Access to Innovation
Access to Capital
Access to Talent
Access to Market
Access to Knowledge
Date Trend snippet:
05 December 2023
Relevance date:
2020, 2021, 2022, 2023
Type of Treath or Oppertunity
Domain of application
Source of threat
Trends in Security
Trends in Security Information
The HSD Trendmonitor is designed to provide access to relevant content on various subjects in the safety and security domain, to identify relevant developments and to connect knowledge and organisations. The safety and security domain encompasses a vast number of subjects. Four relevant taxonomies (type of threat or opportunity, victim, source of threat and domain of application) have been constructed in order to visualize all of these subjects. The taxonomies and related category descriptions have been carefully composed according to other taxonomies, European and international standards and our own expertise.
In order to identify safety and security related trends, relevant reports and HSD news articles are continuously scanned, analysed and classified by hand according to the four taxonomies. This results in a wide array of observations, which we call ‘Trend Snippets’. Multiple Trend Snippets combined can provide insights into safety and security trends. The size of the circles shows the relative weight of the topic, the filters can be used to further select the most relevant content for you. If you have an addition, question or remark, drop us a line at info@securitydelta.nl.
visible on larger screens only
Please expand your browser window.
Or enjoy this interactive application on your desktop or laptop.
More Robust Cybersecurity is Needed in Corona Times
Remote work became the new norm because of the corona crisis. This brings new challenges for IT administrators, and more robust cybersecurity is needed to cope with these challenges.
More source info
Security is een issue dat zowel het management als de IT-afdeling van een organisatie continu bezighoudt. Soms ontwikkelt IT-veiligheid zich ook tot een potentieel hoofdpijndossier. Door de coronacrisis is thuiswerken de nieuwe norm geworden. Daardoor krijgen managers en IT-beheerders te maken met nieuwe uitdagingen als het gaat om veilig digitaal werken.
Hoe zorg je ervoor dat data en andere bedrijfsmiddelen weer veilig terug naar kantoor komen als mensen vanuit huis werken? Het openstellen van netwerken leidt bovendien tot een bredere scope, waardoor je ITlandschap lastiger beheersbaar wordt en de kans op hacks, datalekken en boetes toeneemt
Hacks en datalekken
Jaren hard werken die met een paar muisklikken in rook opgaan. Het overkwam Xander Koppelmans, de eigenaar van een goedlopend reclamebureau. Ondanks geregelde investeringen in automatisering en het maken van back-ups, werd hij toch het slachtoffer van een ‘ddos-achtige’ hack die alle backupservers, harddisks en werkstations leegroofde. De aanval bleek afkomstig te zijn uit China, waardoor de identiteit van de dader zo goed als onmogelijk te achterhalen is.
Ook Natascha Rouette, eigenaar van het videoproductiebedrijf Media Inn, had de beveiliging aardig op orde, maar raakte toch een groot deel van haar werk en gegevens kwijt door een ransomware-aanval. Het midden- en kleinbedrijf blijkt een interessant doelwit te zijn voor hackers. De IT-kennis is er vaak beperkt, terwijl de afhankelijkheid van IT groot is. Dat in principe iedereen ten prooi kan vallen aan cybercriminaliteit, bewijst ook het datalek waarmee marktplaatsgigant bol.com in juli van 2020 kampte. Drie weken lang toonden de website en app van de webwinkel de adressen van de duizenden verkopers die normaal alleen zichtbaar zijn als iemand ook daadwerkelijk iets bij de bekende internetwinkel koopt. De oorzaak: een fout bij het splitsen van particuliere en zakelijke verkoopaccounts. Bij zakelijke aanbieders hoort het adres wel altijd zichtbaar te zijn, bij particuliere alleen als iemand iets aanschaft.
Omdat Guardian360 bedreigingen ook toetst aan diverse normen en richtlijnen (ISO 27001, DIGID, BIO, NEN7510), krijg je ook gelijk inzicht in je compliancy.
More trend snippets in SME's (including employees)
This threat landscape paper provides valuable insights into emerging trends in terms of cybersecurity threats, threat actors’ activities as well as vulnerabilities and cybersecurity incidents.
The ENISA Threat Landscape 2023 report is a comprehensive overview of the cybersecurity landscape, drawing insights from open sources and ENISA's Cyber Threat Intelligence capabilities. It covers various cybersecurity threats, including threat actors, CVE landscape, ransomware, malware, and more. The report categorizes threat actors, providing insights into their motives, impact, and tactics. It emphasizes the challenges of attribution and highlights the misuse of legitimate tools by state-nexus groups. Additionally, the report addresses evolving tactics of cybercriminals, hackers-for-hire, and hacktivists. It provides recommendations for threat mitigation and offers valuable insights into the attributed threat actors during the reporting period. Overall, it serves as a crucial resource for understanding emerging threats and cybersecurity trends.
31 January 2024
|
Report
:
ENISA Threat Landscape 2023
Digitalization is making Dutch society increasingly vulnerable
Due to the continuing digitalization of Dutch society, the offline and the online worlds are becoming interconnected. More devices contain digital technology, more services are rendered by digital means and more data is processed digitally. Since the cyber resilience of these developments is often subpar this constitutes an increase of Dutch vulnerability.
30 March 2021
|
Report
:
Cyberweerbaar met nieuwe technologie
Lack of expertise and talent in cyberresilience
Many different organizations and reports show us that there is a large lack of experts in the field of cyberresilience. Both in the Netherlands and globally.
30 March 2021
|
Report
:
Cyberweerbaar met nieuwe technologie
A lack of Information exchange and governmental control are factors influencing the cyber resiliency of the Dutch society
The current state of cyber resiliency of the Dutch society is influenced by a lack of information exchange between governmental organisations and businesses, and a lack of a central (governmental) authority. Without the presence of a central authority, there is no control over investments in the cyber domain and issue prioritisation regarding cyber resilience. Also, the lack of information exchange affects the way in which organisations and businesses can counteract various (advanced) cyberthreats.
10 May 2021
|
Report
:
A polarized industrial landscape may emerge in the post-pandemic economy
As economies emerge from the shock and stimulus of COVID-19, businesses face a shakeout. Existing trends have been given fresh momentum by the crisis: nationally focused agendas to stem economic losses, technological transformation and changes in societal structure—including consumer behaviors, the nature of work and the role of technology both at work and at home. The business risks emanating from these trends have been amplified by the crisis and include stagnation in advanced economies and lost potential in emerging and developing markets, the collapse of small businesses, widening the gaps between major and minor companies and reducing market dynamism, and exacerbation of inequality; making it harder to achieve long-term sustainable development.
31 May 2021
|
External
:
The Global Risks Report 2021
Large companies take more measures against cyberthreats
It can be seen that easily applicable measures against cyberthreats are both implemented by small and large companies. For example, more than 80% of all companies utilise anti-virussoftware. However, difficult measures are mostly implemented by larger companies. For example, the use of VPN is larger at big companies.
25 August 2021
|
Report
:
Cybersecuritymonitor 2020
The use of two-factor authentication has increased in the last four years
The utilisation of soft- and hardware tokens (two-factor authentication) to login at a company has increased in the last four years. The utilisation at large companies has increased from 71% in 2016 to 87% in 2019, at SME's it has increased from 29% in 2016 to 54% in 2019 and at small companies it has increased from 23% in 2017 to 42% in 2019.
25 August 2021
|
Report
:
Cybersecuritymonitor 2020
Large companies outsource their ICT-security more often than small companies
About half of the small companies in the Netherlands perform their ICT-security on their own, whilst only 20% of large companies do this on their own. Consequently, large companies have more resources which they can use to outsource their security to other companies.
25 August 2021
|
Report
:
Cybersecuritymonitor 2020
The number of Dutch domain names with DNSSEC is steadily increasing
The percentage of .nl domain names with DNSSEC is steadily increasing. Between the 1st of June 2021 and 1th of October 2020, it has increased from 0 to 56 procent.
25 August 2021
|
Report
:
Cybersecuritymonitor 2020
Large companies report more cyber-related incidents than small companies
From 2016-2019, large companies consistently report more cyber-related incidents than small companies. This has several reasons. For internal incidents, like the disruption of hard- and software, the complex infrastructure of large companies provides a bigger chance of hard- and software malfunction. For external incidents, larger companies are a more interesting target for cybercriminals, leading to potential disruption.
25 August 2021
|
Report
:
Cybersecuritymonitor 2020
Half of the ICT-incidents are not associated with additional costs
From 2016-2019, it can be seen that half of the ICT-related security incidents are not associated with additional costs. This is the case for internal as well as external incidents.
25 August 2021
|
Report
:
Cybersecuritymonitor 2020
The number of internal and external ICT related incidents has decreased
Over the years 2016-2019, the number of internal and external ICT related incidents has decreased. For example in 2016, almost 40% of large companies dealt with ICT related security incidents, whilst in 2019 this number decreased to 20%.
25 August 2021
|
Report
:
Cybersecuritymonitor 2020
In 2019 more data leakages have been reported to the Dutch Data Protection Authority
In 2019, more data leakages have been reported to the Dutch Data Protection Authority, compared to 2018. In 2019, 26956 were reported, whilst in 2018 this number was 20881. Most of the reported data leakages came from the Dutch health sector, financial sector and public administration.
25 August 2021
|
Report
:
Cybersecuritymonitor 2020
64% of data leakages only affect one person
The majority of data leakages in the Netherlands, namely 64%, only affect one particular person. Only 4% of data leakages affect more than 500 people. Such data leakages are mostly caused by hacking, malware and/or phishing.
Most data leakages that are caused by hacking and phishing occur in the healthcare sector (18%).
25 August 2021
|
Report
:
Cybersecuritymonitor 2020
Lessons learned from Citrix software vulnerabilities
On December 17, 2019, US software manufacturer Citrix made a public announcement on its website that a number of their software products contained a vulnerability. This vulnerability allowed attackers to penetrate the digital systems of organizations using these products. Citrix indicated what measures organizations could take to temporarily solve the problems, but did not yet have a definitive solution. The Dutch Safety Board investigated what lessons can be learned from the way in which the parties involved dealt with the risks of vulnerabilities in Citrix software and other incidents in which vulnerabilities in software were abused by attackers. This involved looking at both the prevention and control of such incidents.
1 February 2022
|
Report
:
Kwetsbaar Door Software
Implementing Zero Trust dampens the impact of a data breach
According to the IBM 2021 Cost of a Data Breach Report, companies who have experienced a data breach, but have implemented Zero Trust principles at a mature stage manage to preserve up to nearly 2 million dollars more than those organizations which have not implemented Zero Trust principles.
20 January 2023
|
Report
:
The What, How, and Why of Zero Trust Cybersecurity
Risk management of dependencies and vulnerabilities in the IT supply chain is increasingly important
Due to the increasing (digital) entanglement of (digital and physical) supply and production chains, disruptions in these chains can have a major impact. Organizations are increasingly dependent on a network of providers for the continuity and security of their processes, with whom they do not always have a contract. Risk management on all those dependencies in the supply chain is becoming increasingly important, both to provide insight into risks and to control them with possible measures.
3 June 2021
|
Report
:
TNO 2021 R10245: Vraagstukken en perspectieven voor ICT SCRM – een initiële verkenning
A broad view of supply chain risks is important but sometimes difficult to organize in practice
A broad view of supply chain risks is important but this is sometimes difficult to organize in practice and is certainly not always well invested. The complexity of supply chains means that only a part of suppliers and dependencies can be mapped. Is it a supplier's product or one of the components, such as firmware or chips, does it deal with outsourcing or even the subcontractors? They do not have the capacity to map out more than the first-line suppliers in their own IT chains and the complexity of these relationships is also too great. There is a need to get a better grip on this and to engage with sector partners.
3 June 2021
|
Report
:
TNO 2021 R10245: Vraagstukken en perspectieven voor ICT SCRM – een initiële verkenning
Increasing use of cloud services poses cybersecurity risks
Managing the risks arising from the purchase of cloud services has emerged as a challenge. The trend of migration from IT infrastructures to cloud services will play an important role in the SCRM issue. The customer of the cloud service has no insight into which suppliers contribute to product development within the cloud environment, which is precisely the strength, the knowledge lies with the supplier and the customer does not have to worry about this, but one needs more insight here. Moreover, there is a limited number of large suppliers of cloud services, as a result of which different organizations (will) purchase the same service from the same party. This results in a shared dependency, which means that a disruption of this service can manifest itself all the more extensively. On the other hand, in general, these larger suppliers are reliable in cloud services and this is also the reason that many organizations use them. When looking at what kinds of risks or challenges are seen, this ranges from general cybersecurity threats, such as data leaks, hacked data, or a vulnerability that is used as a stepping stone, to specific risks.
3 June 2021
|
Report
:
TNO 2021 R10245: Vraagstukken en perspectieven voor ICT SCRM – een initiële verkenning
Shortcomings in scientific literature with regards to supply chains
Scientific literature in particular deals with matters that can generally play a role in supply chains and not so much with threats, vulnerabilities and capabilities that are actually on the radar of companies from specific sectors (and the degree in which this differs or corresponds between supply chains). In addition, there is in general limited research conducted into the phenomenon of cyber resilience within supply chains
19 June 2021
|
Report
:
Cyber-Ketenweerbaarheid
Cyber specific threat within the agricultural sector
A cyber specific threat within the agricultural sector is a stepping stone-attack. In general, installations of agricultural companies (control equipment) can be controlled remotely and are controlled by suppliers managed. The devices are therefore susceptible to takeover by malicious parties via the network of suppliers (stepping stone attack). The security of such devices is often not enough, according to a ICT service provider.
19 June 2021
|
Report
:
Cyber-Ketenweerbaarheid
Cyber specific vulnerabilities within the agricultural sector
There are several vulnerabilities noted, the first being the dependence on ICT. Installations in the stables of agricultural companies are often dependent on ICT. The second vulnerability is unsafe behavior. According to an IT service provider, frugality and a lack of
knowledge the two main problems in the agricultural sector in the field of cyber security. Thus, end users no awareness of the potential risk they pose and scrimp agricultural companies often rely on cyber security. The third and fourth vulnerabilities are the lack of contracts and consultation on cybersecurity, and poor IT security at partners.
19 June 2021
|
Report
:
Cyber-Ketenweerbaarheid
Internal lessons for preventing and combating cyber incidents within agricultural supply chains
For the internal cyber security there are two lessons mentioned: training endusers and disconnecting equipment from the internet. According to cybersecurity experts, it is important to explain to employees how to behave, both by ICT service providers as well as by the management of agricultural companies themselves. Disconnecting equipment from the internet shrinks the attack surface.
19 June 2021
|
Report
:
Cyber-Ketenweerbaarheid
Cyber specific threat within the floriculture sector
There are two cyber specific threats within the floriculture sector: stepping stone-attacks and ransomeware. Systems in the sector, such as cultivation systems and climate systems,
are generally controlled by a logistics program of a supplier and are therefore external accessible. The network of those suppliers therefore constitutes a possible entry point for a cyber attack. Ransomware attacks occur approximately once a year within the floriculture companies that have been spoken with.
20 June 2021
|
Report
:
Cyber-Ketenweerbaarheid
Cyber specific vulnerabilities within the floriculture sector
There are seven vulnerabilities explained, the first being dependency of IT as Internal logistics processes within the floriculture sector are mostly automated and play a central role in the business operations. The second vulnerability is unsafe behavior, for example laziness and lack of priority and knowledge when it comes to cyber security. A third vulnerability is the lack of contracts and deliberation about cyber security. A fourth vulnerability is that of bad or inadequate IT security of partners. Following these vulnerabilities are a lack of information/dataflow, a lack of adequate response and coordination during security incidents and a lack of initiative coming from IT-suppliers in improving digital safety.
22 June 2021
|
Report
:
Cyber-Ketenweerbaarheid
Internal lessons for preventing and combating cyber incidents within floraculture supply chains
The first lesson is that of learning from (potential) incidents. Incidents of near misses should be used as tools to explain the importance of cyber security to staff and management. The second lesson is two step verification, which means employees will have to verify through their phones when they want to log in. This is in general a good security strategy.
22 June 2021
|
Report
:
Cyber-Ketenweerbaarheid
Lessons for cyber security between supply chain links within the floriculture sector
There are six lessons to be learned, the first being that of separated environments. It's important for the networks of different companies to be separated to minimize the possibilities of total network access. The second lesson is drawing up contractual requirements and agreements with regards to cyber security. The third lesson is to find a balance between contractual requirements and partnership. The relationship between an IT supplier and the customer needs to be based on partnership. The fourth lesson is enabling the dataflow to smaller chain partners, as they are in need of concrete advise or measures. The last lessons are the importance of structural deliberation between partners and the avoidance of shared expertise.
22 June 2021
|
Report
:
Cyber-Ketenweerbaarheid
Cyber specific threats within the trade sector and supply chain
There are three cyber specific threats for the trade sector and supply chain(s): stepping-stone attacks, ransomware and social engineering.
22 June 2021
|
Report
:
Cyber-Ketenweerbaarheid
Cyber specific vulnerabilities within the trade sector and supply chain
There are five vulnerabilities mentioned, the first being dependency on IT. Play during the registration, sorting and delivery of products IT processes play a central role, such as sorting systems in distribution centers and scheduling systems for the delivery of ordered products. The second vulnerability is unsafe behavior of end users. The other vulnerabilities are bad IT security of partners, a lack of contracts and deliberation about cyber security, and an inadequate datastream.
22 June 2021
|
Report
:
Cyber-Ketenweerbaarheid
Internal lessons for preventing and combating cyber incidents within the trade sector and supply chain
There are two lessons mentioned for internal security. The first lesson is internal development and maintenance of systems. Systems and databases are often developed and maintained by external parties. To reduce dependance it is important that these processes will be done internal. The second lesson is that of fully covering procedures. Internal procedures and protocols should be made about how employees should behave.
22 June 2021
|
Report
:
Cyber-Ketenweerbaarheid
Lessons for cyber security between supply chain links within the trade sector
The four lessons are separated network environments to reduce direct risk, contractual requirements and agreements in the field of cyber security, data stream to smaller chain partners, and structural deliberation between suppliers and users.
