, we can say that the opportunities of the information society are also accompanied by shifting risks, new vulnerabilities and interdependencies that are not always predictable.
These risks are not limited to the own organization, but spread easily through chains and networks - also internationally. Responsibility for digital security within such chains as a whole is still unexplored territory. This is risky because a digital disruption can have major social effects.
Digital disruption refers to serious disruptions (intended and unintentional) to society, with both digital and physical dimensions. Consider, for example, the consequences of the ransomware attack on a Ukrainian accounting system that also affected the Maersk shipping company and thus the port of Rotterdam in 2017, or the national failure of the emergency number 112 as a result of a KPN outage in 2019.
22 January 2021
|
Report
:
Trends in de informatiesamenleving 2020
Existing fundamental rights are under pressure due to digitalization
Experts and leading institutions are concerned about the influence of digitization on our democracy and the ability of residents to make decisions about their (digital) living environment. As early as 2011, the Scientific Council for Government Policy (WRR) warned in the iGovernment report against "faltering democratic control". In more recent years, concerns have only increased. Opinion makers, scientists and advisory councils point to the erosive effect that digitization appears to have on democratic processes.
The various advice and reports highlight a number of key challenges. A first challenge is that digitization and social media influence the functioning of our democracy, as noted by the State Committee on the Parliamentary System and the Council for Public Administration (ROB), among others. For many citizens, the rapid technological developments are too complex to really fathom them. There is a knowledge inequality between the market and society. In this context, the Rathenau Instituut therefore advocates strengthening "technological citizenship".
22 January 2021
|
Report
:
Trends in de informatiesamenleving 2020
There are rights that we require in an information society that we are currently might not possess
In addition to existing fundamental rights that are under pressure due to digitization, experts also identify possible missing rights. One example of this is the right to meaningful contact, as formulated by the Rathenau Institute (2017). The rapid rise of artificial intelligence and robotization raises questions about meaningful and "face-to-face" contact. But is it desirable that people end up in situations where they only deal with robots? The answer to that question almost certainly seems "no". There is a lot of psychological research that shows that people cannot live without contact with their fellow human beings. The right to meaningful contact can stipulate that we must avoid such situations.
Another example is the right to repair. Critics argue that large technology companies are "planned obsolescence." This means that these companies ensure that their products - smartphones, for example - do not last longer than two years, while a longer lifespan is quite possible. For example, research shows that the average lifespan of a desktop computer decreased between 1985 and 2010 from 10.7 to 3.5 years. The right to repair could allow people to access information about the hardware and software of products, enabling them to repair them themselves - rather than buying a new product every two years.
An extension of this is the right to interoparability. A small, accessible example: it is not in the public interest that you need a different charger for Apple smartphones than for all other smartphones. Ideally, there is one type of charger that you can use for everything and is therefore interoperable. This is also applicable in other areas: if systems from different providers of online platforms are interoperable, people can leave a social network without leaving their friends behind.
22 January 2021
|
Report
:
Trends in de informatiesamenleving 2020
Aanpak Preventie van digitale veiligheidsrisico’s steden
Preventie (maatregelen om risico’s te verlagen)
• Prioriteer kritieke processen op basis van dreiging en risico’s.
• Zorg voor de juiste contacten met organisaties uit deze processen.
• Werk aan bewustzijn en gedragsverandering bij organisaties en groepen die een hoog risicoprofiel hebben en/of kwetsbaar zijn.
• Agendeer bij organisaties het belang van preventieve maatregelen. Waaronder het gebruik, de ontwikkeling en de inkoop van veilige hard- en software; het waarborgen van redundante connectiviteit; het toepassen van identiteit- en authenticatie management (waaronder Multi-Factor Authenticatie); het zo snel mogelijk doorvoeren van (automatische) updates; het doorlopend uitvoeren van penetratietesten en oplossen van kwetsbaarheden (inclusief Coordinated Vulnerability Disclosure programma); het zorgen voor actuele backups; het beschermen van gevoelige data (onder andere door encryptie); het behalen van relevante certificeringen; en het trainen van gebruikers en medewerkers.
• Stimuleer samenwerking en kennis- en informatiedeling tussen organisaties uit geprioriteerde processen. Bijvoorbeeld op bovengenoemde onderwerpen en het delen van strategische kennis, ervaringen en informatie over risicoanalyses, vertrouwelijke gegevensuitwisseling, inkoopeisen etc.
• Onderzoek stimuleringsmogelijkheden en sturingsinstrumenten in het geval van een collectief actieprobleem of marktfalen.
• Ondersteun de attributie, opsporing en vervolging in het digitale domein door de inlichtingendiensten, de Politie en het OM.
4 April 2022
|
Report
:
Agenda Digitaal Veilig Den Haag
Aanpak Detectie van digitale veiligheidsrisico’s steden
Detectie (maatregelen om incidenten (tijdig) te kunnen detecteren)
• Agendeer bij organisaties in de stad het belang van het continue monitoren van het eigen netwerk, apparaten en applicaties (waaronder een Security Operations Centrum en endpoint detectie); het registreren van het digitale gedrag van apparaten, applicaties en gebruikers (logging); het leren herkennen van afwijkend gedrag en datastromen; het testen en updaten van detectieprocessen en -protocollen; en het samenwerken en elkaar helpen bij incidenten.
• Zoek voor de digitale infrastructuur en lokaal vitale processen actief naar kwetsbaarheden en datalekken via open bronnen en op het darkweb (scannen en threat hunting).
• Onderzoek stimuleringsmogelijkheden en sturingsinstrumenten in het geval van een collectief actie- probleem of marktfalen.
• Zorg voor een construct waarmee informatie over kwetsbaarheden, datalekken en andere dreigings- informatie (technisch en juridisch) kan worden gedeeld met en tussen organisaties in de stad.