22 June 2021
|
Report
:
Cyber-Ketenweerbaarheid
Technological opportunities and weaknesses in The Netherlands
The role of advanced technologies, such as virtual reality, augmented reality and Artificial Intelligence, is growing. Risky applications, such as deepfakes, call for vigilance to safeguard privacy and fundamental rights. In addition to risks, advanced technologies also provide opportunities for an open, prosperous society and more efficient service delivery. For example, advanced technology is helping to combat the corona crisis. Technology is also being used and further developed for the benefit of detection. Applications that are
currently under development, such as metaverse and quantum computing, will also find their way into government, business and society.
16 February 2022
|
Report
:
Strategisch Omgevingsbeeld 2021
Strategic view on national security in The Netherlands
The security of the Netherlands is constantly threatened by foreign government agencies in order to promote their own economic and political-strategic interests. They use espionage (digital) sabotage and (covert) influence. This affects the prosperity, stability and openness of our society. Government agencies also outsource operations to criminal groups. Advanced digital means are used. Classic means, such as influencing companies through investments and theft of company secrets, remain part of the modus operandi. In the Netherlands, companies and knowledge institutions are the main targets. But vital infrastructure, such as energy supplies and water management, is also targeted,
and Dutch social cohesion are increasingly under threat.
16 February 2022
|
Report
:
Strategisch Omgevingsbeeld 2021
Few worries about digital security in a work situation
73% say they worry very little about their online safety in a work situation. This percentage is higher than last year (66%).
22 January 2021
|
Report
:
Veilig Online 2020
Employees' home network is the weak spot for companies: Three out of ten people who work from home still have the default password on their router
The occurrence of online risks is more closely monitored and observed in the work situation than in the private situation. Companies do a lot to have online security in order. However, with a lot of people working from home due to the pandemic, the home network and home situation could well become the Achilles heel of the corporate network; router passwords are not changed and children use company hardware.
Most Dutch people also do not have a clear picture of what safe online behavior means at work (57%) or in a private situation (52%). The corona crisis has forced more people to work from home. 48% of working Dutch people indicate that they have worked from home in the past 12 months. They often use a network connection with a password at home (78%). This password still appears to be the default password of the router relatively often (29%). Employees are often unable to state what their employer has done about special measures to make working from home possible since the corona crisis (57%). 16% indicate that his / her employer has made business equipment available.
22 January 2021
|
Report
:
Veilig Online 2020
Most companies have agreements about how to behave safely online. It is not difficult to keep to work agreements, but these agreements can be communicated more clearly
Seven out of ten (69%) working Dutch people indicate that agreements have been made with their company / organization about online safe behavior. 13% indicate that no agreements have been made at their company / organization. Agreements that have been made often concern the secure sending / exchange of files (35%), the use of websites and / or e-mail (33%), that only system administrators can install software (31%) and send exchange of personal data (31%).
Those who have work agreements (69%) do not find it difficult to (always) keep those agreements (81%). About half (46%) do experience obstacles in guaranteeing agreements about safe online behavior. This is mainly due to the way of communication. This is not always clear (13%), not sufficient (13%) or unambiguous (12%).
22 January 2021
|
Report
:
Veilig Online 2020
Varying trend regarding the number of left-wing and anarchist related terrorist attacks
The number of left-wing and anarchist related terrorist attacks has varied since 2015. Whilst in 2015 the number of incidents was 13, an increase can be seen in 2016 (27) and 2017 (24). A drop in the number incidents followed in 2018 (19), but reached the levels of 2016 and 2017 again in 2019 (26). In 2019, all of the attacks were committed in Greece (2), Italy (22) and Spain (2).
12 May 2021
|
Report
:
European Union Terrorism Situation and Trend report 2020
A sharp increase in the number of arrests on suspicion of left-wing or anarchist terrorism
In 2019, a sharp increase can be seen regarding the number of arrests on suspicion of left-wing or anarchist terrorism. Whilst the number of arrests was respectively 36 and 34 in 2017 and 2018, in 2019 this number increased to 111. Most of the arrests were related to confrontations and violent demonstrations in Italy (71 of 111). These arrests were made on the suspicion to commit a terrorist attack in combination with membership to a terrorist group.
12 May 2021
|
Report
:
European Union Terrorism Situation and Trend report 2020
Insider threats in Dutch SME's
Insider threats are incidents that are caused by the deliberate or unconscious actions of own staff. For example, a former employee can remove data from a server because that person still has access to that server wrongfully, an employee can share data in an unsafe way so that third parties can view it, or a trainee can post a photo on social media showing sensitive information about the organization. The research group has therefore started a line of research into insider threats in order to contribute to the security of organizations in the Netherlands. They are currently conducting two parallel lines of research: a systematic review of the empirical literature on these insider threats and a study of the nature and extent of such incidents in the Netherlands.
30 November 2021
|
Report
:
Van Theorie naar Praktijk
Cyber resilience for SME's
Cyber resilience is defined here as the ability to resist known and unknown forms of cyber
crime and recover quickly from a cyber crisis. The report investigated how SMEs in the metals sector organize their cyber-security and related security measures and how this process can be improved. It turns out that the companies surveyed are fully digitized and dependent on ICT for their primary process. The implementation and maintenance of this ICT is outsourced to external ICT suppliers. Many directors also (partially) outsource security to these ICT suppliers. As a result, these ICT suppliers implement generic technical measures without specifically looking at the organization in question and its risks. Crucial measures aimed at the organization of the company and the behavior of personnel are then often omitted.
30 November 2021
|
Report
:
Van Theorie naar Praktijk
IoT security challenge: cybersecurity and privacy by design
To build cybersecurity and privacy by design into IoT, a set of security principles should be adopted and adhered to. There is currently no single set of IoT security and privacy principles that is internationally recognized and adopted. The diversity in proposed IoT security principles between different countries and initiatives illustrates a lack of collaboration, especially between governments. Due to the lack of globally-adopted principles, a language towards common understanding of shared IoT challenges and issues is lacking. Such a language is required to define a global governance process. Consumers and companies are not uniformly aware of the cybersecurity risks and may not be equipped to respond properly.
7 June 2021
|
Report
:
The IoT Security Landscape
IoT security challenge: lack of standardization
Security standards and guidelines are required for development and operations to stimulate the adoption of secure IoT devices. While numerous standards exist in the IoT space, IoT security has not been standardized significantly until now; a recent ETSI standard is one of the first efforts to standardize IoT security. Manufacturers may not have the expertise to make use of the available guidelines and recommendation. Usability of security guidelines is a challenge and requires more research. While numerous sets of IoT security recommendations exist, it is important to harmonize and align these for global acceptance and adoption as a precursor to developing evaluation and certification schemes.
7 June 2021
|
Report
:
The IoT Security Landscape
IoT security challenge: supply chain security
Modern products are assemblies of parts and components supplied by multiple vendors. To accelerate time-to-market and to reduce costs, device manufacturers increasingly use as many as possible off-the-shelf components using complex, globally distributed, and interconnected supply chains composed of various entities with multiple tiers of outsourcing. However, vulnerabilities can be introduced and exploited at any point in the supply chain. IoT hardware and software manufacturers and suppliers should adopt a cyber supply chain risk management framework (ISO28000, NIST). Cybersecurity requirements, risk and liability should be cascaded into the supply chain via contractual agreements. Organisations wield both contractual and economic power over suppliers. It is important to encourage the use of open frameworks and provide transparency for supply chain security information flows.
7 June 2021
|
Report
:
The IoT Security Landscape
Cyber risks while working from home
Due to the coronavirus and the corona measures in 2020 and 2021, probably never before have so many Dutch people worked from home at the same time. In the media, several experts have pointed out the cyber risks of working from home. This is highly relevant for SMEs because SMEs are the backbone of the Dutch economy (61% of GDP, 70% of employment, total turnover of €888 billion), while we also know that this group of companies is relatively often the victim of cyber-attacks and has few resources at its disposal to guard against them. At the same time, SMEs are probably not well equipped to support (massive) home working and have therefore had to improvise in a hurry and with mostly limited resources to enable home working.
30 November 2021
|
Report
:
Van Theorie naar Praktijk
Supply chain vulnerability and resilience
Supply chains contain cyber risks. Cooperation in the system is usually based on mutual trust and mitigating the cyber risks is mostly absent. Stepping stone attacks are used to infiltrated a vulnerable organization in the supply chain in order to attack a larger and better protected company. Investments in the resilience of the supply chain as well as the individual organization is necessary to contain threats.
30 March 2021
|
Report
:
Cyber-Ketenweerbaarheid
Lectoraat Cybersecurity in het mkb
Cybercrime - and along with that cybersecurity - is a huge social problem. The criminological study of cybercrime is still in a early stage. It is not just essential to exercise thorough scientific research (long-term) but also the practices and acute problems in the here and now. Technology plays an important role in cyber incidents but we are talking about men who exercise those cyber attacks, people who - known or unkown- collaborate in those cyber attacks, people who become a victim and people that conduct themselves to stopping those cyber attacks.
21 December 2021
|
Report
:
Jaarverslag 2020 - Lectoraat Cybersecurity in het mkb
Threat against primary targets and targets as a springboard
The annual report (= het jaarbeeld) shows that many types of organizations are targeted by attackers. It can vary by country and by type of espionage at which state actors focus their political espionage activities. For example, top sectors in the Netherlands are an obvious target for economic espionage and the national government for political espionage. Vital processes are a popular target for sabotage by state actors. Wealthy organizations are a favorite target of cyber criminals. In addition to the "primary" targets mentioned, attackers also target targets that can form a springboard to other targets. The digital space, the mostly global supplier chains and concentrations of personal data are ideally suited for this. This concerns, for example, suppliers of hardware and software, vital processes, such as those of telecom companies, or organizations that collect and process personal data on a large scale, including medical and employee data. For these "derived" targets, actors actively look for weak links in chains, as a stepping stone to (more) interesting targets. This means that sectors or organizations that seem to be of no interest to attackers can still be interesting as a stepping stone to another primary target.
The threat also exists because outages can occur at or via these targets. For example, system failure due to technical failure or failure due to human errors in implementation
13 January 2021
|
Report
:
Cybersecuritybeeld Nederland
In 2020, financial institutions have allocated more resources to cybersecurity programs
Survey respondents amongst various financial institutions reported an increase in cybersecurity spending, with identity and access management, cyber monitoring and operations, and endpoint and network security receiving the largest sums of money. The first reason why more money is spent on cybersecurity is because of the COVID-19 pandemic. Due to office closures and restricted movement, financial institutions are forced to accelerate their digitisation efforts. Also, boards and executive management teams endure increased pressure, which has heightened their interest in cybersecurity.
11 March 2021
|
Report
:
Reshaping the cybersecurity landscape
Despite a decrease in instances ransomware remains the top threat according to cybercrime investigators and the second most prominent threat for the private sector.
The volume of ransomware attacks decreased throughout 2018. The decrease may be a result of increased awareness of potential victims, increased use of mobile devices, declined usage of exploit kits and more focused targeting of private and public entities. This more specialized focus on more valuable targets thus compensates the for the lower volume of attacks and does not diminish the threat ransomware poses.
14 April 2021
|
Report
:
Challenges for financial organisations in managing cybersecurity
In 2020 the top three cybersecurity challenges that financial organisations face are first, rapid IT changes and rising complexities, second, a lack of skilled cyber professionals and third, business growth and expansion. Also, utilised emerging technologies can become a target of cyberattacks. Therefore it remains a business issue how to embed cybersecurity into new products, services and channels.
29 April 2021
|
Report
:
Reshaping the cybersecurity landscape
Top five emerging technology priorities for financial organisations
In 2020, the top five emerging technologies for financial organisations are respectively, cloud, data and analytics, artificial intelligence and cognitive computing, robotic process automation (RPA) and mobile phones. Also, most large financial firms expect to increase the adoption of software-as-a-service and platform-as-a-service capabilities.
29 April 2021
|
Report
:
Reshaping the cybersecurity landscape
Primary infection methods for malware remain social engineering, targeted phishing emails and Remote Desktop Protocols.
The more focused targeting of victims for ransomware attacks require specific tactics. According to different reports spear-phishing is the primary infection vector for 65% of hacker groups. Remote Desktop Protocols can be breached through brute force attacks or through buying access exploits on criminal fora. This latter method once again highlights the importance of good patch management.
14 April 2021
|
Report
:
Phishing and ransomeware campaigns are being launched to exploit the current crisis and are expected to continue to increase in scope and scale
In recent years, criminals have focused their attacks on organisations as there is a relatively high likelihood of receiving payment. The types of criminals exploiting the COVID-19 pandemic online were also active in the area of cybercrime before. However, some are believed to have intensified their activities.
- Slight increase of distributed denial-of-service (DDos) attacks following the outbreak of COVID-19.
- Initial spike in domains registered related to the words 'corona' and 'COVID', however, current figures indicate that this has stabilised. (Registered domain names form the backbone for many criminal operations).
Outlook for the future:
- The pandemic may multiply the damaging impact of a successful attack against certain institutions, which reinforces the necessity for effective cyber resilience.
- The number of phishing attempts exploiting the crisis is expected to continue to increase. However, we also expect a greater number of inexperienced cybercriminals to deploy ransomware-as-a-service.
15 May 2021
|
Report
:
Catching the Virus Cybercrime, Disinformation and the COVID-19 Pandemic
COVID-19 has made it difficult for startups to create new revenue or sustain their growth for future financing
The impacted areas are quite consistent and 84% of the COVID-19 impact is covered in three key areas: delay in customer sign ups (30%), difficulty in raising money (27%) and the loss of existing customers or business (27%). These three concerns makeup over 80% of respondents' biggest challenges and evolve around the difficulty in creating new revenue or sustaining the growth they need for future financing. On the side of cost control 85% of companies are at this stage actively cutting cost. 42% of startups anticipate they will run out of money in the next 1-3 months and another 32% anticipate they will run out of money in the following 3-6 months. 30% of startups have had funding delayed or cancelled.
10 June 2021
|
Report
:
The Dutch Tech Ecosystem and COVID-19
67% of startups indicate they need bridge funding to survive the effects of COVID-19
COVID-19 impact on startups is severe, it is still expected that its duration will be limited and as such should not present a structural issue for most startup business and financing models. 67% of startups indicate they need bridge funding for the period until the moment that things go back to ‘normal’. Basically they urgently need short-term working capital to survive the effects of COVID-19 has on their company. This need of bridge funding is by far the most frequently voiced support that startups need, and more than double of any of the other support needs. This echoes the importance of this funding for the entire startup ecosystem and this should be addressed in any measures taken.
10 June 2021
|
Report
:
The Dutch Tech Ecosystem and COVID-19
The second most significant threat encountered by European cybercrime investigators in 2018 was compromised data.
Compromised data refers mostly to easily-monetized financial data such as payment information or personal data and login credentials that can be used in subsequent cyber attacks. Employed means for stealing data are phishing, data breaches and information gathering malware. Increasingly the threat comes from malicious insiders.
14 April 2021
|
Report
:
DDoS attacks to deny outsiders the access to a system or service were the third most prominent threat identified by European cybercrime investigators in 2018.
The 'strength' of DDoS is increasing fast with constantly record breaking amounts of data packages are employed against organisations in the financial sector, public institutions and critical infrastructure, forcing them to increase mitigation activities. Employing a DDoS has a low threshold which leads to anyone, including Darknet marketplaces, being a potential target.
14 April 2021
|
Report
:
Risk & security is high on the agenda of many in the fintech industry
82% of the respondents made regular or substantial investments into risk & security in 2020. Fintech's are extremely vulnerable when it comes to data and security breaches. The more an industry gets digitized, the higher the digital or cyber threat will become. With online banking emerging and digitization of banking and related financial services, this topic will remain high on the agenda for the foreseeable future. 74% of the respondents indicate that they invested a considerable or substantial amount into general software development this year. This includes elements such as security or compliance. Compliance in general is high on the agenda of Fintech’s as well.
11 June 2021
|
Report
:
State of the Dutch Fintech Market 2020
The Dutch market for cloud services continuous to grow
The Dutch market for cloud services continuous to grow, especially cloud-based services in the area of application hosting, web hosting, server platforms, as well as storage, backup, security and workplace automation is growing fast in the Netherlands. Leading vendors are Amazon Web Services (AWS), Microsoft and Google. Overall, the financial services industry is highly digitized, and therefore technology adoption rates are
relatively high. At the same time, the uptake of cloud services in this industry has been relatively slow, due to concerns on compliance, security and privacy.
11 June 2021
|
Report
:
State of the Dutch Fintech Market 2020
COVID-19 impacts macroeconomic environment and cost & margin pressure
Before the press conference announcing the intelligent lockdown, regulatory pressure as well as an increasing demand for digital channels were considered elements that impact the Fintech scene the most. Both elements remain to be important after the intelligent lockdown. However, since the intelligent lockdown, these elements have become even more important, topped though by the impact of customer demand. Not surprisingly,
respondents also indicated the macroeconomic environment to have a higher impact as well
11 June 2021
|
Report
:
State of the Dutch Fintech Market 2020
Data security is one of the main drivers for development of the Dutch fintech scene
Access to funding, data access & data quality as well as the entrepreneurial business climate were considered drivers for the Dutch fintech scene, the COVID-19 virus has shifted that completely to the entrepreneurial business climate. Respondents indicate that they expect this to be an important driver for growth post-lockdown. This is followed – though with some distance, by existing customer trust & data security, assuming that respondents see the developments in open banking and the associated regulation as well as the increase of attention on data security as a driver for customer trust.
11 June 2021
|
Report
:
State of the Dutch Fintech Market 2020
A difference can be seen regarding Dutch people who are well informed about the technical aspects of the internet and those who embrace the digital world as part of their social life
Individuals who are well informed about the technical aspects of the internet prefer not to share (too) much information about their personal life, seen that they are aware of what can be done with personal data.
Others are not always aware of digital risks or do not want to see them. Consequently, they have no problem sharing information about themselves online.