4 April 2022
|
Report
:
Agenda Digitaal Veilig Den Haag
Aanpak Respons van digitale veiligheidsrisico’s steden
Respons (tijdens een incident snel en adequaat kunnen reageren)
• Zorg samen met de veiligheidsregio voor adequate voorbereiding op crisisbeheersing van een fysiek veiligheidsincident dat veroorzaakt wordt door een digitaal veiligheidsincident.
• Agendeer bij organisaties in de stad het belang van een crisisplan (inclusief procesafspraken, de technische reactie op een incident, een communicatiestrategie, digitaal forensisch onderzoek en het waarborgen van de continuïteit van bedrijfsvoering & dienstverlening tijdens een incident) en het periodiek oefenen van dit plan samen met partners.
• Creëer een meldpunt waar organisaties melding kunnen doen van incidenten en koppel zulke meldingen ook terug richting andere organisaties in de stad (zie ook bij detectie).
• Moedig getroffen organisaties aan om aangifte te doen bij de Politie.
4 April 2022
|
Report
:
Agenda Digitaal Veilig Den Haag
Aanpak Herstel van digitale veiligheidsrisico’s steden
Herstel (herstellen of beperken van schade na een incident)
• Agendeer bij organisaties het belang van een herstelplan: organisaties kunnen na afronding van het forensisch onderzoek, het verwijderen van alle malware en het oplossen van kwetsbaarheden de getroffen systemen, apparaten en applicaties opnieuw aansluiten en herstarten. Bijvoorbeeld door het herstellen van backups, of bij een zware aanval, het (gedeeltelijk) opnieuw opbouwen van de ICT.
• Evalueer na afloop het incident en de reactie hierop, zodat indien nodig de bestaande plannen, protocollen en contracten met toeleveranciers kunnen worden verbeterd.
• Communiceer na afloop open en transparant met stakeholders (incl. het publiek) over de geleerde lessen.
• Organiseer schadeafhandeling en nazorg in het geval van immateriële schade.
4 April 2022
|
Report
:
Agenda Digitaal Veilig Den Haag
Wet- en regelgeving en rol gemeente op het gebied van digitale veiligheid
Om de (mogelijke) rol van de gemeente op het gebied van digitale veiligheid te duiden is het belangrijk om te kijken naar de juridische context, het nationale stelsel voor digitale veiligheid, verschillende beperkingen en de inzet van andere steden. Het Nederlandse stelsel voor digitale veiligheid is in hoge mate nationaal en sectoraal georganiseerd. Er ligt voor digitale veiligheid op dit moment geen expliciete opdracht (met daaraan gekoppelde versterkings- gelden) van de Rijksoverheid aan de Nederlandse gemeenten, zoals dat bijvoorbeeld bij de bestrijding van ondermijning en radicalisering wel het geval is. Wel zijn er veel verschillende kaders zoals Baseline Informatiebeveiliging Overheid, Algemene Verordening Gegevensbescherming (AVG) en de ‘Wet beveiliging netwerk- en informatie- systemen’ (Wbni). Daarnaast de sectorale wet- en regelgeving en de Europese: 'EU Cyber Security Act' en de nieuwe ‘EU strategie inzake cyberbeveiliging voor het digitale tijdperk’
4 April 2022
|
Report
:
Agenda Digitaal Veilig Den Haag
Data sharing for AI: Data Sovereignty, Trust and Security
The need to get a grip on (the conditions for) the use of data when it is shared with other parties is rising. We do want to share data, but data misuse must be prevented in order to give organizations and individuals the confidence to share their sensitive data. The starting point is therefore "controlled data sharing". Controlled data sharing can be broken down into three aspects:
• Data sovereignty is the ability of a natural person or organization to be fully self-determining with regard to its data, ie the ability for a legal entity to decide exclusively using its data as an economic asset. It requires people and organizations to control the circumstances over how their data is shared and how it may be processed by other parties.
• Trust is the property of obtaining assurance that the entities (persons, organizations, or systems) with which data is shared are actually the entities they claim to be and that they will act accordingly. Trust can be achieved through adequate identification, authentication and certification methods.
• Security is the property of being able to guarantee that the actual sharing of data is protected against unauthorized misuse of this data by security breaches, whether as a result of malicious intent or accidentally. It includes aspects such as encrypted data transport and storage and software certification and attestation
30 March 2021
|
Report
:
Verantwoord datadelen voor AI
Greater focus on trust in the supply chain
In 2021, we believe businesses will continue to take more time to scrutinize physical security solution providers and manufacturers. This includes asking vendors more pointed questions about how they manage emerging threats, how forthcoming they are about product vulnerabilities and their partner ecosystem, and what their data and privacy policies are. In recent years, we’ve seen some governments discouraging or banning the use of certain vendor products, claiming possible trust and security vulnerabilities. As this trend continues, physical security professionals will seek out vendors that they feel can comply with more stringent guidelines.
12 May 2021
|
External
:
Top physical security trends for 2021
Organizations will invest in new access control and video analytics solutions
In a recent Genetec report, the State of Physical Security 2020, 54% of respondents said that access control will be a big project to focus on in 2021 and 46% said the same about video analytics. Many physical security professionals know that upgrading to modern access control solutions will help them to reach new goals. This might include strengthening cyber hygiene or deploying new a physical identity management solution to automate employee and visitor access requests. During the re-opening phases, the latter will help limit physical interaction while keeping people safe, buildings secured, and compliance in check. Implementing video analytics further strengthens site security and delivers more insights. From people counting and directional flow to object left behind and crossline detection, analytics are giving security teams a clearer picture of what’s happening in their environment. Remote teams can also stay top of threats while securing near-empty facilities during this pandemic. As machine learning continues to push the intelligence of analytics forward, users will see higher accuracy rates, and this will boost confidence in various edge and software-based analytics.
12 May 2021
|
External
:
Top physical security trends for 2021
Personalized solutions will address industry-specific needs
Physical security solutions have traditionally been cookie-cutter. While certain functionality might appeal to one business more than another, rarely have security platforms been designed to address a specific industry. That’s all changing. Customized product portfolios are becoming increasingly popular as users' needs evolve and procuring enterprises seek more sophisticated solutions. Airports, cities, mass transit, cannabis, and other industries require solutions that are designed to help them manage their unique environments. Since custom-built solutions cost a fortune to develop and maintain, vendors will be pushed to provide an easier and more affordable path to address these tailored industry needs.
12 May 2021
|
External
:
Top physical security trends for 2021
80 percent of large companies have adopted AI to enhance their core business operations
Today, approximately 80 percent of large companies have adopted examples of machine learning and other forms of AI to enhance their core business operations. Five years ago, this figure was less than 10 percent. Nevertheless, most companies still only use AI tools as point solutions – for fraud prevention, for instance – discrete applications that are isolated from the enterprise’s wider IT architecture.
28 May 2021
|
External
:
Technology Trend Report 2020
A rise of broad AI solutions is expected
At present, most AI applications fall under the Narrow AI category – meaning, they’re built for a specific task. In the future, the rise of Broad AI solutions is expected – systems
that can work on a broad range of problems.
28 May 2021
|
External
:
Technology Trend Report 2020
Quantum computing will have a significant impact on the field of AI
While it will still be many decades before we see Quantum Computing (QC) take off on a large scale, it’s predicted that when this happens, it will have a significant impact on the field of AI – leading to enhanced judgement, improved interaction, greater degrees of trust and products that are far more intelligent. In general, AI is going to change almost every aspect of daily life and the nature of work as we know it. To manage AI and harness its power within organisations, new jobs, roles and skills will be required. As AI tackles less complex, more mundane duties, employees can start taking on higher-value, more rewarding tasks.
28 May 2021
|
External
:
Technology Trend Report 2020
AI is bringing about a massive transformation in the banking industry
AI is bringing about a massive transformation in the banking industry. It yields many new data-driven insights, while increasing productivity and presenting new cost-saving opportunities. AI allows banks to enhance the customer experience, accelerate business growth, mitigate risks and increase operational efficiency.
28 May 2021
|
External
:
Technology Trend Report 2020
Despite rapid developments, three challenges hinder the widespread adoption of blockchain solutions
Despite rapid developments, three major challenges continue to hinder the widespread adoption of blockchain solutions:
-limited scalability: As the amount of data stored continues to increase, blockchain systems tend to become slower and have much greater storage demands.
-the competition paradox: . The technology enables or forces competing parties from
all over the world to cooperate equally to redefine markets and improve global industries. It can be difficult to get competitors to work together.
-privacy challenges: how can we justify information and transactions being memorised forever?
28 May 2021
|
External
:
Technology Trend Report 2020
While Extended Reality (XR) is capable of completely changing the way people live and work, barriers exist to its wider expansion
XR-based solutions and innovations are gaining traction throughout the business
world and are starting to feature in a growing number of customer-facing products
and services. In fact, research suggests that by 2022, 70 percent of enterprises will be
experimenting with immersive technologies for consumer and commercial use, and
25 percent will have deployed them to production.
While XR is capable of completely changing the way people live and work, the technology is still predominantly employed only in the entertainment industry, often to enhance (video) games. XR headsets tend to be expensive and relatively difficult to acquire. Another challenge is that, currently, Virtual Reality only allows for single-person use.
28 May 2021
|
External
:
Technology Trend Report 2020
The maturation of sensor and voice control technology
Sensor technology is becoming increasingly sophisticated and this has implications for IoT. Every object can be fitted with multiple sensors that are able to collect useful information on how the item is performing and on its internal and external conditions. This data can then be used to determine if maintenance is urgently required, for example. New human-machine interaction opportunities through voice user interfaces (VUIs) – used in the
case of digital assistants like Siri, Alexa and Google Assistant – also expand the possibilities in the IoT realm. The integration of voice control into IoT devices completely
changes the way people interact with their environment and carry out their work and life duties.
28 May 2021
|
External
:
Technology Trend Report 2020
5G technology will power billions of new connected devices and supercharge the adoption of transformative technologies
5G technology will power billions of new connected devices and supercharge the adoption of transformative technologies. It will provide the basis for a truly intelligent network of cars, robots, drones, and more — all of which will be able to communicate in real time in response to people’s needs. In many ways, it will reinvent the business world. In the face
of such rapid developments, companies must anticipate and seize opportunities.
28 May 2021
|
External
:
Technology Trend Report 2020
The rise of Secure Multi-Party Computation
As SMPC provides a secure, (more) private platform for the safe interchange of large
amounts of data, it can be deployed in various ways to solve complex issues and
enable better decision-making, for example in the financial industry and food & agriculture. The future certainly looks promising for SMPC, but it must be noted that we’re still in the exploratory stage when it comes to this technology, mainly due to its technical complexity (speed) and issues around scalability.
31 May 2021
|
External
:
Technology Trend Report 2020
Voice technology has rapidly grown in popularity, but challenges prevent wider adoption
In the United States (US), voice-activated technology has become one of the most popular applications for AI today, and it’s predicted that the use of DVAs and other conversational interfaces will only continue to rise. Ease of use and time savings are two of the primary reasons why people choose to use voice assistants. While the technology has evolved rapidly in the US and other parts of the world, developments have been much slower in the Netherlands. The reason for this lag is simple: DVAs aren’t yet fluent in Dutch. That said, as soon as the issue of language is resolved, there’s no doubt that a ton of opportunities will open up in the field of voice recognition here, too.