21 June 2021
|
News
:
National Cybersecurity Awareness Survey Secure Online 2020
Startups have lost significant revenue due to the COVID-19 crisis
During the COVID-19 crisis, 50% of Dutch startups have lost significant revenue. Most founders indicate the need for short term (1-3 months) bridge funding, with the amount needed ranging from €100,000 to €400,000.
21 June 2021
|
News
:
Impact of Corona on the Dutch Startup Ecosystem
Most commonly feared cyberthreats amongst Dutch organisations
The most commonly feared cyberthreats among Dutch organisations are data leakages (40%), phishing attacks, malware attacks / vulnerability exploits (35%) and extortion / destruction of the organisation's data (25%). In case of a ransomware attack, 30% of Dutch organisations would pay the ransom in order to get their data back. However, opinions vary widely on this topic. For example, about 50% of the surveyed CxOs would pay the ransom, compared to the 29% of CISOs.
23 August 2021
|
News
:
Results Dutch Cyber Security Landscape Survey
92% of Dutch organisations claim to have an up-to-date cyber security strategy
92% of Dutch organisations claim to have an up-to-date cyber security strategy. On the other hand, 6% of Dutch organisations are starting to set up their strategy, while 15% are already working on a next-level strategy.
Furthermore, many success factors are cited for achieving cyber security goals. The most frequently cited factors are increased operational excellence, clear cyber security communication, cyber security awareness training and compliance.
23 August 2021
|
News
:
Results Dutch Cyber Security Landscape Survey
People Centric Security Trends
Although the 2020 pandemic changed how many people work and interact with organizations, people are still at the center of all business. And they need digitalized processes to function in today’s environment.
30 March 2021
|
External
:
Gartner Top Strategic Technology Trends for 2021
Location Independent Strategic Technology Trends
Location independence: COVID-19 has shifted where employees, customers, suppliers and organizational ecosystems physically exist. Location independence requires a technology shift to support this new version of business.
30 March 2021
|
External
:
Gartner Top Strategic Technology Trends for 2021
Virtual meeting platforms have become a popular medium for BEC-scams.
During the pandemic a lot more business was conducted in online work/meeting spaces. This is also abused by threat actors via a compromised business e-mail adress in combination with video/audio spoofing.
11 January 2023
|
Report
:
Internet Crime Report 2021
In recent years, more focused forms of ransomware attacks have been performed
In recent years, malicious individuals have conducted more focused forms of ransomware attacks, targeting individuals and organisations which can pay larger amounts of ransom. Once a malicious individual has access to the systems of a target, an evaluation can be made of the 'worth' of the target. The asked amount of ransom is adjusted according to the estimated worth of the target.
14 April 2021
|
Report
:
Ransomware
Cybercriminals specialise in offering ransomware as a service
Within the domain of cybercrime, cybercriminals are professionalising and specialising in offering ransomware as service. Cybercriminals exploit access points to networks and other vulnerabilities, for example through ransomware attacks. The obtained information is thereby sold to other individuals or groups.
14 April 2021
|
Report
:
Ransomware
In order to prevent ransomware from infecting systems it is necessary to first protect systems against phishing attacks
Protecting organisations against phishing attacks entails multiple components. First of all, the security of e-mails can be improved through SPF, DKIM and DMARC standards. Secondly spamfilters and phishingtests can be applied to reduce the risk of phishing attacks form occurring. Lastly, the awareness of employees regarding phishing attacks can be enhanced through trainings and structured processes.
20 April 2021
|
Report
:
Ransomware
The principle of zero trust is emerging
The principle of zero trust refers to an information-security framework in which zero trust is placed on the existence of a safe network. This principle essentially removes the distinction between internal and external networks. Organisations that for example apply a Bring Your Own Device (BYOD) policy can implement the zero trust principle. Also, processes such as 'micro-segmenting' and Privileged Access Management (PAM), in which a whitelist is composed of individuals that can access certain systems, are (zero trust) solutions that can mitigate risks.
20 April 2021
|
Report
:
Ransomware
Increase in BEC, Covid-19 is still the lure in E-mail fraud campaigns
E-mail related threats have been consistently ranking high in the list of prime threats in the ETL for a number of years. Phishing aims at stealing important information like credit card numbers and passwords, through e-mails involving social engineering and deception. Business e-mail compromise (BEC) is a sophisticated scam targeting businesses and organisations, whereby criminals employ social engineering techniques to gain access to an employee’s or executive’s e-mail account to initiate bank transfers under fraudulent conditions. As expected, the COVID-19 pandemic has given rise to this category of threats, since people’s online presence and need for communication has greatly risen during this period. Moreover, the digitalisation of many traditional services grew at an unprecedented rate during the pandemic, and given e-mail’s lead role as a communications means, the increase in e-mail related threats was undeniable.
4 November 2021
|
Report
:
Enisa Threat Landscape 2021
Trends in threats against data
Threats against data form a collection of threats that target data sources with the aim of gaining unauthorised access, disclosure, misinformation, disinformation, etc. They are mainly referred to as data breaches or data leaks and refer to the release of sensitive, confidential or protected data to an untrusted environment. Threats against data consistently rank high among the leading threats of the ETL and this trend continues in the reporting period of the ETL 2021. Moreover, given the significance of data and in particular of private and sensitive data, adversaries are combining more sophisticated threats to target data, such as ransomware or supply chain attacks. We observed an increasing trend in the number of incidents reported during 2021. This observation relates primarily to the surge of data breaches in the health sector.
4 November 2021
|
Report
:
Enisa Threat Landscape 2021
2021 Trends in Ransomware and Malware
The occurrence of multiple ransomware extortion schemes increased strongly during 2021. After initially stealing and encrypting sensitive data from organisations and threatening to release it publicly unless a payment is made, attackers also target the organisations’ customers and/or partners for ransom to maximise their profits. However, malware attacks decreased heavily during the reporting period. Research has shown that attacks in North America decreased by 43% in 2020 compared to 2019. This drop was almost same in Europe, while a decrease of 53% was noticed in Asia. One of the key factors for this reduction could be linked to the COVID19 pandemic.
4 November 2021
|
Report
:
Enisa Threat Landscape 2021
Trends in DDoS and web-used attacks against availability and integrity
Availability and integrity are the target of a plethora of threats and attacks, among which the families of Distributed Denial of Service (DDoS) and Web Attacks stand out. DDoS and web-based attacks are often coordinated activities. DDoS attacks can be built on a web-based attack, which are often distributed through web applications. For instance, web-based attacks can be adopted to build a botnet that is then used to carry out a denial of service attack aimed to make a system unavailable. Both web attacks and DDoS attacks have remained stable over the years, while some interesting points on their evolution may be noted. According to EUROPOL, “the threat potential of DDoS attacks is higher than its current impact in the EU.
4 November 2021
|
Report
:
Enisa Threat Landscape 2021
Companies are vulnerable for BEC-fraud, phishing emails and hacktivism
The KVK explains different vulnerabilities companies can encounter and gives examples of companies that actually have encountered them.
20 February 2023
|
Report
:
KvK - wegwijzer cybersecurity
Increasing attention is given to the issue of attribution in cyberspace
Attribution can be broadly defined as the process of assigning responsibility for a (malicious) cyber activity to a specific actor on the basis of the available evidence, including all-source intelligence, forensic investigation, and taking into account the political context. Given the sensitive nature of such evidence and the implications that a decision about attribution might have on bilateral relations between the accuser and the accused, states maintain their exclusive right to attribute (or not) a cyber operation based on their own methods, procedures and political interests.
the relatively short history of attribution of cyber-attacks, states have used different paths . While many initiatives hardly ever see daylight and are hidden from the scrutiny of public opinion, some states have also opted for more public forms of attribution through indictments under criminal law and political attributions – albeit with a very limited reference to international law and norms that have been violated.
14 April 2021
|
Report
:
Three tales of attribution in cyberspace
NCSC Trend List 2021: Expectations of the NCSC in the field of cybersecurity
The NCSC Trend List helps organizations to look ahead in the field of cybersecurity based on trends and expectations. Trends are things that are already happening and expectations are things that may come into play in the coming years. Depending on developments, these expectations may shift in time and/ or relevance. That is why the NCSC will regularly update the Trend List.
16 February 2022
|
External
:
NCSC Trend list 2021
Lessons that can be learned from a hack and data breach
By using the example of the municipality Buren, it is explained what to do and what not to do when a hack occurs in your municipality. A variety of lessons are described.
22 February 2023
|
Report
:
Lessen uit de hack en datalek bij Gemeente Buren
Supply chain cybersecurity: a sometimes overlooked essential to securing your business.
In today’s networked digital infrastructures, it is no longer enough to ensure the security of one’s own IT networks and systems. Incidents elsewhere in the chain can have an immense impact as they trickle down. Suppliers, vendors, contractors, and other third parties have become part of the security risk area. Meanwhile, hostile hackers no longer require to actually gain access to their main target to get to their end goal. Supply chains have essentially become supply networks. And while the challenges for protecting an organization continue to rise, the connectivity offers a learning opportunity and potential cost savings as well. For companies that have already been attacked, it is worth sharing their experiences and best practices. Those who haven’t would be wise to learn from others, because it’s improving their security posture as well as the supply network that they’re part of.
28 January 2022
|
Report
:
Als de Keten Zelf de Zwakste Schakel is
Increasing IT/OT convergence leads to new developments
With the rise of the internet, OT-infrastructures and its threats are changing. OT-infrastructures with build-in internet communication and reprogrammable OT-infrastructures are in demand. However, according to some, these developments lead to needless exposure to the internet.
13 January 2023
|
Report
:
Herstelvermogen binnen OT infrastructuren
Despite the IT/OT risks, the urgency to take additional recovery measures is not clear.
Despite the fact that the risks surrounding IT/OT convergence are acknowledged, the urgency to take additional recovery measures is not yet clear. This is due to the fact that organizations: have not yet experienced a large system failure, are unaware of the possible impact, are uncertain on legislation, and are confused by different systems in different countries.
13 January 2023
|
Report
:
Herstelvermogen binnen OT infrastructuren
To implement secure OT, organisational awareness is needed
To ensure secure OT, organisations need awareness. This can be done through making OT part of their risk management strategy, bringing safety and security closer together, making OT a concern of management, explain OT in its context referring to primary processes, and constant monitoring and communication.
26 January 2023
|
Report
:
Succesfactoren voor digitaal veilige Operationele Technologie
Use the available measures to secure your OT
To implement secure OT, use already developed standards and measures, adapt them to the needs of your organization and start working structurally with Security-by-design. These are succes factors of secure OT.
3 February 2023
|
Report
:
Succesfactoren voor digitaal veilige Operationele Technologie
Management and maintenance are important in securing your OT
It is important that, when securing your OT, your assetmanagement is under control, you have a diversity of suppliers and in-house knowledge on OT
3 February 2023
|
Report
:
Succesfactoren voor digitaal veilige Operationele Technologie
Factors to close the gap between the IT and OT domain
To close the gap between the IT and OT domain, organisations should bring OT and IT in one team, give both domains the same wage, facilitate knowledge sharing within and outside of the organisation, use the same language and let both domains use the same equipment.
3 February 2023
|
Report
:
Succesfactoren voor digitaal veilige Operationele Technologie
Knowledge and expertise concerning OT is needed
Organisations that want secure OT need in-house expertise on OT, need people who have knowledge of both OT and IT, need to do crisis exercises, need to strengthen management's involvement and use audits to create attention.
3 February 2023
|
Report
:
Succesfactoren voor digitaal veilige Operationele Technologie
Europe: Mainly financially-motivated threat actors
Unlike Asia, which is mostly affected by rivaling nation states, Europe appeared to be primarily targeted by financially-motivated threat actors. This difference may be explained by the greater potential for theft from European-based companies based on currency exchange rates. Alternatively, criminal motivations could be in pursuit of intellectual property, which can be sold to competitors for significant gain.
22 January 2021
|
External
:
X-force threat intelligence index 2020
Malware use by threat actors continues to fluctuate in 2020
Malware use by threat actors continues to fluctuate, with ransomware, cryptominers, and botnets all taking lead at different points in 2019. We expect this trend to continue in 2020, meaning organizations will need to protect themselves against varied threats that change over time.
22 January 2021
|
External
:
X-force threat intelligence index 2020
Spam activity continues unabated in 2020
Spam activity continues unabated, requiring diligent blacklisting, vulnerability patching and threat monitoring by organizations.
22 January 2021
|
External
:
X-force threat intelligence index 2020
A drop in crime statistics is visible, both nationally and internationally
Over the last couple of years a decrease in crime rates is visible, both nationally and internationally. This is known as a 'crime drop'. This trend is also evident in the police unit of Amsterdam. Compared to 2018, crime rates have been similar in 2019. However, the number of (street)robberies has slightly increased in the municipality of Amsterdam.
21 April 2021
|
Report
:
Trendbeeld 2020
Cybermaintenance within the financial sector remains crucial in order to detect and prevent cyberthreats
Cybermaintenance (in the financial sector) encompasses the implementation and maintenance of various cyber standards and - baselines. These standards and baselines are implemented in order to minimise the impact of malicious software (malware) and ransomware. Various measures, such as network segmentation, hardening, patch- and vulnerability management and security-by-design principles have to implemented in order to carry-out useful cybermaintenance.
29 April 2021
|
Report
:
Informatiebeveiligings-monitor DNB
Penetration testing contributes to the continuous improvement of cyber- and informationsecurity measures
In order to continuously improve cyber- and informationsecurity measures that are implemented in the Dutch financial sector, penetration testing is necessary. Testing methods vary from desk-based tests to realistic simulations. Currently, Business Continuity Management (BCM) is mostly focused on classic test scenario's. In order to improve the BCM of a financial institution a shifted focus towards factors such as location, key persons, ICT and outsourcings partners is necessary.
29 April 2021
|
Report
:
Informatiebeveiligings-monitor DNB
Outsourcing activities have increased within the financial sector over the last few years
Over the last few years an increasing trend can be seen regarding outsourcing activities in the financial sector. This has caused an increased dependence of financial institutions on service providers. Therefore, the necessity to cooperate within the supply- and demand chain has also seen an increase.
29 April 2021
|
Report
:
Informatiebeveiligings-monitor DNB
Legal business structures are used to facilitate criminal activity
Legal business structures such as companies or other entities are used to facilitate virtually
all types of criminal activity with an impact on the EU. Criminals directly control or infiltrate legal business structures in order to facilitate their criminal activities. All types of legal businesses are potentially vulnerable to exploitation by serious and organised crime.
More than 80 % of the criminal networks active in the EU use legal business structures
for their criminal activities. About half of all criminal networks set up their own legal
business structures or infiltrate businesses at a high level.
17 May 2021
|
Report
:
European Union Serious and Organised Crime Threat Assessment
Increased sophistication and number of cyber-dependent attacks
The threat from cyber-dependent crime has been increasing over the last years, not only in
terms of the number of attacks reported but also in terms of the sophistication of attacks. Examples include malware, ransomware, and DDoS attacks. Cyber-dependent crime is likely significantly underreported. The rapidly progressing digitalisation of society and the economy constantly creates new opportunities for criminals involved in cyber-dependent crime. Businesses are increasingly the targets of cyberattacks. Public institutions, including critical infrastructures such as health services, continue to be targeted by cybercriminals.
Despite an increasing number of investigations into cyber-dependent crimes and other cybercrime activities, the number of criminal networks is low. One of the reasons could be that cybercrime involves many criminals operating individually and not in the framework of established networks.
17 May 2021
|
Report
:
European Union Serious and Organised Crime Threat Assessment
Customs import fraud resulted in financial losses of at least EUR 5.5 billion to the EU budget between 2016 and 2019
Customs import fraud resulted in financial losses of at least EUR 5.5 billion to the EU budget between 2016 and 2019. The evasion of duties on goods imported into the EU negatively affects the financial interests of the EU and threaten legitimate companies operating in the Member States. Dumping practices create unfair competition to legitimate businesses and their products and market distortion.
18 May 2021
|
Report
:
European Union Serious and Organised Crime Threat Assessment
The number of cybercrime related reports and criminal cases are increasing
In the Netherlands (2020), the number of cybercrime related reports and criminal cases are increasing, as well as the amount of cybercriminals. Private citizens are targeted more often than companies (8-15% of Dutch citizens are victim), however companies face greater financial loss. During the COVID-19 crisis, cybercriminals have developed new ways of utilising phishing and fraud techniques.
31 May 2021
|
Report
:
Strategisch Omgevingsbeeld 2020
Threats from nation states are becoming increasingly digitalised
The most common threats from nation states are influencing practices, espionage, information confrontation and the utilisation of economic instruments. These threats are increasingly expressed on digital platforms. Such threats target a wide variety of actors: diaspora, religious communities, the scientific community and businesses.
25 June 2021
|
Report
:
Strategisch Omgevingsbeeld 2020
The digital infrastructure is critical for the functioning of society
The digital infrastructure of a society must remain in order, just like air, water, road and rail. If digital processes do not work properly, this can have major impact on society. Organisations can be unable to do their work, personal data can be exposed and facilities may stop functioning. For example: a hack at a cheese packaging company, a data leak at an ICT service providers for car companies and an ICT malfunction at an hospital can lead to such an impact.
In the past year, a great difference can be seen in the cyber security resilience of companies and organisations. Experts are concerned that this gap will expand in the future. Also, due to the Covid-19 pandemic, more processes have been digitised, thereby increasing the importance of digital security even further.
23 August 2021
|
News
:
Cyber Attacks Affect the Nervous System of Society
Most common attack techniques and targeted assets in supply chain attacks
Most attack techniques that are used to compromise a supplier in a supply chain attack are unknown (66%), or conducted through exploiting software vulnerabilities (16%). Most assets that are targeted are code (66%), data (20%) and processes (12%). Furthermore, the compromised suppliers' assets are used as an attack vector to compromise customers. Those attacks are most done by abusing the trust of the customers (62%) or by using malware (62%).
26 August 2021
|
Report
:
ENISA Threat Landscape for Supply Chain Attacks
Delloite's 2021 Future of Cyber Survey showcases the current cybersecurity landscape from the perspective of executives.
As organizations navigate an evolving threat landscape and an increase in cybersecurity incidents, it’s important to have plans in place to mitigate such attacks, while also contending with both talent shortages and technology challenges. But how do the cybersecurity views of executives in the US stack-up against those of executives in the rest of the world? Deloitte Touche Tohmatsu Limited’s 2021 Future of Cyber report surveyed over 577 C-suite executives globally –159 in the US and 418 outside of the US in the ROW – across several industries regarding their organizations’ cybersecurity programs.
3 November 2021
|
Report
:
Deloitte Future of Cyber Survey
Current state of cyber security landscape
Where are we now? Three things are being presented in this section: an increase in cyber attacks; a rise in security investment and the complexity with the shift to the cloud.
12 November 2021
|
Report
:
State of Cybersecurity Resilience 2021
Software supply chain attacks remain a major problem in 2021 cybersecurity
Throughout 2021, software supply chain attacks grew in both frequency and scale. Researchers concluded that software supply-chain attacks increased by no less than 650% throughout the year. A study issued by the European Union Agency for Cybersecurity (ENISA) reviewed two dozen incidents and found that 66% of supply chain attacks were committed by exploiting an unknown vulnerability, while only 16% leveraged known software flaws. Most attacks actually targeted software code. This year, it seems that organizations were once again caught largely unprepared, as a survey concluded that 82% of companies designate the third party vendors that make up their software supply chain with highly privileged roles. 76% provide roles that could allow account takeover, and, worst of all, over 90% of designated security teams were not aware that such permissions were even granted.
21 March 2022
|
Report
:
Cloud services increasingly under attack in 2021
In 2020, the global pandemic brought significant changes to the corporate work environment as well as corporate network architecture. Within those changes, both the shift to cloud-based architecture – meant to address the need for hybrid, remotely- managed networks – and the preference for as-a-service providers over traditional suppliers, have really stood out in terms of the scale of their adoption. Subsequently, in 2021, it became clear that cloud environments were also growing in popularity among end users. By mid-year, Gartner had released its forecast stating that end-user spending on public cloud services was estimated to grow by 23% in 2021 to over US$ 332 billion, compared to US$ 270 billion in 2020 and US$ 242.7 billion in 2019. Enterprises are now allocating large-scale funds to multi-cloud architectures, with Microsoft Azure and AWS leading in popularity, and Google Cloud Platform, IBM, VMWare and others dominating a respectable share of the market.
21 March 2022
|
Report
:
Ransomware changed in 2021
Gone are the days when ransomware operators negotiated a ransom of US$ 200 for your family photos. Today’s ransomware economy is a complex operation extorting millions
of dollars per ransom, holding entire organizations captive under the threat of total
system shutdown. The evolution of the ransomware business model is at the core of this phenomenon. Ransomware-as-a-Service (RaaS) introduces affiliate programs at low onboarding costs, enabling any attacker to easily join the trend. The attacker selects one of the leading ransomware “projects” and follows the detailed, easy to follow complimentary operations manual, which contains complete instructions for every stage of the attack. If the intrusion was successful, the ransomware operators and affiliates share a percentage of the victim’s ransom payment. This extremely profitable scheme allows attackers to reach a wider range of victims and offers higher returns to all involved.
21 March 2022
|
Report
:
Check Point Cloud Security Report 2022
The return of Emotet malware in 2021
Emotet, one of the most dangerous and infamous botnets in history, is back, despite the long and synchronized efforts of the international community and law enforcement agencies worldwide that resulted in its take down in January 2021. Emotet, the banking Trojan turned modular botnet, is known for its massive reach of over 1.5 million infected computers worldwide, across thousands of compromised corporate networks. Emotet was used as a distribution platform to deliver other notorious malware families such as TrickBot, Qbot and Dridex, often resulting in network-wide ransomware attacks that crippled entire organizations. Inflicted damages were estimated at around US$ 2.5 billion, before it was forcibly shut down.
21 March 2022
|
Report
:
Organisations and businesses should consider using XDR solutions
In order to provide better overall security outcomes and simplify and streamline security in general, organisations should consider using extended detection and response (XDR) technology for 2020 and 2021. By using this technology, the platform-level integration occurs at the point of deployment rather than being added in later.
30 March 2021
|
External
:
Gartner Top 10 Security Projects for 2020-2021
Improve cloud security approaches
There needs to be more uniformity regarding control systems across IaaS and PaaS in order to improve and enhance cloud security approaches. Also the controls need to be simplified, for example through the use of cloud access security brokers (CASBs).
30 March 2021
|
External
:
Gartner Top 10 Security Projects for 2020-2021
Domain-based message authentication (DMARC) offers additional layers of trust for email security
DMARC is an email authentication policy which can offer additional layers of trust and verification regarding email security. It specifically looks at the verification of the sender's domain, which can help to prevent domain spoofing.
13 April 2021
|
External
:
Gartner Top 10 Security Projects for 2020-2021
Passwordless authentication offers a better solution for email security
Passwordless authentication offers a better solution for email security than normal password authentication. Passwordless authentication is meant to increase user's trust and experience.
13 April 2021
|
External
:
Gartner Top 10 Security Projects for 2020-2021
Hidden cyber-resilience deficit
It is a fact that even today many organizations can find themselves unknowingly dependent on components of the ecosystem due to a lack of transparency downstream and upstream in supply chains. Without intervention, this may simply grow in complexity: Dependencies will become increasingly unmanageable and opaque as the ecosystem becomes more entangled. This means that it will not be possible to account for the aggregation of cyber risk, and where there is a lack of resilience within organizations, we may be developing a growing and hidden cyber-resilience deficit.
22 January 2021
|
Report
:
Cybersecurity, emerging technology and systemic risk
Widening cybersecurity skills gap
There is already a global capacity shortage in cybersecurity (both specialists and across the wider workforce), and as new technologies emerge, the existing skills gap in delivering cybersecurity is likely to grow. Unless education and training are accelerated significantly, the workforce will not have the necessary cybersecurity capacity and mindset. A lack of cyber literacy among leaders and innovators will prevent appreciation of the risks to organizations and the ecosystem, and prevent the necessary investments being made for cyber resilience.
22 January 2021
|
Report
:
Cybersecurity, emerging technology and systemic risk
Growing use of algorithms in making employment decisions by private companies
In several EU countries the recruitment processes are becoming automated. Algorithmic indication is behind the pre-selecting, rejecting of employees and behind the potential termination of their contracts.
29 May 2021
|
Report
:
Algorithmic discrimination in Europe
Due to plurality of actors involved in the design and use of algorithms, responsibility is a challenge
There are a wide range of actors involved in the design and implementation of algorithms. This might make it difficult for the victims of discrimination or for supervisory/monitoring bodies to know whom to hold responsible, liable/accountable for discriminatory outcomes.
29 May 2021
|
Report
:
Algorithmic discrimination in Europe
Algorithms are actively used in many private sectors all over Europe
Algorithms are actively used in many private sectors all over Europe. The purposes of algorithms are more varied in the private sector than in the public sector. Algorithms are used in the private sector for employment and platform work as they can be convenient in making employment decisions. Predictive algorithms can also be useful in making creditworthiness assessments and identifying risk groups, meaning algorithms are used within banking and insurance. The use of algorithmic application has also become increasingly popular in the sectors of retail and advertising.
4 June 2021
|
Report
:
Algorithmic discrimination in Europe
New technologies have potential applications in counterterrorism
TNO has identified eight technologies with potential applications in counter terrorism.
Behavioral analysis, behavioral influence technologies, physical security technologies, integrated sensor technologies, cyber technologies, data technologies, decision support and coordination technologies and finally learning and anticipation technologies.
These technologies have a potential impact on the capabilities of organizations to counter terrorism in the broadest sense, from preventing and protecting from terrorism to reacting, capturing and restoring from terrorism.
14 April 2021
|
Report
:
Technologie Voor Terrorisme Bestrijding
Creating a resilient IT-infrastucture with 3 principles
Because of the digitization of our society, many organizations' IT infrastructures are becoming more complicated, and thus also more vulnerable. The Dutch National Bureau for Connection Security (NBV) has developed a simplified approach to counteract cyberthreats. In this approach, the key is an organization-wide plan which looks more broadly than just the technical side of things. This approach is based on 3 main principles with 4 supporting pillars.
15 October 2021
|
Report
:
Verdedigbaar Netwerk: Hoe Doe Je Dat?
Cybersecurity will always remain a shared responsibility between those who build the (digital) infrastructure, those who manage it and those who use it.
A situation must be achieved in which each party that is part of the digital ecosystem has insight into its contribution to the security and stability of the whole. No single party can do this alone, not even the government. It is a collaborative effort with all participants contributing to the transformation.
11 January 2023
|
Report
:
Nederlandse Cybersecuritystrategie 2022-2028
Cyber security requirements for a larger group of companies (NIB2)
Cyber incidents do not stop at national borders.
The EU is therefore also involved in strengthening the digital security and resilience within the Union.
11 January 2023
|
Report
:
Nederlandse Cybersecuritystrategie 2022-2028
Alert overload
Organisations worldwide use on average about 29 security monitoring software systems. This can result in an alert overload which causes security teams to wrongly prioritise and maintain cybersecurity risks
23 January 2023
|
Report
:
KPN Cyber Security Perspectives 2021
Protect domains against email spoofing and phishing by implementing email authentication with SPF, DKIM and DMARC.
The NCSC advises organisations to protect their domains against email spoofing and phishing by implementing email authentication using SPF, DKIM and DMARC. SPF allows domain owners to specify which mail servers are authorised to send email on their behalf, DKIM allows them to digitally sign emails, and DMARC enables them to publish a policy on how receiving mail servers should handle emails that fail SPF or DKIM checks. For government organizstions, the use of these email authentication techniques is mandatory, while for other organisations it is strongly recommended as an effective way to combat email-based attacks. The implementation of email authentication is considered a best practice that has already been widely adopted.
3 April 2024
|
Report
:
Handreiking 'Bescherm domeinen tegen phishing'
Technologische ontwikkelingen zorgen voor betere beveiliging, maar ook meer kwetsbaarheden
Door technologische ontwikkelingen zoals AI en quantum computing, kunnen de Nederlandse maatschappij en economie beter worden beveiligd. Het zorgt echter ook voor een toenemende mate van afhankelijkheid van digitale processen, wat leidt tot kwetsbaarheid voor cyberincidenten en -aanvallen. Het is daarom van cruciaal belang om effectieve cybersecuritymaatregelen te ontwikkelen en daarmee de scheefgroei tussen dreiging en weerbaarheid te verminderen.
17 September 2024
|
Report
:
Agenda Cybersecurity Technologies
De digitale dreiging voor de Nederlandse samenleving neemt sterk toe
De digitale dreiging voor de Nederlandse samenleving groeit door toenemende cyberaanvallen van statelijke actoren die inzetten op beïnvloeding, espionage, verstoring en sabotage. Sectoren zoals de gezondheidszorg, hightech, energievoorziening, vervoer en defensie lopen ernstige risico’s.
17 September 2024
|
Report
:
Agenda Cybersecurity Technologies
The importance of a European digital fist through civil-military cooperation
Geopolitical tensions increasingly manifest themselves in the digital domain. European countries and companies are increasingly targeted. From the European Commission, the focus of cybersecurity cooperation is on preparation, responsive measures, and legislation aimed at the civil domain. Europe must also facilitate more cooperation between the civilian, military and intelligence domains so that all cyber capacities are optimally used. The Dutch security domain can initiate this and be a pioneer.
20 January 2021
|
Report
:
Trends in Veiligheid 2020
There is a continuing strong relationship between executives and security professionals
Over the years in our survey, we’ve measured four critical practices for fostering a mutually beneficial relationship between executives and the security organization . This exercise evaluates top-down security buy-in, where we’ve found a slight downward trend from last year . Looking at these results:
• Eighty nine percent of respondents said that their executive leadership still considers security a high priority; however, this is down slightly (7%) across the preceding four years.
• The percentage of organizations who have clarified the security roles and responsibilities within the executive team has fluctuated over the past few years – landing at 89% this year. Considering cybersecurity’s growing visibility and the dire need for security leaders at top levels, clarifying roles and responsibilities needs to remain high.
• The incorporation of cyber risk assessments into overall risk assessment processes is down by 5% from last year, but is still high with 91% of respondents saying they use them.
• Although down by 6% from last year, executive teams establishing clear metrics for assessing the effectiveness of security programs is still rather high with 90% of our respondents doing so.
Over four years, these responses are slightly down, which may indicate: 1) that the scope of security responsibility is changing, 2) that communication with the executive team isn’t as clear as it used to be, 3) that executive management has other business priorities, or 4) that CISOs and executives are re-evaluating their metrics.
And although these numbers are down, they are still very high . Perhaps this is because security has now become operationalized, but requires a greater voice at the executive table. The fact that the numbers are still very high indicates a continuing strong relationship between executives and security professionals.
22 January 2021
|
Report
:
Securing What's Now and What's Next
time-to-detect and time-to remediate are important metrics for assessing the effectiveness of an organization's security program
90% agreed their organization’s executives had established clear metrics for assessing the effectiveness of their security program. IT decision-makers responding to our survey rated time-to-detect highest as a key performance indicator (KPI). Establishing clear metrics is an integral activity for a security framework, and it isn't an easy task to agree across multiple executives and security teams how to measure operational improvement and security outcomes .
IT decision-makers responding to our survey rated time-to-detect highest as a key performance indicator (KPI). However, when you’re reporting to the C-suite or board of directors, time-to-remediate ranks just as important, as it represents an aggregate of total impact that may include: system downtime, records affected, cost of investigation, lost revenue, lost customers, lost opportunities, and out-of-pocket costs. It can also be a proxy metric for the overall effectiveness of the IT organization, as remediation can require a lot of collaborative work across departments .
22 January 2021
|
Report
:
Securing What's Now and What's Next
the best way to allocate security spend is through outcome-based objectives and metrics
Sixty one percent are using this planning method, a 10% increase from the previous year and an encouraging trend. ‘Percent of revenue’ and ‘outsourcing costs’ were the least used factors to determine security budgets. Fifty-four percent base spending on the previous years’ budget. Although this may not seem like a precise way to quantify security costs – especially when the average cost of a data breach globally ($3 .92M) is rarely factored in – if your budget is flat year over year or you have predictable SaaS subscriptions, your forecasted budget will probably see very little change .
22 January 2021
|
Report
:
Securing What's Now and What's Next
Organizations are spending more on prevention versus being reactive in their cybersecurity posture
In exploring how security budgets are spent, we surveyed our respondents on five categories (Identify, Protect, Detect, Respond, and Recover) that describe the lifecycle of cybersecurity defense and breach management:
• The category Identify saw a rise in expenditures from 21% to 27% from 2019 to 2020
• Protect and Detect remained basically the same at 25% and 18% respectively
• Spending in the Respond and Recover categories declined somewhat in the same timeframe to 15% and 14% respectively
Enterprises are always trying to find the right balance between being proactive and being responsive and resilient, and that pendulum swings back and forth every year. Last year, organizations may have been concentrating their efforts on the basics (asset inventory, discovery, etc.). And theoretically, if you spend right on Identify, Protect and Detect up front, you shouldn't need to spend as much on Respond and Recover, as they aren’t needed as often.
22 January 2021
|
Report
:
Securing What's Now and What's Next
The business impacts of security breaches
Organizations having more than 100,000 records impacted from their most severe data breach rose from 15% last year to beyond 19% this year.
Large enterprises (10K or more employees) are more likely to have less downtime (0-4 hours), as they will likely have more resources available to help respond and recover . Small to mid-sized organizations dominated the 5-16 hour recovery timespan, and catastrophic downtimes of 17-48 hours were similarly low for organizations of all sizes.
The most impacted business areas were operations and brand reputation.
the number of respondents experiencing a hit to brand reputation from major breaches has risen from 26% to 33% in three years. With the impact to the overall brand on the rise, it’s crucial to include crisis communications planning into your overall incidence response plan.
22 January 2021
|
Report
:
Securing What's Now and What's Next
At 61%, the percentage of survey respondents reporting that they voluntarily disclosed a breach last year is at the highest level in the previous four years
This shows that, overall, organizations are proactively reporting breaches, perhaps as a result of new legislation – or maybe from increased social consciousness and a desire to maintain customer trust.
The upside to this is that more than double the number of organizations that experienced a breach that lasted over 17 hours disclosed the breach voluntarily versus those that disclosed the breach involuntarily or due to reporting requirements.
More than half of all breaches (51%) put organizations on the defensive, having
to manage the public scrutiny that comes with a breach. But while governmental reporting requirements have increased, involuntary disclosure remains largely the same at just over a quarter (27%) of breaches. And 61% of respondents are now finding that their credibility rises when they voluntarily disclose a major breach, thus preserving their brand reputation.
22 January 2021
|
Report
:
Securing What's Now and What's Next
Outsourcing of security has increased significantly
Compared to last year’s report, outsourcing has increased significantly, possibly indicating a historical trend as vendor landscapes become so complex to manage in-house. Interestingly, organizations reported that they’re expecting their outsourcing to decrease in the future.
Our respondents are outsourcing for a variety of core reasons, and it’s not only cost. Cost efficiency is marginally ahead as the number one reason at 55%. However, it's quickly followed by security teams that want more timely responses to incidents (53%).
We found that 34% of you are outsourcing incident response services, and 36% are using external/third-party services to analyze compromised systems, which has risen from last year. Using an incident response service has become an efficient approach for protecting assets, mitigating risk, and maintaining compliance. It can help your organization protect against the unknown by having proactive planning and expertise to coordinate and carry out a response.
22 January 2021
|
Report
:
Securing What's Now and What's Next
Patching is critical in breach defense, as 46% of organizations (up from 30% in last year’s report) had an incident caused by an unpatched vulnerability
In addition, those that had a major breach due to an unpatched vulnerability last year experienced higher levels of data loss. For example, 68% of organizations breached from an unpatched vulnerability suffered losses of 10,000 data records or more last year. For those who said they suffered a breach from other causes, only 41% lost 10,000 or more records in the same timeframe.