31 May 2021
|
External
:
Technology Trend Report 2020
The critical need for robust security measures in both hardware and software to protect embedded devices from evolving cyber threats.
This document delves into the critical importance of embedded software security in the evolving technological landscape. Here is a summary of the key points discussed in the report:
- Significance of Embedded Software Security: Embedded software plays a crucial role in various devices, systems, and applications, necessitating robust security measures to combat emerging threats.
- Hardware Security: Emphasis on embedding security features directly into hardware components to enhance system resilience against physical tampering and unauthorized access.
- Software Security: Importance of secure coding practices, robust software security measures, and the integration of defensive programming techniques to prevent attacks.
- IoT Ecosystem Security: Highlighting the need for safeguarding IoT devices through encryption, secure communication, and protection against reverse engineering and potential exploits.
- Cyber Attack Resilience: Strategies and technologies to enhance the security of embedded systems against evolving cyber threats, including the adoption of open source software, timely updates, and cryptographic protocols.
- Legislative Measures: Discussion on upcoming legislation like the National Cybersecurity Strategy and the NIST Secure Software Development Framework to enforce security standards and accountability.
- Future Outlook: Anticipation of increased use of AI and ML in IoT devices, the importance of binary transformation technologies, and the role of security solutions like Emproof Nyx in fortifying embedded device security.
Overall, the report underscores the critical need for proactive security measures, the integration of advanced technologies, and adherence to regulatory frameworks to safeguard embedded devices against sophisticated cyber threats in 2024 and beyond.
27 March 2024
|
External
:
Embedded software security: 2024 and beyond
The Netherlands lags behind in investing in areas that are central for future innovation
The main areas of concern are the speed of embedding technology, access to markets, capital, talent and the ability to scale successfully. There is insufficient availability of capital,
a small talent pool and a homogeneous startup sector, insufficient market access and a gap between technology and new businesses.
24 May 2021
|
Report
:
Empowering Dutch Leaders in Tech 2020
The Netherlands is moving up the rankings in business dynamics, but moving down the rankings in innovation capabilities
The innovation ecosystem is one of the main indicators of success for remaining internationally competitive. Interestingly, the Netherlands has contradictory trends in the two indicators defining a global competitive ecosystem. The Netherlands is moving up the rankings in business dynamics, but moving down in the international rankings in innovation capabilities. This is an alarming trend for the competitiveness of the country in the near future.
24 May 2021
|
Report
:
Empowering Dutch Leaders in Tech 2020
Scaleups have limited access to the Dutch and international markets
‘Internationalisation’ is indicated as the biggest challenge by founders from mid-stage scaleups (between €1M – €5M revenues). Access to international buyers, local partners and local talent are three of the biggest internationalisation challenges for scaleups. Additionally, ‘market reach’ is one of the biggest disadvantages for the Dutch tech ecosystem. At most multinationals, the sales procurement process is still unnecessarily complex for scaleups.
24 May 2021
|
Report
:
Empowering Dutch Leaders in Tech 2020
There is a modest and fragmented supply of venture funding
Notwithstanding a steady increase in deals, venture capital (VC) fund investment volume and a number of government support programs, The Netherlands is still a long way from realising this vision. There are a variety of issues signaled in the ecosystem and although qualitative data is not readily available, the challenges are apparent:
• There is a modest and fragmented supply of venture funding, spread over regions, sectors, funding stage and fund type (private/ public).
• Overall deal sizes are small causing a relatively small overall impact, where only a few funds invest in multiple stages.
• There is a specific shortage of early and late stage funding and venture debt.
• Dutch VC find it hard to attract Dutch institutional investors in their funds and there is for now low presence of focused foreign VC that could provide material contribution in terms of capital and best practices.
24 May 2021
|
Report
:
Empowering Dutch Leaders in Tech 2020
Limited access to talent for scaleups
Scaleups will need to hire 12,000 individuals every year for the forseeable future. Currently, 48% of all software development roles in the Netherlands are hard to fill. Scaleups must compete for talent with larger companies, and the domestic pool of talent is not sufficient, thus attracting international talent is crucial. Additionally, there is a lack of diversity, as in recent years only 0.8% of venture capital in the Netherlands was invested in female founders and only 5.7% in mixed teams.
24 May 2021
|
Report
:
Empowering Dutch Leaders in Tech 2020
Responsible AI: Connecting the ethics of AI with technological practice
After a period of formulating frameworks, principles and starting points, it is now time to concretely link ethics with practice. A new approach is needed to anchor AI and the underlying data in ethically responsible and socially meaningful applications:
-Focus on the pursuit of social values
-The business community takes joint responsibility for social innovation
-Knowledge institutions provide responsible AI education and research
-Introduce ethical guidance and regulation
-Organize ethics from the perspective of citizens and stakeholders
-Connect AI with sustainability
-Support wide access to responsible and meaningful solutions
25 May 2021
|
Report
:
Mensgerichte Artificiële Intelligentie
Artificial Intelligence (AI) is the most influential technology at the moment
Artificial Intelligence (AI) is the most influential technology at the moment. Algorithms play an increasingly important role in our actions everywhere in society. Three levels of impact of AI can be distinguished. At an individual level, AI systems influence the choices, behaviors and frameworks of interpretation of individual users: search engines color the information with which people build their world view, expert systems provide doctors and judges with a framework for a diagnosis or a judgment. At the social level, this influence is reflected in a wide variety of domains, including healthcare (such as detecting cancer cells in images), education (adaptive teaching materials) and justice (expert systems), traffic and transport (via self-driving vehicles), and journalism. ('automated journalism'). Finally, at the social level, AI influences the organization of society: predictive policing changes the nature of the enforcement task of the police, search engines influence political engagement and algorithms are involved in military decision-making.
25 May 2021
|
Report
:
Mensgerichte Artificiële Intelligentie
The rise of AI ethics in The Netherlands
The major impact of AI on people and society entails a special responsibility. How can we design AI systems responsibly? How can we determine whether these systems use responsible data? And how can we properly embed and use them socially? The importance of these questions is widely recognized and in 2019 there was almost no industry, government, company that had not drawn up an ethical code. The year 2019 has already entered the books as the year of AI ethics. AI ethics themes that have arisen include for example fairness and justice, transparency, and liability. The pursuit of "responsible AI" is also crucial in international relations. Europe is increasingly profiling itself as a "third way", alongside the capitalist approach of "Big Tech" in the West and the centralist approach to state control in the East. In this third way, people are central. The Netherlands has the potential to be a core player in this third way. Scientific research in the field of AI is of a high level and the Netherlands has many successful AI-related companies.
25 May 2021
|
Report
:
Mensgerichte Artificiële Intelligentie
Thinking cybersecurity is solely the IT department's responsibility is a common cybersecurity mistake
IT teams are often lacking resources and sufficient support. Taking care of an organization's cybersecurity is not a one-man-job, nor is it solely a technical issue. Cybersecurity must be spread in all levels of an organization.
11 June 2021
|
Report
:
Five Most Common Cybersecurity Mistakes
Forgetting to train employees is a common cybersecurity mistake
Not everyone is interested or familiar with cybersecurity related risks and threats. Employees need assistance and support to become and stay compliant with cybersecurity policies. Offering people training and exercises to make the learning process as comprehensive as possible is necessary.
11 June 2021
|
Report
:
Five Most Common Cybersecurity Mistakes
Overlooking actual cybersecurity risks is a common cybersecurity mistake
Organizations should perform cybersecurity assessments on a regular basis. If an organization does not regularly assess their cybersecurity risks, overlooks them or does not mitigate the findings, the risks of vulnerability to cyberattacks increases significantly. Organizations should constantly be fully aware of both their operating environment and their cybersecurity status and have the ability to implement plans rapidly into action.
11 June 2021
|
Report
:
Five Most Common Cybersecurity Mistakes
Not defining specific security requirements is a common cybersecurity mistake
Cybersecurity related risks and threats pose significant challenges and should not be underestimated - especially for budget reasons. Working with an outsourced IT service company, is vital for the organization to give a clear, comprehensive brief to the service provider about their roles and responsibilities. Always stay alert and involved and always double-check.
11 June 2021
|
Report
:
Five Most Common Cybersecurity Mistakes
Defining security policies, but not implementing them is a common cybersecurity mistake
Writing down the organization’s cybersecurity crisis plan and policies is the right thing do. Unfortunately, policies and plans are useless unless put into use. Enforcing security policies in both processes and ways of working ensures that the organization operates more safely and effectively at all levels.
11 June 2021
|
Report
:
Five Most Common Cybersecurity Mistakes
With the increasing desire and need to move to the Cloud IAM becomes even more important
With the increasing desire and need to move to the Cloud, a good IAM becomes even more important. Due to cost or complexity, an organization cannot transfer all applications or systems to the Cloud at the same time. This requires a hybrid solution in which the old applications ran on location and the new applications in the Cloud. A hybrid solution also requires a Hybrid identity. The scope has been greatly increased due to this hybrid solution. Examples include local Identity Lifecycle Management (ILM), the tightening of laws and regulations, and multifactor authentication.
14 June 2021
|
Report
:
De toekomst van IAM
Increased legislation and regulations lead to more attention for compliance
Due to increased legislation and regulations and industry and company regulations, there is clearly more attention for compliance. IAM is evolving towards Identity and Access Governance (IAG). At IAG, policy is taken to determine who may have access to the information or systems. Stricter laws and regulations force us to approach IAM even more from a policy point of view. This is seen as a major hurdle because requirements are constantly being added or adjusted, which inevitably makes the IAM solution more complex. More complexity is rarely seen as a plus. Checking policy compliance and comparing the used – and administered access rights is becoming increasingly important. This is not easy, which is why the security officer and the compliance officer must be involved in the approach.
14 June 2021
|
Report
:
De toekomst van IAM
Increase in location independent work and self-reliance of employees creates additional risks
there is more interest in location-independent working and self-reliance of employees, and at the same time this creates additional risks. With home workers you can exercise less control on which devices or applications an employee has used to access sensitive company information. IAM must be flexible and be able to deal with these requirements and wishes of internal and external users
14 June 2021
|
Report
:
De toekomst van IAM
Increased attention to scalability of IAM platforms
There is increased attention to scalability of an IAM platform due to exponential growth of data, systems and users, both in-house and in the Cloud.
14 June 2021
|
Report
:
De toekomst van IAM
Outdated and custom applications prevent a link with an IAM platform in the cloud
Because suppliers opt for the SaaS Cloud model, they no longer maintain the local applications and therefore become obsolete. There are still too many outdated and custom applications. These are not suitable for the Cloud and prevent a link with an IAM platform in the Cloud.
14 June 2021
|
Report
:
De toekomst van IAM
SSO allows customers to access applications and products/services with one account and password
In the past, customers had to log in with different accounts in different ways to access, for example, different banking or insurance products. Nowadays they can easily access all kinds of applications and products/services with one account and password, whether or not in combination with MFA. Thanks to Single Sign-on (SSO), you can easily log in anywhere with one account and password. This applies to on-premise applications or Cloud applications for which it is authorized. SSO is extended to the Cloud and all associated SaaS applications. This architecture makes it possible to offer the user a central point (portal or hub) from which he can access all the desired applications with one click, without having to log in again and again.