It’s well known that patching can be difficult and cause disruptions. However, these results show that there is a tangible ROI in implementing a minimum baseline policy for the most recently released patches. Organizations should maintain an up-to- date inventory of all devices in their environment and perform a risk analysis for any missing patches. Then, create a change management process to enforce version control and documentation.
22 January 2021
|
Report
:
Securing What's Now and What's Next
The most common causes of downtime are malware and malicious spam
Interestingly, the third cause diverges depending on the length of downtime . For breaches with downtime between 0-4 hours, phishing is the third most common cause . For downtime between 4-24 hours, it’s spyware. For anything over 24 hours, it’s ransomware. Significantly, ransomware doesn’t discriminate; it was the most destructive threat for both small and enterprise organizations in terms of downtime. The large amounts of resultant downtime may be due to the depth of investigation needed to assess the damage, attempt to restore backups, and fix the entry vectors.
22 January 2021
|
Report
:
Securing What's Now and What's Next
More than half (52%) told us that mobile devices are now very or extremely challenging to defend
They’ve overtaken user behavior, which was the biggest challenge from last year’s report .
With a zero-trust framework, you can identify and verify every person and device trying to access your infrastructure. Zero trust is a pragmatic and future-proof framework that can help bring effective security across your architecture – spanning the workforce, workload, and workplace.
A zero-trust framework achieves these three success metrics, among others:
• The user is known and authenticated
• The device is checked and found to be adequate
• The user is limited to where they can go within your environment
Having zero trust in place removes much of the guesswork in protecting your infrastructure from all potential threats, including mobile devices.
22 January 2021
|
Report
:
Securing What's Now and What's Next
Only 27% of organizations are currently using multi-factor authentication (MFA)
This number is low for such a valuable zero-trust technology. Survey respondents from the following countries showed the highest adoption rates of MFA in this order: USA, China, Italy, India, Germany, and the UK. The industries with the highest adoption rates (in this order) are software development, financial services, government, retail, manufacturing, and telecommunications.
22 January 2021
|
Report
:
Securing What's Now and What's Next
Private cloud infrastructure is a top security challenge for organizations
Private cloud infrastructure is a top security challenge for organizations. (Fifty percent of organizations find it very or extremely difficult to defend).
22 January 2021
|
Report
:
Securing What's Now and What's Next
In 2020, we continued to see more than 83% of organizations managing more than 20% of their IT infrastructure in the cloud (whether internally or externally)
Through our research, we’ve found that increased effectiveness, efficiency, and visibility are some of the main drivers for organizations to move their security (88%) and infrastructure (89%) to the cloud. And it’s not surprising to see that 86% say utilizing cloud security has increased visibility into their networks.
22 January 2021
|
Report
:
Securing What's Now and What's Next
The overwhelming number of security alerts is having an impact on cybersecurity fatigue
Of those who say they are suffering from cyber fatigue, 93% of them receive more than 5,000 alerts every day.
Defined as virtually giving up on proactively defending against malicious actors, 42% of respondents are suffering from cybersecurity fatigue.
The overall number of daily alerts you are dealing with has increased over previous years. In 2017, 50% of organizations were receiving 5,000 or fewer daily alerts; now only 36% are in this category. And the amount of organizations who receive 100,000 or more daily alerts has grown from 11% in 2017 to 17% in 2020.
Perhaps because of this increase in volume and the processing resources needed, alert investigation is at its lowest level in over four years at just under 48%. (The number was 56% in 2017, and it’s been decreasing every year since.) The rate of legitimate incidents at 26% is consistent year-over-year and suggests that many investigations are turning up false positives.
On a positive note, the number of legitimate threats that are remediated has improved since last year’s report, and we’re now back to 2017 levels at 50%. However, this still means that half of all real incidents are being left unattended.
To deal with the increasing noise and volume of alerts, we advocate for an approach that has automation at its heart. Automation enables policies to be enforced more consistently, quickly, and efficiently. When a device is determined to be infected or vulnerable, it’s automatically quarantined or denied access with no action required from an administrator.
22 January 2021
|
Report
:
Securing What's Now and What's Next
Trends in Cyber Attacks: 2021 Mid Year report
In the first half of 2021, cybercriminals continued to exploit the Covid-19 pandemic and the amount of ransomware attacks increased drastically (93%). Globally, the amount of weekly cyber-attacks per organization grew as well. For a majority of organizations internationally, a return to pre-pandemic ‘norms’ is still some way off. The enforced shift to remote working in March 2020 undoubtedly fast-forwarded ‘digital transformation’ and brought with it many benefits to our working lives. As such, the first half of 2021 has seen organizations commit to a continuous hybrid model. However, cyber criminals have continued to adapt their working practices in order to exploit this shift, targeting organizations’ supply chains and network links to partners in order to achieve maximum disruption.
28 September 2021
|
Report
:
Cyber Attack Trends
Ransomware negotiation economics; an increasingly relevant topic
Paying a ransom or negotiating with criminals is problematic to say the least. Still, a significant percentage of ransomware-affected businesses see no other option than to negotiate and in the end pay the ransom. But not much is known about the economic backgrounds of digital extortion and about the negotiation strategies in the case of digital extortion. That gap prompted the researchers to investigate negotiations that take place after the decision has been made to pay a ransom after a successful ransomware attack.
20 December 2021
|
Report
:
“We Wait, Because We Know You” Inside the Ransomware Negotiation Economics
Evolve the role of architects to transform systems architecture and support the speed of business
The 'architecture awakens' trend is a direct response to external pressures many CIOs face today as established organizations are struggling to keep pace with the changing technology landscape. In the coming months we expect to see more organizations move architects out of their traditional ivory towers and into the trenches with the goal to move the most experienced architect to software development teams that are designing complex technology. Once redeployed and empowered to drive change, architects can help simplify technical stacks and create technical agility that currently gives younger competitors a market advantage.
The role of the architect will be redefined to be more collaborative, creative, and responsive to stakeholder needs. Going forward, their mission will be to do bold new things not only with traditional architectural components but with disruptive forces (blockchain, AI, Machine learning).
18 May 2021
|
Report
:
Tech Trends 2020
The COVID-19 crisis has increased the urgency and impact on the cybersecurity talent shortage
Various analyses show that there has been a shortage of cyber security talent at both a national and international level for a long time. For example, in 2018 an imminent shortage of cybersecurity personnel was identified. Also on the European level, almost three-quarters of organisations do not have a sufficient cybersecurity team, and a shortage of about 140,000 cybersecurity specialists is visible. The COVID-19 crisis has increased the urgency and impact on the cybersecurity talent shortage, seen that the number of cyberattacks has increased and societies have become increasingly dependent on digital security.
22 June 2021
|
News
:
Opportunities For Cybersecurity Talent in Times of COVID-19
BEC fraud is increasingly occurring in the Netherlands
CEO- and digital invoice fraud, also known as BEC fraud is amongst the top three forms of cybercrime that cause the most financial damage. According to the FBI, between 2016 and 2019, BEC fraud caused 26 billion-dollars in financial damages worldwide. BEC fraud is also increasingly occurring in the Netherlands.
22 June 2021
|
News
:
New Approach Against CEO- and Digital Invoice Fraud to Oppose Cyber Criminals
Annual visual Ransomware 2023
This report gives a brief overview of all the ransomware-incidents reported to the National Cyber Security Centrum and the National Police. The focus is put on how ransomware incidents are reported, who the victims are, how organisations initially respond to them, who the victims are, and the broad variety of ransomware threats.
27 March 2024
|
Report
:
Jaarbeeld Ransomware 2023
Unclarity regarding OT security responsibilities
Who is, or should be, in charge of OT security? Is it someone in the operational part of the organisation? Or an IT or HSE officer? Maybe OT is a shared responsibility, that can not be attributed to one person. OT security often comes down to the IT manager as a side task; but the IT manager also does not have the appropriate knowledge. This may result in a wrong approach to OT security.
3 June 2021
|
Report
:
HSD Report: Implications of OT and IT Integration for Cyber Security
Lack of OT security awareness on boardroom level
The general awareness at boardroom level is not sufficient yet. Boardroom members usually do not have a technical background: explaining to them why OT security is important, is therefore a challenge. At the same time, organisations are willing to learn. Internally, stakeholders see that employees at all levels are increasingly open to OT security training and awareness sessions.
3 June 2021
|
Report
:
HSD Report: Implications of OT and IT Integration for Cyber Security
Lack of organisational communication about cyber attacks
The general tendency in companies is to not communicate about cyber attacks that they have endured, due to not knowing about the attack, feelings of embarrassment, or fear of reputational damage. The persistent silence about cyber attacks counteracts the learning process. Severe cyber incidents must be connected with business continuity management and crisis management.
3 June 2021
|
Report
:
HSD Report: Implications of OT and IT Integration for Cyber Security
Asset management and validation is lacking in OT environments
In OT environments asset validation is lacking – at least on the Dutch market. The problem here is that the source code of OT assets is often not provided by the supplier. As a result, companies possibly use these assets without being able to test these components for security.
3 June 2021
|
Report
:
HSD Report: Implications of OT and IT Integration for Cyber Security
Patching is a challenge in OT environments
Patching, the installation of software updates, is a challenge in OT environments. A patch can result in unforeseen incompatibility with connected systems, thereby disturbing the production process. This is even more of a challenge because organisations cannot simply put their systems on hold for a couple of hours. To prevent compatibility issues, organisations usually wait for vendor approval for a patch. Dependent on the vendor, it can
take some time before a patch can be installed, possibly leaving the system vulnerable in the meantime.
3 June 2021
|
Report
:
HSD Report: Implications of OT and IT Integration for Cyber Security
Testing OT environments is challenging
Testing within OT environments is not as trivial as testing within IT environments. Testing on the production environment can cause undesired, or severe, disruptions in the production
process. Because, whereas the simulation of IT environments can be done relatively easily and cost effective by cloning the IT environment on a separate network or to the cloud, you cannot ‘copy-paste’ an OT environment with its the physical components. Regarding the latter, the development of OT simulation software is evolving; this software enables so-called digital twins.
3 June 2021
|
Report
:
HSD Report: Implications of OT and IT Integration for Cyber Security
Lack of Root Cause Analysis in OT security
A lack of, or unjust, root cause analysis is a problem in OT environments. When a defect or an unplanned disruption in the system happens, it is sometimes classified as a maintenance issue such as ‘component is defect – must be replaced’, while the actual cause could be a hack. In this case, there is a wrongly diagnosed root cause and a solution that will not solve the problem.
3 June 2021
|
Report
:
HSD Report: Implications of OT and IT Integration for Cyber Security
Difficulty in the detection of OT cyber attacks
OT systems are usually protected by safety systems, that detect whether the operations of the system are still showing common behaviour. Through manipulating safety systems first, hackers can attack the operational system without the organisation being able to detect
this at first hand. While the hackers can go on disrupting the operations, the safety system keeps communicating normal values.
3 June 2021
|
Report
:
HSD Report: Implications of OT and IT Integration for Cyber Security
Russia dependence and the continuous espionage threat from Russia towards the Dutch high-tech sector
From Russia there is a continuous espionage threat from human sources towards defense suppliers and other companies from the Dutch high-tech sector who have unique, high-quality knowledge about technologies, which can have both civilian and military applications. The biggest potential threat from Russia to Dutch economic security lies in the dependence on Russia as a gas supplier.
6 June 2021
|
Report
:
Dreigingsbeeld Statelijke Actoren
Developments in cyber-dependent crimes
During the last 12 months, a number of developments pertaining to the dominant threats within the cyber-dependent crime threat landscape have emerged. Malware operators, especially those associated with ransomware affiliate programs, have improved their attack modi operandi and their malware functionalities. Mobile banking trojans have made a break-through thanks to the increasing number of users preferring to conduct their financial activities via mobile devices. Criminals also seem to have realised the increased impact that DDoS attacks have on their targets’ systems if there is a lack of physical alternatives, which has brought about a re- emergence of financially motivated DDoS attacks.
15 December 2021
|
Report
:
Internet Organised Crime Threat Assessment (IOCTA) 2021
Online fraud continues to be effective
Criminals continue making significant profits as well- known types of online fraud continue to be effective. While criminals have not had to re-invent their modi operandi, they continue to refine them, making them more targeted and technically advanced. Investment fraud has become a significant concern, as phishing and social engineering have further increased to generate considerable criminal proceeds. As the COVID-19 pandemic restricts travelling, the shift to online shopping has multiplied opportunities for fraud.
21 December 2021
|
Report
:
Internet Organised Crime Threat Assessment (IOCTA) 2021
Few Major Changes in the Dark Web threat landscape
With regard to the Dark Web, EU law enforcement agencies have reported few major changes in the threat landscape. While the infrastructure of Dark Web marketplaces has not changed drastically, several smaller developments that had already been taking place for some years have now become more commonplace
21 December 2021
|
Report
:
Internet Organised Crime Threat Assessment (IOCTA) 2021
Cyber attacks by state actors as a means of espionage
Countries spy to achieve their own political, military, economic and / or ideological goals. Research by the AIVD shows that more and more countries are spying politically and / or economically.
State actors remain very successful in compromising (government) systems within and outside the Netherlands. This despite investments in the digital resilience of public institutions. In 2019, the MIVD also recognized various cyber espionage activities against the Netherlands, other Western countries and allied interests.
The intelligence obtained through political espionage serves as inside information for states to prepare for political or social developments. This intelligence can also be used to influence decision-making and elections or to get a grip on the diaspora. For example, intelligence is gathered to play countries off against each other in order to undermine unity and international cooperation within the North Atlantic Treaty Organization and the European Union.
The Netherlands is a target of economic espionage. After all, the Dutch economy is highly developed, innovative and internationally oriented. Espionage activities are aimed, for example, at improving their own economic development or to gain knowledge from countries that are facing sanctions.
13 January 2021
|
Report
:
Cybersecuritybeeld Nederland
State actors and criminal actors respond to current events
Actors respond to current events, by:
- Responding to the Covid-19 pandemic. Soon after the outbreak of the Covid-19 pandemic, there were indications that actors were (opportunistically) abusing the situation to carry out "thematic" cyber attacks.
- Active abuse of various vulnerabilities: In 2019 and early 2020, active abuse of various vulnerabilities by state and criminal actors was observed. The AIVD and MIVD confirm that state actors have exploited vulnerabilities in Fortigate and Pulse secure VPN software. Therefore, the AIVD and MIVD have also advised companies and other organizations about measures. The vulnerabilities in Citrix ADC and Citrix Gateway servers were actively exploited by actors soon after the available exploit - which was published on January 9, 2020.
13 January 2021
|
Report
:
Cybersecuritybeeld Nederland
Changing DNS settings as an attack technique
Incidents indicate (renewed) interest in changing Domain Name System (DNS) settings as an attack technique, also known as a DNS hijack. By changing DNS settings of organizations, for example by hacking a registrar, incoming network traffic can be temporarily diverted and intercepted. This can be used for espionage purposes, among other things. Cyber attacks against DNS can have a significant impact on the integrity of the Internet.
13 January 2021
|
Report
:
Cybersecuritybeeld Nederland
Digital application have been introduced in the Netherlands at a large scale, but privacy and security is not aways sufficiently ensured
The report states that, following the COVID-19 crisis, Dutch society has quickly embraced a wide suite of digital applications. One example given here is the usage of videoconferencing platforms, but also data leaks in government Corona-related mobile applications.
29 March 2021
|
Report
:
Advies ‘Naar structurele inzet van innovatieve toepassingen van nieuwe technologieën voor de cyberweerbaarheid van Nederland’
New technologies, whilst threatening on the short term, can enhance cyberresilience on the long term.
Quantum computing, Artificial intelligence and other upcoming technologies stand to change the world. In the short term quantum computing will undermine pre-quantum encryption drastically. AI can be applied to offensively detect and weaponize 0-days and attack systems. On the longer term, quantum encryption and automated 0-day patching can enhance resilience. These are just two concrete examples where these technologies will be in a position to enhance cyber security and resilience on the longer term.
29 March 2021
|
Report
:
Advies ‘Naar structurele inzet van innovatieve toepassingen van nieuwe technologieën voor de cyberweerbaarheid van Nederland’
Strategic technological dependence on foreign actors is undermining the national autonomy of the Netherlands and Europe at large
Upcoming technologies, their applications, but also the systems necessary to run them, think about the computing power needed for certain AI applications, are being developed by both domestic and foreign actors. On certain themes the foreign actors are in the lead. If this lead is not shrunk or reversed there is a risk of a wider dependence on that foreign actor and its government. This could undermine the strategic autonomy of Dutch organizations and the government, but also threaten the geopolitical security of European Data for instance. The current technological armsrace has wider political and economic dependency issues, but could also undermine the competitive edge of Europe.
29 March 2021
|
Report
:
Advies ‘Naar structurele inzet van innovatieve toepassingen van nieuwe technologieën voor de cyberweerbaarheid van Nederland’
Cyber incidents that occurred in The Netherlands from March 2020 to March 2021
A retrospective on cyber incidents that occurred in The Netherlands, in the period from March 2020 to March 2021, with both intentional and unintentional causes. Cyber incidents not only have an impact on direct victims, but also on (chains of) suppliers, customers and members of the public who use the services of (public) organisations. The following are recurring themes in an open source summary of incidents: COVID-19 as an opportunity for malicious actors; targeting facilities for remote working; deliberately denying access to processes; attacks on organisations in supply chains; data breaches, and finally, process outages.
8 September 2021
|
Report
:
Cyber Security Assessment Netherlands
The cybercriminal ecosystem
A description of the current cybercriminal mature economy. Specified trough cybercriminal service providers; dependent perpetrators and autonomous groups.
9 September 2021
|
Report
:
Cyber Security Assessment Netherlands
Ransomware as a solid revenue model and how to break the chain
Ransomware offers cybercriminals of all categories a solid and attractive revenue model. Cryptocurrencies offer ransomware attackers the opportunity to have the victim transfer money in a fast, irreversible and relatively anonymous way. Moreover, there is no monitoring of transactions and payouts, which makes it extremely attractive for criminal use. This revenue model was further strengthened by the Revenue-as-a-Service (RaaS) Phenomenon.