14 June 2021
|
Report
:
De toekomst van IAM
The future of IAM is cooperation: the development of IAM as a service
The “As a Service” approach appears to be embraced more and more. Organizations can be taken care of in the context of a service and are given more time for their core tasks. In turn, Managed Service Providers use their specialist knowledge and experience to create confidence that things are well arranged. You can also apply this philosophy to IAM. A logical next step is therefore to purchase Hybrid IAM in the form of a service. “IAM as a Service” from a Managed Security Service Provider (MSSP).
14 June 2021
|
Report
:
De toekomst van IAM
The demand for faster delivery of new products and services increases vulnerability
The demand for faster delivery of new products and services is increasing and vulnerability is increasing as a result. Organizations are more open and expose themselves to security risks and this increases the chance of cybercrime, not a nice feeling for a CISO.
14 June 2021
|
Report
:
De toekomst van IAM
Increased (temporary) collaboration may pose security risks
The emergence of chain collaboration ensures that complete IAM environments can be accessed in autonomous domains (Federated Identity Management). This can only be done on the basis of trust in each other. The emergence of more and more temporary collaborations where the identities do not come from an HR system. Think of partners or external users in the form of customers. After the collaboration, it is necessary that you deny access in a controlled manner.
14 June 2021
|
Report
:
De toekomst van IAM
The rise of Consumer Identity and Access Management (CIAM)
Consumer Identity and Access Management (CIAM): An IAM solution specifically tailored to the needs of organizations that process large amounts of information about consumer identities. While similar to traditional IAM at first glance, CIAM solutions should provide a smooth yet secure customer experience, with the ability to scale quickly to handle large amounts of customer data. An example of this is a pharmacy app that keeps track of whether or not a customer wants a reminder message about the repeat prescription.
14 June 2021
|
Report
:
De toekomst van IAM
Increase in scaremongering about the impact of cyberattacks
The flow of messages about cyber attacks is increasing and often the survival of organizations would be endangered. Is this real or just oversimplified scaremongering? Of course there are successful digital break-ins, but unfortunately it is too often scaremongering. This backfires because organizations become desensitized to these kinds of warnings in the long run.
15 June 2021
|
Report
:
Risico onderzoek
Crucial risk analysis on information security requires a rare combination of technical and business knowledge
A risk study on information security helps to cover the risks. Although researching risks is an excellent aid in forming judgments when researching and managing risks, it is certainly not a questionnaire that one can go through. In-depth knowledge of an organization, such as primary business processes in relation to technology, is necessary. And this can hardly be processed in a questionnaire. An ideal, but unfortunately very scarce, combination of technical knowledge and business knowledge is necessary. Only then will you cover the entire spectrum of legislation and regulations, business processes, technology, information security and vice versa during the risk assessment. Consultants often lack technological knowledge and experience, and information security specialists are technology driven and often loose sight of the importance.
15 June 2021
|
Report
:
Risico onderzoek
An integral assessment of chains of collaborating organizations is increasingly important
Information security is only as strong as the weakest link in an ecosystem and cybercriminals know it. An integral assessment is therefore necessary. Not only within an organization but also within the chains of collaborating organizations and suppliers. An integral assessment of the chains in particular is becoming increasingly important. On the one hand, this is due to the increasing tendency towards collaboration to solve complex issues in the healthcare and financial sector and, on the other hand, due to the fact that there are (large) differences between the organizations in terms of policy, approach, risk management and support for security in a chain. And that introduces risks and vulnerabilities precisely at the interfaces.
15 June 2021
|
Report
:
Risico onderzoek
Risk-based security is key for organizations
Organizations have a limited budget, time and resources regarding information security. This requires a targeted use of budget, time and resources. The deployment must correspond to the risks and consequences in relation to the importance of the asset and/or business process. This together determines the seriousness and is a guideline for the deployment of security measures (risk-based security).
15 June 2021
|
Report
:
Risico onderzoek
Digital identity and the need for an active government
A trusted digital identity, to which a number of verified attributes or claims are attached,
such as a name, BSN or proof that you are over 18, offers great added value and ease of use in doing digital business with each other. To realize plans around digital identity, the Dutch government will have to change course. The developments in the market and at the European level demand a more active government role in creating trust in a digital identity, enabling careful identification, reliable authentication and controlled authorization in a collaborative system.
22 December 2021
|
Report
:
Digitale Identiteit en de Noodzaak van een Actieve Overheidsrol
Eight European security clusters are collaborating on a variety of security related topics
The collaboration between eight European security clusters brings together various skills and competences regarding science, academia, business and the public sector. Joint international R&D and innovation projects focus on the following sectors and topics:
1) Aerospace systems (drones, air systems, and satellite applications for security missions)
2) Information and cyber security
3) Disaster resilience and innovations for law enforcement and border security
4) Critical infrastructures security
5) Dual-use defence technologies for the civil sector
21 June 2021
|
News
:
Eight European Security Clusters Join Forces for a More Secure Europe
Cooperation is necessary in order to increase the resilience of citizens and companies against cybercrime
''Good cooperation between central government and municipalities in securing our digital infrastructure and combating cybercrime is more important than ever.''That is one of the reasons why multiple cities, municipalities and security institutions will be collaborating in order to make citizens and companies more resilient against cybercrime.
21 June 2021
|
News
:
Government Increases Cyber Resilience Through City Deal
SOCs are crucial in detecting cyberattacks
Cybersecurity has become a basic pre-condition for a prosperous and safe society in the 21st century. Automatically carried out cyberattacks are increasing and therefore, countering those attacks cannot only be done through human actions anymore. Consequently, Security Operation Centers (SOC) are crucial in detecting such attacks and are at the core in most cybersecurity strategies.
22 June 2021
|
News
:
Consortium Targets Automatic Prevention of Cyber Attacks
15 countries are working together in order to exchange knowledge and build research, innovation and technical collaborations and capability in host regions
Through the United Nations, the Global Ecosystem of Ecosystems Partnership in Innovation and Cybersecurity (Global EPIC) was established in order to connect ecosystems around the world, with the aim of facilitating knowledge exchange as well as building research, innovation and technical collaborations and capability in host regions.
In particular, the partnership has been designed to combat growing world challenges by facilitating global collaboration while enabling positive local cybersecurity and economic benefits.
23 August 2021
|
News
:
The Value of International Collaboration in International Peace and Security
Organisations are collaborating in the field of automated detection of cyberthreats
The cooperation focuses on the automated detection of cyberthreats using advanced technologies like Artificial Intelligence with the aim of safeguarding a secure and robust digital economy in the region.
The Netherlands is experiencing the fast-growing digitalisation of processes and services and has thus achieved a strong economic position. Critical sectors such as logistics, healthcare and the manufacturing industry are transforming their business models and processes under the influence of digitalisation in order to remain competitive. This growing digitalisation makes the Netherlands susceptible to cyberattacks. This is particularly true in light of the fact that the techniques used by cybercriminals to break into corporate and governmental networks are becoming increasingly sophisticated.
24 August 2021
|
News
:
Signing Letter of Intent Consortium Automated Security Operations
Good preparation is essential to cyber resilience
The odds of an organization being affected by a cyber incident are 1 in 8. But preparing for and practicing a cyber crisis is hardly done. "Good preparation is essential to limiting the damage" states Job Kuijpers, CEO at EYE Security. Organizations often discover a cyber incident too late. At that point, something is already wrong; a lot of money has disappeared, data has been stolen or all systems have been locked down by ransomware. That is the moment when processes come to a standstill and it becomes clear that an organization has been affected.
28 January 2022
|
News
:
Cyberaanvallen: ‘Een crisismanager moet inhoudelijk snappen waar het over gaat’
Cyberweerbaar NL is developing a cyber incident monitor
Cyberweerbaar NL is developing a Cyber Crisis Monitor to improve cyber resilience by learning from cyber incidents. The monitor will register incidents and share key lessons learned by participating organisations. It will focus on behavioural and organisational factors that contribute to the occurrence or resolution of cyber incidents.
The project is funded by the SPRONG Grant, awarded by the SIA Directorate to The Hague University of Applied Sciences (THUAS), Saxion, NHL Stenden University of Applied Sciences, and a large consortium of societal partners. The grant aims to enhance cooperation in the field of cyber resilience over the next eight years.
Security Delta (HSD) is contributing to this consortium for approximately two years with 60 project hours per year. HSD has written a memorandum about the success factors of the Cyber Crisis Monitor and has made several connections. The success of the monitor depends on the willingness of organisations and participants to report and upload information about incidents.
21 March 2024
|
News
:
Development Cyber Crisis Monitor: Learning from Cyber Incidents
Proper assignment formulation and thorough supervision of the execution of security tests
Proper assignment formulation and thorough supervision of the execution of a security test ensure a result that meets the needs of the client.
Ideally, security tests do not provide any major surprises, but provide confirmation of the quality of the development process.
30 March 2021
|
Report
:
Whitepaper Securitytesten
Increased cooperation within the healthcare sector creates cybersecurity risks
cooperation creates openness in a chain by exchanging (sensitive) data. And the weakest link in a chain creates increased security risks throughout the chain. These risks can be specifically traced back to an increased risk of data leaks and cyber attacks. For example, ICT facilities such as chat and video, customer portals and medical equipment (sensors in combination with self-measuring instruments) often use the internet over which sensitive data is exchanged between specialists and clients. In addition, clients are often not aware of the security risks. An additional issue is that there is a great variety of medical equipment that does not always meet the security requirements. In addition, location independence and self-reliance also increase the risk of data breaches and misuse by cybercriminals and malicious employees.
14 June 2021
|
Report
:
Identity & Access Management voor de Zorg
Identity and access management (IAM) for secure healthcare
Cooperation with (chain) partners but also with third parties (for example suppliers) requires a number of security measures that do not stand in the way of the cooperation benefits, but at the same time guarantee the security of the data exchange. IAM offers many advantages and lays the foundation for further security. It helps prevent data leaks and increases privacy, it enables integration with partners in the chain and with third parties in the cloud, and it creates administrative relief and operational cost savings.
14 June 2021
|
Report
:
Identity & Access Management voor de Zorg
Tools are developed in order to make ICS-SCADA systems more resilient
The 'Security Check Process Automation' has been developed in a public-private partnership in order to make ICS-SCADA systems more resilient. The tool allows organisations to quickly identify potential risks and protective measures they can take against them.
"I am particularly pleased to be able to offer a practical self-scan to organisations that use ICS or OT devices. There is great diversity in security maturity within the ICS domain. There are organisations that are very mature, but there are also organisations that need to significantly increase the digital resilience of their ICS landscape, but unfortunately lack the knowledge to do so. I hope that with this tool we can provide help to all of them."
23 August 2021
|
News
:
Launched: Tool to Increase Cyber Resilience in OT Environments
Companies are collaborating in the field of Customer Identity & Access Management SaaS
Two Dutch companies have merged their forces in order to become the largest European vendor of Customer Identity & Access Management (CIAM) SaaS. The merger expedites the combined vision of making digital business for all European enterprises simple and safe.
Catering for an outstanding omnichannel and frictionless (digital) customer experience is key for online services, no matter whether customers use web or mobile technology. Privacy protection and implementing the highest security standards have defined proper stewardship. Who the user is, what the user is allowed to do, enabling the user to opt-in or out defines the relationship and its governance. Identity management therefor is fundamental to any online interaction.