9 September 2021
|
Report
:
Cyber Security Assessment Netherlands
How violation of cyberspace affects national security
Violation of (the security of) cyberspace poses a risk to national security. After all, important elements for the functioning of cyberspace are vulnerable to system failure and/or misuse. Boosting resilience to this is a limited possibility for individual states and organisations. The complexity of this global ICT chain is explained within the report.
10 September 2021
|
Report
:
Cyber Security Assessment Netherlands
Means and targets used by state actors to achieve theirs objectives
State actors use their instruments to promote their interests in the geopolitical force field. They pursue to promote their objectives and this is also makes itself felt in cyberspace. In this snippet the means used by states is further elaborated.
13 September 2021
|
Report
:
Cyber Security Assessment Netherlands
Risk management as instrument in boosting resilience
Experts point to major differences in resilience between and within sectors and chains. Organisations that seem to be in a better position have, in addition to taking basic measures, also focused on a risk-based way of working. There are a number of widely applicable basic principles that can also be applied by smaller organisations. It is ultimately up to public administrators and leaders of organisations, whether in the private sector, central government or politics, to manage risks. The concept of risk management is described in three processes. From the requirement of constant attention for risk, to the wide application of risk management and the commitment of directors to buy-in on risk management.
14 September 2021
|
Report
:
Cyber Security Assessment Netherlands
Understanding the Risks and Opportunities of AI for Businesses
There is still a lot of confusion over what AI is, how we are using it and how we might be affected by AI-enhanced cyber attacks. This paper addresses the risks and opportunities of AI for businesses.
5 December 2023
|
Report
:
The AI Arms Race
Downtime
When an SMB gets hit by a cyberattack that results in a level of downtime (loss of business hours), the myth suggests that they don’t have the resources to rebound nearly as fast as their larger counterparts.
This is false. Data suggests that there is very little difference in the amount of downtime suffered by SMBs and larger organizations.
30 March 2021
|
Report
:
Big Security in a Small Business World
Lack of dedicated security personnel
With everyone pitching in wherever necessary in SMBs, there’s an assumption that cybersecurity is just one aspect of someone’s job. And that this person is also balancing other aspects of IT management such as managing data centers and evaluating new hardware. The myth is that SMBs have few, if any, dedicated resources for cybersecurity.
This is false. While this may be the case for some, SMBs overwhelmingly told us that they do have dedicated employees for cybersecurity. In fact, less than 1% of SMBs told us that they didn’t have anyone dedicated to security. Perhaps even more surprising, 60% said they had over 20 people dedicated to security – although we didn’t specify what level of involvement that dedication may entail or if the employees were outsourced with a managed security service provider (MSSP).
30 March 2021
|
Report
:
Big Security in a Small Business World
Keeping infrastructure up-to-date
With the frequency of consumers upgrading to the latest smartphone, it may seem that larger organizations can afford to replace each element of their security infrastructure. But what about smaller businesses, where that cycled investment might have greater impact on their annual IT budget?
This is partially true. When asked to describe their infrastructures, and their strategy for investing and replacing key security technologies, here’s what SMBs told us: Almost all SMBs are diligent about keeping their infrastructure up to date.
30 March 2021
|
Report
:
Big Security in a Small Business World
Difference in threats between SME's and Corporates
Cyber criminals want the biggest prize, so they’ll use their most stealth and dangerous tactics against the larger businesses, right?
This is partially true. We compared the types of cyberattacks that SMBs and large enterprises reported they’ve experienced in the past year, with how much downtime (loss of business hours) the attacks caused. We did this using four categories based on organizational number of employees and ranked the events most likely to create more than 24 hours of downtime.
30 March 2021
|
Report
:
The future challenges facing criminal justice systems
Threat hunting
Threat hunting is a proactive security exercise, with the intent of finding and rooting out attackers that have penetrated your environment and haven’t raised any alerts. This contrasts with traditional investigations and responses that stem from alerts that appear after potentially malicious activity has been detected.
The whole concept of threat hunting sounds like it involves a mysterious crime scene investigation, with its nuances and complexity out of reach for smaller businesses. SMBs have their hands full trying to investigate alerts; they don’t have time to go hunting for other threats, right?
FALSE: From our survey data, not only do 72% of SMBs have employees dedicated to threat hunting, but this is also close to the percentage of large organizations who have a threat hunting department.
Although their levels of maturity may differ from larger organizations due to less resources, our data suggests that SMBs recognize the value of, and are embracing a proactive approach towards cybersecurity.
30 March 2021
|
Report
:
Big Security in a Small Business World
Testing incident response plans with drills/exercises
As Mike Tyson often said, “Everyone has a plan until they get punched in the face.” Until you know how your incident response plan performs in action, it’s only worth the words on the page.
But smaller businesses don’t have the luxury of time and resources to test their plans, right? Surely that would cause more disruption than it would be worth.
FALSE: This myth is simply not true. Only one percent of SMBs never test their plan, and four percent rarely test. Twelve percent test every two years, 36% test annually, and the largest percentage (45%) test every 6 months.
30 March 2021
|
Report
:
Big Security in a Small Business World
SME Leadership Taking Security and Data Privacy Seriously
Here’s the big one – the one that the collective industry has unfortunately been peddling for years. As an SMB, you’re in the dark on how much danger you’re in – and haven’t nurtured an organizational culture around security and data privacy.
FALSE: Our data proves that this myth is very far removed from the actual truth. And there are three ways to prove this from our survey of IT decision-makers from different sized organizations.
30 March 2021
|
Report
:
The future challenges facing criminal justice systems
SME's patching vulnerabilities
Patching often falls under the basics of cybersecurity, but in practice, it can be challenging to implement. One myth suggests that SMBs would rather use their resources elsewhere than find ways to minimize the disruption caused by patching.
This is false: Fifty-six percent of SMBs patch daily or weekly, compared to 58% of large businesses – showing that for the very regular patching routines, all business sizes approach it the same.
30 March 2021
|
Report
:
The future challenges facing criminal justice systems
Measure the efficacy of security programs
Assumptions have been made that smaller businesses employ more of a ‘spray and pray’ approach to cybersecurity. The implication is that they don’t have the measures in place to be able to monitor and measure what’s really working, and therefore can’t optimize what they have.
This is false. An impressive 86% of SMBs say they have clear metrics for assessing the effectiveness of their security program, compared to 90% of larger organizations.
30 March 2021
|
Report
:
Big Security in a Small Business World
Strategic Roadmap for Artificial Intelligence
In order to utilize the social and economic opportunities of AI in the Netherlands, three roads of action are taken: 1) stimulating AI entrepreneurship and using AI in government, 2) creating the right conditions for research, education, the use of data and connectivity, 3) protecting safety, human rights, ethical values, public and consumer trust.
30 March 2021
|
Report
:
Strategisch Actieplan voor Artificiële Intelligentie
In an increasingly digitised economy, companies need to increase their cyber resilience
Cybersecurity is more relevant than ever before. In an increasingly digitised economy, accelerated by the COVID-19 pandemic, companies need to increase their resilience against cyber threats. The Dutch cybersecurity sector has a strong reputation internationally and a growing number of Dutch scale-ups are successfully expanding internationally.
18 May 2021
|
News
:
Selected Scale-ups Announced for Cybersecurity Globaliser 2021
Expending the Dutch cybersecurity market to America
In the next few years, the Netherlands Enterprise Agency (RVO), InnovationQuarter (IQ) and HSD, in collaboration with the Dutch embassy and consulates, will be fully committed to simulating business to go abroad to the United States. A "programmatic approach to cybersecurity US" gives shape to this: the roadmap multi-year cybersecurity US program. Several companies linked to HSD have expressed growth ambition. Wether they are at the start of their journey to branch out or are already active in America for a while.
12 June 2021
|
News
:
Expansion to North America Thanks to RSA 2020 Participation
Dutch companies and knowledge institutions working together to position the Netherlands in Japan
Different Dutch companies and knowledge institutions linked to HSD are working together in a consortium to position the Netherlands as a country that can ensure the digital safety of Japan's vital infrastructure, especially during the 2020 Olympic and Paralympic Games in Tokyo. Key points are protecting energy, drinking water, and the telecom sector. This is part of the larger programmatic approach of a Partners International Business (PIB) Japan. Participation in such a program requires a commitment and trust.
12 June 2021
|
News
:
Doing Business in Japan
Investments are necessary for the Dutch security labour market
The province of South Holland is investing in the Dutch security labour market. This investment is necessary in order to fulfil the need for professionals, knowledge, expertise and skills.
21 June 2021
|
News
:
Province of South Holland Invests in Human Capital and 'Lifelong Development'
The number of attacks with ransomware and the damage resulting from such attacks are increasing
There are all kinds of solutions on the market in order to detect suspicious activity. However, some solutions are working insufficiently. For example one network sensor, only recognised 4% of all phishing attempts and was unable to stop ransomware. Also, traffic to the dark web was not considered to be suspicious.
21 June 2021
|
News
:
Research by EYE: Cyber Products For SMEs Are Often Ineffective
The exploitation of vulnerabilities due to teleworking during the COVID-19 pandemic
The growth in teleworking during the COVID-19 pandemic has led people to forget basic and essential security rules, helping cyber-criminals in their search for information.
13 May 2021
|
External
:
What are the cybersecurity trends for 2021?
Cyber-criminals: AI-based tools to create deep fakes
Cyber-criminals are likely to Increase the use AI-based tools to create highly believable counterfeits (image, audio and video format) – commonly known as deep-fakes – to defraud companies.
22 January 2021
|
Report
:
The Year in Review
Cyber-criminals: Business Process Compromise (BPC)
Cyber-criminals are likely to Improve the tactics that compromise business processes to obtain financial advantage. The threat = Business process compromise (BPC)
22 January 2021
|
Report
:
The Year in Review
Cyber-criminals: Business e-mail compromise (BEC)
Cyber-criminals are likely to lower one level in the organisation - below executive – to compromise business emails. Business e-mail compromise (BEC)
22 January 2021
|
Report
:
The Year in Review
Trends en ontwikkelingen digitale veiligheid
Nieuwe uitdagingen door versnelde digitalisering mede door pandemie: we brengen bestaande ICT-systemen voor beschikbaarheid over naar de cloud, persoonsgegevens die door grootschalig test- en contactonderzoek worden verzameld vormen privacyrisico, werknemers moeten kunnen inloggen vanuit huis met hun eigen apparatuur.
Nieuw inzicht in lokale vitale processen door lockdown: stedelijke functies zoals het onderwijs, gezondheidszorg, lokale distributie van levensmiddelen en de detailhandel worden (deel) opgeschort of moeten online plaatsvinden. Het is zichtbaar geworden wat de stad nodig heeft voor basisniveau van functioneren en belang digitale continuïteit en veiligheid is.
Aanvallen van statelijke actoren: samenleving afhankelijk van grote (buitenlandse) techbedrijven en statelijke actoren vallen grote organisaties aan voor geopolitieke belangen. Zowel medewerkers als toeleveranciers kwetsbaar, systemen worden gemanipuleerd of gesaboteerd.
Digitale criminaliteit: niet alleen statelijke actoren die aanvallen uitvoeren. Ook criminelen voeren voor financieel gewin aanvallen uit. Afgelopen jaar in Nederland talrijke aanvallen met ‘gijzelsoftware’ en aanvallen waarbij een groot aantal persoonsgegevens illegaal werd verhandeld. Door de pandemie is er sprake van een verschuiving van traditionele naar digitale criminaliteit: verkoopfraude, valsheid in geschrifte en hacken. Voor online criminaliteit is sprake van een toename van 54% in vergelijking met 2019. Voor de Eenheid Den Haag was er sprake van een toename van 42%.
4 April 2022
|
Report
:
Agenda Digitaal Veilig Den Haag
Network security transforms from the focus on LAN-based appliance models to SASE
Cloud-delivered security services are growing increasingly popular with the evolution of remote office technology. Secure access service edge (SASE) technology allows organizations to better protect mobile workers and cloud applications by routing traffic through a cloud-based security stack, versus backhauling the traffic so it flows through a physical security system in a data center.
21 January 2021
|
Report
:
Gartner Top 9 Security and Risk Trends for 2020
Evolutie van ransomware
De ontwikkeling van ransomware het laatste decennium wordt beschreven in deze tekst, evenals een verandering in doelwitten.
17 September 2021
|
Report
:
Whitepaper Ransomware
A sharp increase in cybercrime offences related to the COVID-19 pandemic
During the first weeks of the COVID-19 pandemic, a sharp increase in various cybercrime offences was noted. These offences include phishing and malware attacks, ransomware and an increase in the online distribution of child abuse material.
22 March 2021
|
Report
:
Beyond the Pandemic - Europol
A change in the nature of cybercrime and the modus operandi of cyber-attacks during the COVID-19 pandemic
The nature of cybercrime as well as the modus operandi of cyber-attacks evolved and changed during the COVID-19 pandemic. Phishing and malware attacks have become more sophisticated and complex. Also, the period between the infection of an electronic device with ransomware and the activation of the ransomware attack has shortened in order to maximise profits.
23 March 2021
|
Report
:
Beyond the Pandemic - Europol
Migratory flows have slowed down during the COVID-19 pandemic
The influx of migrants towards Europe has slowed down due to the COVID-19 pandemic. Travel restrictions and lockdown measures have made it difficult for migrants to travel. A loosening of travel and movement restrictions is likely to result in an increase in the movements of irregular migrants as they have been largely unable to make further movements during the lockdown
23 March 2021
|
Report
:
Beyond the Pandemic - Europol
Cashless and online payment options are becoming more prevalent during the COVID-19 pandemic
Cashless payment options are becoming increasingly prevalent and online payment options, including cryptocurrencies, are increasingly accessible to all users in the wake of the COVID-19 pandemic. Cash is normally the preferred medium for criminal transactions. However, the importance of cash-intensive businesses are diminishing.
23 March 2021
|
Report
:
Beyond the Pandemic - Europol
A growing number of organizations have CISO's
The importance of information security in the highly digitized world has increased significantly in recent decades and will continue to rise in the next decade. A continuous stream of examples of cyber attacks that paralyze entire institutions underlines this importance. It is therefore not surprising that more and more companies and institutions have a CISO (Chief Information Security Officer) or even an entire Information Security Office
27 May 2021
|
Report
:
HSD CISO Whitepaper: een robuustere cybersecurity
In recent years there has been a change in the role of the CISO
In recent years there has been a change in the role of the CISO, from a minimal realization of the role, to a more mature, full realization of the role. For example, the focus of the CISO has moved from technology to the organisation, the CISO has shifted from being difficult to being supportive, and there has been a growth in CISO Office team size as the mindset has shifted to security being essential for an organisation.
27 May 2021
|
Report
:
HSD CISO Whitepaper: een robuustere cybersecurity
The attention to resilience and especially robustness within cybersecurity lags behind the attention to prevention
The Netherlands is increasingly digitizing. For most organisations, a failure of ICT means a serious impediment to the execution of the (core) activities. The chance of failure can be reduced by all kinds of protective measures, but the risk remains. The impact of outages is often great. To guard against this, both resilience and robustness can be increased. The resilience of the system is the ability to quickly restore ICT and network, so that normal operation can be resumed. The robustness of the organization is the ability of this organization to continue to perform its core tasks without ICT support. The CISOs recognized the picture outlined. In general, there are too few fall-back options - long-term ICT outages are not sufficiently taken into account.
27 May 2021
|
Report
:
HSD CISO Whitepaper: een robuustere cybersecurity
Several factors can play a role in an increased focus on resilience and robustness in cybersecurity
factors can play a role in increasing resilience and robustness in cybersecurity:
-The management (board / board of directors) is often still too naive when it comes to cyber incidents and the resulting consequences. A business impact analysis and having the CISO speak the language of the board can solve this.
-Awareness campaigns are too rational, people do not "feel" the risk, and they are too focused on prevention. Practicing cyber incidents can solve this.
-Technical systems can contribute to increased robustness. Make sure to compartmentalize, standardize and simplify them.
-In a society that relies heavily on automation, the shortage of specialists, capacity and knowledge in the field of cybersecurity is a serious risk in the longer term
-The government plays an important role when it comes to the prevention of major cyber incidents and the preparation for dealing with such incidents should they occur.
27 May 2021
|
Report
:
HSD CISO Whitepaper: een robuustere cybersecurity
The Netherlands has an excellent position in the world when it comes to coordinated vulnerability disclosure
The Netherlands has an excellent position in the world when it comes to coordinated vulnerability disclosure (previously often referred to as responsible disclosure). This contributes to overall cyber security. There is still room for improvement on this.
27 May 2021
|
Report
:
HSD CISO Whitepaper: een robuustere cybersecurity
Cyber espionage by state actors
The Dutch healthcare sector is interesting for state actors. A lot of innovative research is taking place in the Netherlands, for example with regard to COVID-19, which draws the attention of state actors. Different branches of the healthcare sector, like hospitals, laboratories, the GGZ and more, are conducting valuable research. Z-CERT is aware of the fact that at least thirteen cyber groups have been paid by states that have shown interest in the Netherlands and in healthcare. This poses a potential threat.
29 March 2022
|
Report
:
Cybersecurity Dreigingsbeeld Zorg 2021
Distribution of counterfeit and substandard goods
The (online and offline) distribution of counterfeit and substandard personal protective equipment, pharmaceutical and sanitary products, including fake ‘corona home test kits’ and alleged vaccines preventing COVID-19 infection, remains a consistent pandemic-related criminal activity.
22 January 2021
|
Report
:
How Covid-19-related Crime Infected Europe During 2020
The first- and second-most commonly cited causes of breach are malware and malicious spam.
The first- and second-most commonly cited causes of breach are malware and malicious spam. Ransomware causes the most destructive amount of downtime (over 17 hours) and also doesn’t discriminate – this includes small, medium and large businesses and enterprises. Brand reputation has increasingly become an area of security breaches, to such an extent that brand reputation is now the second-most impacted business area after operations. Businesses and enterprises who show collaboration between security, networking, endpoint management, or security groups, showed significantly lower breach costs. It therefore comes as no surprise that voluntary breach disclosure is at an all-time high.
21 June 2021
|
News
:
Cisco 2020 CISO Benchmark Report
Forty six percent of organizations had an incident caused by an unpatched vulnerability
Forty six percent of organizations (up from 30 percent in last year’s report) had an incident caused by an unpatched vulnerability.
21 June 2021
|
News
:
Cisco 2020 CISO Benchmark Report
Privacy concerns are penetrating society at a large scale
Privacy is a topic of discussion in current debates. For example, Big Tech can utilise data that is gathered through search engines. In order to maintain the privacy of users, a new privacy friendly search engine was developed.
“Our privacy-first proposition was far ahead of its time. In 2006, there had not yet been many extensive data breaches and the awareness of privacy threats was minimal. So at the start, our primary target group was privacy activists. Often they were lawyers and computer scientists who were aware of the threat of neglectful data policy. Today, however, we see that privacy concerns are penetrating society at a larger scale, and our business is growing. Spikes in search volumes occur every time a new data breach is announced, which results in steady growth on the longer term.”
12 August 2021
|
News
:
Private Search Engine Startpage Protects your Privacy, and Further Strengthens the Dutch Legal Reputation
Economic and financial crime are becoming less visible to law enforcement authorities
Economic and financial crime entail a relatively low risk of discovery and prosecution with the potential for high profits. Such activities are therefore attractive to organised crime groups (OCGs). However, the complexity of economic and financial crimes makes it difficult to law enforcement agencies to detect and investigate. Technological innovation and digitalisation have provided even more challenges for detection and investigation activities.
25 March 2021
|
Report
:
Enterprising Criminals
The number of fraud schemes is increasing
The number of fraud schemes targeting individuals, companies and the public sector is increasing. During the COVID-19 pandemic, criminals have shown that they can adapt fraud schemes to changing societal conditions, in order to exploit fears and vulnerabilities.
25 March 2021
|
Report
:
Enterprising Criminals
Financial technology (fintech) solutions are emerging as a new standard for customers to interact with financial services
Financial technology (fintech) has provided digital online solutions for customers to interact with financial service providers. This has resulted in a leap of usability and accessibility of financial services. However, fintech solutions also pose risks. Customers lack the technical knowledge and experience to use these services proficiently, which makes them vulnerable to cybercriminals. Cybercriminals deploy phishing techniques and malware to gain access to customer's accounts. Fintech has also weakened the know-your-customer (KYC) procedures for financial institutions, due to increased digitalisation and less direct customer interaction. The KYC procedures were put in place to prevent money laundering, tax fraud and illicit use of the financial system.
25 March 2021
|
Report
:
Enterprising Criminals
The dark web has provided a new platform for cybercriminals
The dark web has provided a platform for cybercriminals to exchange tools, expertise and contact details to orchestrate attacks and scams. This level of coordination is new and has resulted in more sophisticated attacks against targets in the EU.
25 March 2021
|
Report
:
Enterprising Criminals
Economic downturns create opportunities for crime
During economic downturns or recessions, individuals and companies make more use of unregulated financial services, investment fraud schemes flourish and criminals seek to obtain (governmental) economic stimuli. For example in the wake of the COVID-19 pandemic, criminals try to obtain public funding through the use of various methods, such as corruption.
25 March 2021
|
Report
:
Enterprising Criminals
The value and usage of intellectual property rights is expanding, providing new incentives for criminals
The value and usage of intellectual property rights continues to expand, providing growing incentives for criminals to exploit and infringe these rights. Therefore, organised crime groups (OCGs) are increasingly involved in criminal activities, such as the counterfeiting and piracy of goods. OCGs have adopted more sophisticated and complex modi operandi, facilitated by technological development and global distribution channels.
25 March 2021
|
Report
:
Enterprising Criminals
Intellectual property rights infringement causes considerable economic, environmental and health consequences
Criminal activities as counterfeiting and piracy, which are forms of intellectual property rights infringement, cause revenue loss for legitimate businesses. It also leads to job losses, hampering of innovation, consumer health and safety issues and environmental consequences. Common consumer items that are counterfeited or pirated include cosmetics, electronics, food and drinks, pharmaceuticals, spare vehicle parts and toys.
25 March 2021
|
Report
:
Enterprising Criminals
A growing number of online platforms and -applications makes it increasingly difficult for law enforcement agencies to detect money laundering schemes
The expanding number of online platforms and -applications offer new ways of transferring money online. These platforms are not always regulated in the same way as traditional financial service providers. Consequently, these platforms make it increasingly difficult for law enforcement agencies to conduct money laundering investigations. Lastly, money laundering services are provided by organised crime groups themselves or are outsourced as a 'crime as a service'.
30 March 2021
|
Report
:
Enterprising Criminals
Ransomware threat actors increasingly innovate their technology and criminal modus operandi
Ransomware attacks launched throughout 2020 magnified the suffering of an already wary population. As the pandemic ravaged lives and livelihoods, so did a host of ransomware families, whose efforts did not stop targeting the health and education sectors, even as hospitals became COVID-19 battlegrounds and schools struggled to invent an entirely new way to teach children through March and beyond. Ransomware operators pioneered new ways to evade endpoint security products, spread rapidly, and even came up with a solution to the problem (from their perspective) of targeted individuals or companies having good backups, securely stored where the ransomware couldn’t harm them.
13 May 2021
|
Report
:
Sophos 2021 Threat Report
Data theft creates a secondary extortion market
More ransomware groups now engage in data theft so they may threaten targets with extortion over the release of sensitive private data. As a countermeasure to their victims’ preparedness, several ransomware families picked up on a side hustle designed to increase pressure on their victims to pay the ransom – even if every backup with
essential data was safe. Not only would they hold the machines hostage, but they would steal the data on those machines and threaten to release it to the world if the targets fail to pay a bounty.
13 May 2021
|
Report
:
Sophos 2021 Threat Report
Ransoms rise as attacks increase
As ransom groups put more effort into active attacks against larger organizations, the ransoms they demand have risen precipitously. In just the past quarter, the average ransom payout has risen by 21%. Ransomware comes in weight classes, now: heavyweights that attack large enterprise networks, welterweights that target civil society (public safety and local government) and small-to-medium businesses, and featherweights that target individual computers and home users. While earning the dubious distinction of being the heaviest heavyweight sounds impressive, it isn’t fair to compare high ransom demands to those that originate from the lower end of the ransomware spectrum. Ransomware heavyweights are the primary driving factor in the demand for sky-high ransoms.
13 May 2021
|
Report
:
Sophos 2021 Threat Report
Increased collaboration between ransomware threat actors
Distinct threat actor groups that engage in ransomware attacks appear to be collaborating
more closely with their peers in the criminal underground, behaving more like cybercrime cartels than independent groups. What appeared to be a wide variety of ransomware may not be as wide as it seems. As time went on, and we investigated an increasing number of attacks, Sophos analysts discovered that some ransomware code appeared to have been shared across families, and some of the ransomware groups appeared to work in collaboration more than in competition with one another.
13 May 2021
|
Report
:
Sophos 2021 Threat Report
Do not underestimate commodity malware
Even low-end "commodity" malware can lead to major breaches, as more malware families branch out into becoming "content distribution networks" for other malware. Don’t let the fact that malware families are merely ordinary lull you into a false sense of security.
These malicious workhorses can cause huge problems if allowed to persist.
- One of the most common malware types is the loader.
- Remote Access Trojans, or RATs, and infostealers are among the oldest forms of malware.
- Trickbot has been a persistent nuisance malware for at least four years.
13 May 2021
|
Report
:
Sophos 2021 Threat Report
RDP is the #1 attack vector for ransomware
The Windows Remote Desktop Protocol, or RDP, is a standard service available in all current versions of Windows. With very little effort, RDP allows IT admins or computer users the ability to log in to a computer when not physically in the presence of that computer, which can be great in the case of a pandemic where everyone is suddenly forced to work from home. Unfortunately, for the past three years, ransomware threat
actors have been abusing (at an accelerating rate) that same remote access platform as a way to gain a foothold and cause large-scale damage to enterprises, earning them an increasingly large payday from targeted organizations. The impact of the COVID-19 lockdown era has only exacerbated the problem, as increasing numbers of organizations and workers are forced by circumstances to rely upon RDP in order to remain operational.
13 May 2021
|
Report
:
Sophos 2021 Threat Report
BEC scammers are on the prowl in the distributed work ennvironment
BEC scams existed prior to the COVID-19 era, but as more people are working remotely, BEC scammers are on the prowl. Back when most of us were working in offices, physical proximity between the target and subject would have made the scam immediately apparent. But our current distributed work environment, where both the executive and employee are unlikely to be in the same physical proximity, reduces the opportunities for people to just walk over to someone’s desk and ask them to confirm the request. As an attack against the better nature of people who just want to be helpful and supportive, it is a particularly offensive type of scam.
13 May 2021
|
Report
:
Sophos 2021 Threat Report
Increased use of old bug 'VelvetSweatshop'
When it comes to malicious office documents (maldocs) and the exploits they attempt to deploy, what’s old is often used again and again, goes away after Microsoft produces an update, and then (sometimes) resurfaces. Newly-disclosed vulnerabilities often find favor among the criminals who use maldocs as a stepping stone to deliver a malware payload, because not everyone installs patches right away, and it sometimes takes a bit of time for security companies to craft an effective “safety net” defense, based on behavior or other characteristics of a novel vector. Most of the maldocs we’ve seen throughout the past year have been constructed using tools called builders that give attackers a literal point-and-click menu system that lets them decide exactly what exploit(s) to craft into the malicious document. As endpoint protection tools get better at identifying these more modern exploits, which usually involve a script that has been embedded into the document, maldoc creators seem to have dug deep to find a very, very old bug that helps conceal the macros or other malicious content in the documents. The bug is colloquially known as the VelvetSweatshop.
13 May 2021
|
Report
:
Sophos 2021 Threat Report
Home is the new network perimeter
Working from home presents new challenges, expanding an organization's security perimeter to thousands of home networks protected by widely varying levels of security.
As workplace perimeters stretch and expand to encompass big portions of the workforce in their remote locations, circumstances have enhanced the seriousness with which we view home networks’ role as the last line of defense. The modem in the hall closet is now the network perimeter. We need a complete rethink of how to provide that structure with defense in depth.
13 May 2021
|
Report
:
Sophos 2021 Threat Report
Crimeware as a service
The term “crimeware” is intentionally broad; some creators of malware, or of the tools that enable malware to be delivered with ease or to enhance it with new features, don’t sell their product outright, but license it as you might buy a one-year license for the Adobe Creative Suite. We’ve called this class of business model “crimeware-as-a-service,” (CaaS) and it seems poised to be the new normal. One of the more notorious examples of a CaaS malware is Emotet. Dharma ransomware is another CaaS malware of note. As attackers branch out into specialties and sub-specialties, it seems the business model in which
criminals work with independent contractors, freelancers and affiliates is one that doesn’t seem to be going away anytime soon.
13 May 2021
|
Report
:
Sophos 2021 Threat Report
Remote work raises the importance of secure cloud computing
The overprovisioning of access permissions, limited visibility of assets and resources in the cloud and a lack of auditing, can all make cloud environments more vulnerable to cyberthreats and malware is about as bad in the cloud as it is everywhere else. For instance, cryptojacking is a growing problem in the cloud. Further, many dispersed, remote workforces have been hit by ransomware attacks, where criminals locked down the cloud infrastructure the same way they targeted physical machines.
the majority of security incidents involving cloud computing came down to two primary root causes: stolen or phished credentials, or misconfigurations that led to breaches. Seven out of ten of the more than 3,700 IT professionals surveyed for the report claimed that the cloud infrastructure they support had experienced a breach in the 12 months
prior.
13 May 2021
|
Report
:
Sophos 2021 Threat Report
5G presents new and steeper challenges
5G is well on its way to becoming an integral part of running any business. However, the increasing use of 5G allows hackers the chance to control all 5G-related systems, throwing security barriers for small businesses. According to Contego Security, 2021 will see a widespread focus on device and network security.
11 June 2021
|
External
:
Top 9 Cybersecurity Trends To Watch Out For In 2021
It is predicted that ransomware attacks will intensify in 2021
Through collaborative partnerships among hackers, ransomware attacks will increase in scale and scope. Hackers are not just threatening your data, they are threatening to disclose or sell it. During the COVID-19 pandemic the attacks on businesses are expected to intensify.
11 June 2021
|
External
:
Top 9 Cybersecurity Trends To Watch Out For In 2021
Businesses not staying on top of remote access security
Businesses continue to advise their employees to work from home. However, businesses are not up to date with the remote access security needed, this leaves them more susceptible for hackers. It is important for companies to secure their remote access points properly, otherwise nothing is stopping hackers from compromising their networks and data.
11 June 2021
|
External
:
Top 9 Cybersecurity Trends To Watch Out For In 2021
The move to Cloud storage gives way to unique challenges and the attention of hackers
It is important to adopt a practical approach to cloud security. The rising confidence in hybrid, private, and public data cloud gives way to more unique challenges and an increased interest of hackers. As 2020 has showed with a spike in malware attacks against web applications, online applications have become more vulnerable than ever.
11 June 2021
|
External
:
Top 9 Cybersecurity Trends To Watch Out For In 2021
Mobile devices are the easiest to target for hackers
Hackers are shifting their attention to mobile devices (smartphones) as many employees keep their private data on mobile phones and devices. A challenge is the fact that It managers don't see the value of investing in mobile security infrastructure.
11 June 2021
|
External
:
Top 9 Cybersecurity Trends To Watch Out For In 2021
Human character as the weakest link in the field of cybersecurity
The human character is by far the trickiest and weakest link in the field of cybersecurity. Contrary to other threats, insider attacks can be triggered just by how staff members feel.
11 June 2021
|
External
:
Top 9 Cybersecurity Trends To Watch Out For In 2021
Sharp rise in spear-phishing
Phishing is a powerful method of hacking. Bad actors have evolved from phishing email to using spear-phising, which is a more targeted form that guarantees more success.
11 June 2021
|
External
:
Top 9 Cybersecurity Trends To Watch Out For In 2021
Ever-growing cybersecurity skills gap
The demand for cybersecurity experts exceeds supply. And as bad actors are not slowing down their disruptive actions, extra attention has to be paid to this problem.
11 June 2021
|
External
:
Top 9 Cybersecurity Trends To Watch Out For In 2021
Integrating security into agile processes and the automation of cybersecurity
By integrating security into agile processes, such as DevOps and CI/CD, small businesses can easily build more secure software. They’ll also be able to keep up with the required quality and pace of software development. Large and complex web apps are even more difficult to secure, making automation and cybersecurity an integral part of software development in 2021 and beyond.
11 June 2021
|
External
:
Top 9 Cybersecurity Trends To Watch Out For In 2021
5 must-have protections for a secure remote workforce
Now global work goes remote digital threats appear, for instance trough unintentional errors or increase of cyberattacks. Below five must-have protections are pointed out by Check Point to secure your remote workplace. The importance of securing remote users cannot be understated. The business is only truly protected when its users are, as most attacks start at the weakest link – the user.
17 September 2021
|
Report
:
The Ultimate Guide to Remote Workforce Security
Zero Trust policy as a solution for Cybersecurity within organizations
Due to Covid-19, many people were forced to start working from home in early 2020. This growing mobile workforce coupled with companies’ increasing reliance on cloud storage and third-party software has put data security at its greatest risk to date. These factors have also made it more and more difficult to define the network perimeter and apply appropriate protections. Yet regardless of the amount of money and resources a company puts into implementing cybersecurity measures, the human factor always has the potential to unravel everything. This is why the Zero Trust model and cybersecurity consulting can bring people and companies into the new era of security.
17 September 2021
|
Report
:
The Easy First Step to Starting Your Zero Trust Journey
An increase and shift in ransomware attacks
Going into 2019, many ransomware operators shifted their focus from ordinary users to companies, government agencies, and other victims that would help them pocket more money. This shift and parties currently most attacked by ransomware are discussed in the snippet. Furthermore is a description of the ransomware market both criminal to criminal and criminal to corporations.
20 September 2021
|
Report
:
Hi-Tech Crime Trends 2020/2021
Initiatives from The Netherlands and Singapore for combating financial crimes
During a roundtable discussion on problems involving cryptocurrency (digital assets) and blockchain applications a number of initiatives came forward. The initiatives are: Transaction Monitoring Nederland; FinTech Regulatory Sandbox Singapor; Takedown of Bestmixer.io; Virtual Assets Red Flag Indicators; Cyber-enabled Financial Crimes Trend Report and A Privacy-friendly Way to Harness Data.
17 November 2021
|
Report
:
Combating Financial Crimes in the Era of Emergent Technologies
Using synthetic data to negate data privacy risks
Companies and governments collect a lot of sensitive data about customers and citizens. They are bound by legislation (like the GDPR) as to how they can use this data. However, this data does not have to be real data, as the same can be achieved with synthetic data. Companies can use AI driven software to generate synthetic data for a variety of use-cases. Software on the market gives organizations a secure and widely applicable platform to realize innovations with more data, faster data access and zero data privacy risks.
14 June 2021
|
News
:
Dutch Security TechFund Invests in Syntho’s Synthetic Data Solution to Solve the Global Data Privacy Dilemma
Cybersecurity risks will continue to rise
From schools and hospitals to private businesses, there’s been a rise in cyberattacks over the last year. In Q3 of 2020 alone, Trends Micro reported that there were almost 4 million email threats and over 1 million hits on malicious URLs related to COVID-19.
Much of this can be linked to the overnight shift towards remote work, which left organizations scrambling to keep business running while also trying to secure corporate assets. That said, even essential-service organizations such as hospitals and public institutions which require employees onsite were severely impacted by cybercrime.
In today’s world, a secure IT perimeter no longer exists. Physical security professionals must put measures in place to deter hackers and protect their businesses.