23 August 2021
|
News
:
Onegini and Iwelcome Merge to Become The Largest European Identity & Access Management Software Vendor
Cybercrime increasingly affects businesses and individuals
“Cybercrime increasingly affects businesses as well as individuals and with a cost of cybercrime in hundreds of billions of euros the demand for skilled professionals will continue to grow.”
24 August 2021
|
News
:
Results International Cyber Security Summer School 2019
Experts from law enforcement, the private sector and academia are sharing knowledge on cybercrime
Experts from law enforcement, the private sector and academia are sharing knowledge on cybercrime. The conference looked at ways how to effectively combine the expertise, resources and insights of law enforcement, the private sector and academia to make the internet a more secure environment, especially in a society, which is becoming increasingly dependent on digital capabilities.
Two conclusions of the conference:
Business Email Compromise (BEC): while BEC is not new, it is evolving, causing increasing economic damage. BEC exploits the way corporations do business, taking advantage of segregated corporate structures, and internal gaps in payment verification processes.
Dark web: as the dark web evolves, it has become a threat in its own right, and not only as a medium for the sale of illicit commodities such as drugs, firearms or compromised data. The impact of law enforcement action in this arena is palpable as the environment remains in a state of flux.
24 August 2021
|
News
:
Recap 7th Europol-INTERPOL Cybercrime Conference 2019
Organisations are collaborating in the field of cyber certification processes
Since the EU Cybersecurity Act came into force at the end of last year, it has become increasingly important for organisations to be able to demonstrate that they have taken all necessary measures against potential cyber threats. This is also mandatory in the critical infrastructure.
Two organisations are collaborating and sharing knowledge in the field of cyber certification processes. The collaboration between both companies, with each their unique expertise and high quality standards, will contribute significantly to the protection of digital resilience of companies and organisations.
24 August 2021
|
News
:
Hudson Cybertec Supports TÜV Nederland With Cyber Security Certification in Critical Infrastructure
Cyberattacks on SME's are increasing
Cyberattacks on SME's are increasing yearly by 20%. The yearly costs of these attacks are between 2 and 4 billion dollar in the province of Zuid-Holland. Expectations are that both the number of attacks and the damages that accompany them will continue to rise.
6 January 2023
|
Report
:
Cyberweerbaarheid in de Logistieke Sector
Cyberattacks in the transport sector threaten essential processes
Around 20% of cyberattacks on SMEs in the transport sector hit the IT systems, disrupting essential processes, crippling the company.
6 January 2023
|
Report
:
Cyberweerbaarheid in de Logistieke Sector
Corporate strategy and culture influences the cyber resilience of companies in transport sector
Important elements in corporate strategy and culture influencing cyber resilience are: the importance that is put on cyber security, whether IT (and cyber security) is outsourced or not, whether companies have a crisisplan or not, and whether companies test their crisisplans.
6 January 2023
|
Report
:
Cyberweerbaarheid in de Logistieke Sector
Employees can be the strongest or weakest link in a company's cyber resilience
Companies in the transport sector acknowledge that there is not enough attention to insider threats. A malicious person chooses the weakest point of entry, which are often the employees.
6 January 2023
|
Report
:
Cyberweerbaarheid in de Logistieke Sector
Increase in data leaks by employees
Employees are increasingly getting involved in data leaks, wether this is done intentionally or not.
11 June 2021
|
External
:
Top 10 cybersecurity trends to watch out for in 2021
Artificial intelligence (AI) will play an increasing role in both cyber- attack and defense
AI is the new arms race, but unlike earlier arms races, anyone can get involved – there’s no need for the sort of resources that were previously only available to governments. This means that while AI is undoubtedly being researched and developed as a means of crippling an enemy state’s civil and defense infrastructure during war, it’s also easily deployable by criminal gangs and terrorist organizations.
14 April 2021
|
External
:
The 5 Biggest Cybersecurity Trends In 2020 Everyone Should Know About
The cybersecurity skills gap continues to grow
During 2020, research suggests the number of unfilled cybersecurity jobs will increase from just 1 million in 2014 to 3.5 million. This deficit of skills is likely to become a growing matter of public concern during the early part of this new decade.
14 April 2021
|
External
:
The 5 Biggest Cybersecurity Trends In 2020 Everyone Should Know About
AI has the potential to contribute to the security of The Netherlands
AI has the potential to contribute to the security of The Netherlands, without the government becoming some kind of Big Brother. Not only to fend off cyber attacks, but also (and perhaps especially) in the detection and prevention of crime. But then a good infrastructure is needed that makes this possible, valuing information sharing, collaboration, and a clear focus on the societal goal.
8 June 2021
|
Report
:
Aan de slag met AI binnen de overheid
Top threats to business’s cybersecurity in 2023 and beyond
Whether it’s the rise of increasingly sophisticated attack methods, lack of employee knowledge, or insufficient defenses, the threats to your business’s cybersecurity are vast and ever evolving. It's important to explore the top cybersecurity trends and threats that your organization should be protecting against now and in the future.
20 December 2023
|
Report
:
Exploring Modern Cyberthreats and How your Business can Combat Them
The high stakes of ignoring cybersecurity: business survival vs. digital havoc
Cybersecurity awareness and best practices are crucial to the survival of your business. Choosing to ignore cybersecurity’s importance in the face of constantly advancing threats could wreak digital havoc and bring your business to its knees. Consequently, repercussions for businesses that don't prioritize cybersecurity will follow.
20 December 2023
|
Report
:
Exploring Modern Cyberthreats and How your Business can Combat Them
Resilient Delivery Strategic Security Trend 2021
Resilient delivery: Whether a pandemic or a recession, volatility exists in the world. Organizations that are prepared to pivot and adapt will weather all types of disruptions.
30 March 2021
|
External
:
Gartner Top Strategic Technology Trends for 2021