Choosing trusted vendors and deploying physical security solutions that come with layers of cyber defenses is critical. Security teams already know built-in encryptions, multi-factor authentication, and password management are the first lines of defense.
Beyond that, taking advantage of other features can improve cybersecurity posture. This includes having access to cybersecurity risk scoring, system vulnerability alerts, and automated reminders for firmware and hardware updates.
12 May 2021
|
External
:
Top physical security trends for 2021
Businesses will focus on privacy protection
During the COVID-19 pandemic, many organizations implemented ‘fever detection’ devices and other new systems. In a rush to keep people safe, they may not have had the time to consider how potential privacy concerns could arise from this in the coming months to come.
In times of crisis, it’s even more important to keep privacy in mind. That’s why more businesses are re-evaluating how they collect, store, and share personal information. With big penalties at stake, they’re seeking ways to better comply with data and privacy protection laws.
We believe that public privacy concerns related to COVID-19 contact tracing and other social challenges will continue to grow. These sensitivities will require the physical security industry to address privacy head-on and find appropriate solutions.
For many physical security professionals, this means facing the reality that their legacy security equipment and older proprietary systems can’t support the fundamentals of data security and privacy. This will increase the demand for newer solutions engineered with privacy by design.
12 May 2021
|
External
:
Top physical security trends for 2021
Demand for cloud and hybrid cloud solutions will continue to grow
According to a report titled Predictions 2021 by Forrester, global public cloud infrastructure will grow 35% to a market value of $120 billion in 2021. The pandemic is largely responsible for the surging demand for cloud. As online usage and remote work spiked, there’s been a global shift to accelerate digital transformation. Even with this movement underway, a recent Genetec report titled the State of Physical Security 2020 found that only 20% of respondents had already deployed cloud solutions in their physical security environments.
To thrive in the long run, physical security professionals will need to follow the lead of other industries and their IT departments and determine how to best leverage cloud technology in the years ahead. In 2021, we believe more chief security officers will let go of the division between cloud and on-premises physical security systems and embrace a hybrid deployment model. This allows them to implement specific systems or applications in the cloud while keeping existing on-premises systems. A hybrid approach makes for an easier transition to the cloud. It can also be the simplest answer when deciding how to enhance scalability, redundancy, and availability to meet changing needs. Beyond that, cloud offerings provide tons of added value. Physical security teams can quickly migrate to newer technologies, minimize hardware footprint, boost cybersecurity, and reduce costs.
12 May 2021
|
External
:
Top physical security trends for 2021
Greater focus on trust in the supply chain
In 2021, we believe businesses will continue to take more time to scrutinize physical security solution providers and manufacturers. This includes asking vendors more pointed questions about how they manage emerging threats, how forthcoming they are about product vulnerabilities and their partner ecosystem, and what their data and privacy policies are. In recent years, we’ve seen some governments discouraging or banning the use of certain vendor products, claiming possible trust and security vulnerabilities. As this trend continues, physical security professionals will seek out vendors that they feel can comply with more stringent guidelines.
12 May 2021
|
External
:
Top physical security trends for 2021
Organizations will invest in new access control and video analytics solutions
In a recent Genetec report, the State of Physical Security 2020, 54% of respondents said that access control will be a big project to focus on in 2021 and 46% said the same about video analytics. Many physical security professionals know that upgrading to modern access control solutions will help them to reach new goals. This might include strengthening cyber hygiene or deploying new a physical identity management solution to automate employee and visitor access requests. During the re-opening phases, the latter will help limit physical interaction while keeping people safe, buildings secured, and compliance in check. Implementing video analytics further strengthens site security and delivers more insights. From people counting and directional flow to object left behind and crossline detection, analytics are giving security teams a clearer picture of what’s happening in their environment. Remote teams can also stay top of threats while securing near-empty facilities during this pandemic. As machine learning continues to push the intelligence of analytics forward, users will see higher accuracy rates, and this will boost confidence in various edge and software-based analytics.
12 May 2021
|
External
:
Top physical security trends for 2021
Personalized solutions will address industry-specific needs
Physical security solutions have traditionally been cookie-cutter. While certain functionality might appeal to one business more than another, rarely have security platforms been designed to address a specific industry. That’s all changing. Customized product portfolios are becoming increasingly popular as users' needs evolve and procuring enterprises seek more sophisticated solutions. Airports, cities, mass transit, cannabis, and other industries require solutions that are designed to help them manage their unique environments. Since custom-built solutions cost a fortune to develop and maintain, vendors will be pushed to provide an easier and more affordable path to address these tailored industry needs.
12 May 2021
|
External
:
Top physical security trends for 2021
Organisations are increasingly falling victim to attacks via their supply chain
Hackers use third parties to gain access to connected organisations. By gaining valuable intelligence, specific organisations can be targeted. Supply chain attacks are increasingly harder to detect and prevent, seen that many recent supply chain attacks have never been shared with the public.
18 May 2021
|
News
:
Supply Chain Attacks Threatening More Companies
Lack of awareness of information security risks
Organizations depend on information to perform their core activities. The amount of information we process has grown enormously over the past decades. Due to the possibilities offered by ICT resources, we have also started linking more information. This has also made information processing more complex. Information and ICT are now inextricably linked. Organizations are not always sufficiently aware of what that information is worth to themselves, but certainly also to malicious parties. Lack of this insight means that organizations pay too little attention to knowing and managing the risks that arise when working with their information. They focus on technical security tools and the technical side of digital attacks, but focus too little on the value and importance of our information.
24 May 2021
|
Report
:
Risico’s beheersen: de waarde van informatie als uitgangspunt
Quantum computing poses a fundamental cybersecurity threat
While the focus tends to be on the positive impact QC might have, the technology poses a fundamental threat, too: It has the power to break cryptographic keys in an extremely efficient way. This could expose businesses and governments to major cybersecurity threats, and potentially cause complete mayhem. Hence, the first thing the world needs to focus on, is making encryption methods entirely quantum-proof.
28 May 2021
|
External
:
Technology Trend Report 2020
CEO fraud has been going on for decades, but attacks are becoming more sophisticated
CEO fraud is a form of financial economic crime that has been going on for decades. Yet today it is the order of the day and employees are being tricked into making false payments in increasingly sophisticated ways. Before the theft, extensive research is often carried out into the victim and his or her organization. CEO fraud is one of the most common forms of internet crime. The consequences are often large and irreversible, both for the victim and financial and image damage to the organization. CEO fraud is often labeled as impossible and incomprehensible by outsiders. People hardly dare to talk about it when it has happened to them, stories are not shared or are shared anonymously. CEOs don't understand: how can this happen in their organization? Yet they themselves often pose the greatest danger. Organizations that are confronted with CEO fraud are often internationally oriented, involving several management layers and where hierarchy plays a major role. This presents problems, but just as many opportunities to stimulate desired behavior (preventively) and to counteract the danger.
9 June 2021
|
Report
:
Het Grootste Gevaar voor CEO-Fraude Vormt u Zelf
Thinking cybersecurity is solely the IT department's responsibility is a common cybersecurity mistake
IT teams are often lacking resources and sufficient support. Taking care of an organization's cybersecurity is not a one-man-job, nor is it solely a technical issue. Cybersecurity must be spread in all levels of an organization.
11 June 2021
|
Report
:
Five Most Common Cybersecurity Mistakes
Forgetting to train employees is a common cybersecurity mistake
Not everyone is interested or familiar with cybersecurity related risks and threats. Employees need assistance and support to become and stay compliant with cybersecurity policies. Offering people training and exercises to make the learning process as comprehensive as possible is necessary.
11 June 2021
|
Report
:
Five Most Common Cybersecurity Mistakes
Overlooking actual cybersecurity risks is a common cybersecurity mistake
Organizations should perform cybersecurity assessments on a regular basis. If an organization does not regularly assess their cybersecurity risks, overlooks them or does not mitigate the findings, the risks of vulnerability to cyberattacks increases significantly. Organizations should constantly be fully aware of both their operating environment and their cybersecurity status and have the ability to implement plans rapidly into action.
11 June 2021
|
Report
:
Five Most Common Cybersecurity Mistakes
Not defining specific security requirements is a common cybersecurity mistake
Cybersecurity related risks and threats pose significant challenges and should not be underestimated - especially for budget reasons. Working with an outsourced IT service company, is vital for the organization to give a clear, comprehensive brief to the service provider about their roles and responsibilities. Always stay alert and involved and always double-check.
11 June 2021
|
Report
:
Five Most Common Cybersecurity Mistakes
Defining security policies, but not implementing them is a common cybersecurity mistake
Writing down the organization’s cybersecurity crisis plan and policies is the right thing do. Unfortunately, policies and plans are useless unless put into use. Enforcing security policies in both processes and ways of working ensures that the organization operates more safely and effectively at all levels.
11 June 2021
|
Report
:
Five Most Common Cybersecurity Mistakes
With the increasing desire and need to move to the Cloud IAM becomes even more important
With the increasing desire and need to move to the Cloud, a good IAM becomes even more important. Due to cost or complexity, an organization cannot transfer all applications or systems to the Cloud at the same time. This requires a hybrid solution in which the old applications ran on location and the new applications in the Cloud. A hybrid solution also requires a Hybrid identity. The scope has been greatly increased due to this hybrid solution. Examples include local Identity Lifecycle Management (ILM), the tightening of laws and regulations, and multifactor authentication.
14 June 2021
|
Report
:
De toekomst van IAM
Increased legislation and regulations lead to more attention for compliance
Due to increased legislation and regulations and industry and company regulations, there is clearly more attention for compliance. IAM is evolving towards Identity and Access Governance (IAG). At IAG, policy is taken to determine who may have access to the information or systems. Stricter laws and regulations force us to approach IAM even more from a policy point of view. This is seen as a major hurdle because requirements are constantly being added or adjusted, which inevitably makes the IAM solution more complex. More complexity is rarely seen as a plus. Checking policy compliance and comparing the used – and administered access rights is becoming increasingly important. This is not easy, which is why the security officer and the compliance officer must be involved in the approach.
14 June 2021
|
Report
:
De toekomst van IAM
Increase in location independent work and self-reliance of employees creates additional risks
there is more interest in location-independent working and self-reliance of employees, and at the same time this creates additional risks. With home workers you can exercise less control on which devices or applications an employee has used to access sensitive company information. IAM must be flexible and be able to deal with these requirements and wishes of internal and external users
14 June 2021
|
Report
:
De toekomst van IAM
Increased attention to scalability of IAM platforms
There is increased attention to scalability of an IAM platform due to exponential growth of data, systems and users, both in-house and in the Cloud.
14 June 2021
|
Report
:
De toekomst van IAM
Outdated and custom applications prevent a link with an IAM platform in the cloud
Because suppliers opt for the SaaS Cloud model, they no longer maintain the local applications and therefore become obsolete. There are still too many outdated and custom applications. These are not suitable for the Cloud and prevent a link with an IAM platform in the Cloud.
14 June 2021
|
Report
:
De toekomst van IAM
SSO allows customers to access applications and products/services with one account and password
In the past, customers had to log in with different accounts in different ways to access, for example, different banking or insurance products. Nowadays they can easily access all kinds of applications and products/services with one account and password, whether or not in combination with MFA. Thanks to Single Sign-on (SSO), you can easily log in anywhere with one account and password. This applies to on-premise applications or Cloud applications for which it is authorized. SSO is extended to the Cloud and all associated SaaS applications. This architecture makes it possible to offer the user a central point (portal or hub) from which he can access all the desired applications with one click, without having to log in again and again.
14 June 2021
|
Report
:
De toekomst van IAM
The future of IAM is cooperation: the development of IAM as a service
The “As a Service” approach appears to be embraced more and more. Organizations can be taken care of in the context of a service and are given more time for their core tasks. In turn, Managed Service Providers use their specialist knowledge and experience to create confidence that things are well arranged. You can also apply this philosophy to IAM. A logical next step is therefore to purchase Hybrid IAM in the form of a service. “IAM as a Service” from a Managed Security Service Provider (MSSP).
14 June 2021
|
Report
:
De toekomst van IAM
The demand for faster delivery of new products and services increases vulnerability
The demand for faster delivery of new products and services is increasing and vulnerability is increasing as a result. Organizations are more open and expose themselves to security risks and this increases the chance of cybercrime, not a nice feeling for a CISO.
14 June 2021
|
Report
:
De toekomst van IAM
Increased (temporary) collaboration may pose security risks
The emergence of chain collaboration ensures that complete IAM environments can be accessed in autonomous domains (Federated Identity Management). This can only be done on the basis of trust in each other. The emergence of more and more temporary collaborations where the identities do not come from an HR system. Think of partners or external users in the form of customers. After the collaboration, it is necessary that you deny access in a controlled manner.
14 June 2021
|
Report
:
De toekomst van IAM
The rise of Consumer Identity and Access Management (CIAM)
Consumer Identity and Access Management (CIAM): An IAM solution specifically tailored to the needs of organizations that process large amounts of information about consumer identities. While similar to traditional IAM at first glance, CIAM solutions should provide a smooth yet secure customer experience, with the ability to scale quickly to handle large amounts of customer data. An example of this is a pharmacy app that keeps track of whether or not a customer wants a reminder message about the repeat prescription.
14 June 2021
|
Report
:
De toekomst van IAM
Increase in scaremongering about the impact of cyberattacks
The flow of messages about cyber attacks is increasing and often the survival of organizations would be endangered. Is this real or just oversimplified scaremongering? Of course there are successful digital break-ins, but unfortunately it is too often scaremongering. This backfires because organizations become desensitized to these kinds of warnings in the long run.
15 June 2021
|
Report
:
Risico onderzoek
Crucial risk analysis on information security requires a rare combination of technical and business knowledge
A risk study on information security helps to cover the risks. Although researching risks is an excellent aid in forming judgments when researching and managing risks, it is certainly not a questionnaire that one can go through. In-depth knowledge of an organization, such as primary business processes in relation to technology, is necessary. And this can hardly be processed in a questionnaire. An ideal, but unfortunately very scarce, combination of technical knowledge and business knowledge is necessary. Only then will you cover the entire spectrum of legislation and regulations, business processes, technology, information security and vice versa during the risk assessment. Consultants often lack technological knowledge and experience, and information security specialists are technology driven and often loose sight of the importance.
15 June 2021
|
Report
:
Risico onderzoek
An integral assessment of chains of collaborating organizations is increasingly important
Information security is only as strong as the weakest link in an ecosystem and cybercriminals know it. An integral assessment is therefore necessary. Not only within an organization but also within the chains of collaborating organizations and suppliers. An integral assessment of the chains in particular is becoming increasingly important. On the one hand, this is due to the increasing tendency towards collaboration to solve complex issues in the healthcare and financial sector and, on the other hand, due to the fact that there are (large) differences between the organizations in terms of policy, approach, risk management and support for security in a chain. And that introduces risks and vulnerabilities precisely at the interfaces.
15 June 2021
|
Report
:
Risico onderzoek
Risk-based security is key for organizations
Organizations have a limited budget, time and resources regarding information security. This requires a targeted use of budget, time and resources. The deployment must correspond to the risks and consequences in relation to the importance of the asset and/or business process. This together determines the seriousness and is a guideline for the deployment of security measures (risk-based security).
15 June 2021
|
Report
:
Risico onderzoek
Germany offers great opportunities because of its proximity and huge potential sales market.
Are you a small and medium-sized entrepreneur located in The Hague and do you see opportunities in Germany, despite or because of the COVID-19 crisis? After 2 succesfull editions, the municipality of The Hague has decided to offer the opportunity once again for 6 entrepreneurs to start doing business in Germany.
Germany offers great opportunities because of its proximity and huge potential sales market. That is why the municipality, together with the German-Dutch Chamber of Commerce (DNHK) and business associations, has developed a programme in which 6 entrepreneurs from The Hague are intensively guided in successfully entering the German market.
The programme runs from 1 July to the end of the year and takes about 2 to 3 semi-days per month. Interested? Register before 8 June.
18 June 2021
|
News
:
SME Programme to Start Doing Business in Germany 2020
A shift can be seen from physical risks to digital risks across the insurance market
“We see a shift from physical risks to digital risks across the market. This will continue to increase in the coming years. This is not only a challenge for companies, but also for the insurance industry ”
21 June 2021
|
News
:
TÜV Nederland and Perfect Day Launch Cyber Security Collaboration for Insurance Market
There is a shortage of cybersecurity experts
In the higher education sector, a shortage can be seen regarding the number of cybersecurity experts. In order to train cybersecurity talent for the future, collaborations between companies and knowledge institutions are necessary.
21 June 2021
|
News
:
Collaboration Between Businesses and Colleges: Cyber Experts in Education
Companies are collaborating in order to combat crimes involving dark web and virtual assets
The last few years, it became more and more apparent that cryptocurrencies are abused for several illicit purposes due to their pseudo anonymous characteristics, and structural solutions needs to be implemented in the whole ecosystem from law enforcement, virtual asset service providers, financial institutes and cyber security agencies.
Many dark web crimes are supported by cryptocurrencies, for example for trade in illicit goods, or to hire crypto-mixing service providers to obfuscate money trails to support money laundering, fraud or terrorist financing.
21 June 2021
|
News
:
CFLW And Cointel Partner Against Dark Web And Virtual Asset Crimes
A twofold solution is necessary in order to secure a company from cyber threats
First of all, an entrepreneur can implement simple, often free security measures, such as enabling two-step authentication for e-mail and setting up password leak alerts. Secondly, it could be considered to outsource cyber security to a specialised company and to conclude a cyber insurance contract.
21 June 2021
|
News
:
Research by EYE: Cyber Products For SMEs Are Often Ineffective
Cooperation is necessary in order to increase the resilience of citizens and companies against cybercrime
''Good cooperation between central government and municipalities in securing our digital infrastructure and combating cybercrime is more important than ever.''That is one of the reasons why multiple cities, municipalities and security institutions will be collaborating in order to make citizens and companies more resilient against cybercrime.
21 June 2021
|
News
:
Government Increases Cyber Resilience Through City Deal
New remote work model heightens security risks organisations
In the age of Covid-19 there was a rise of the remote working culture, rapid digital transformation and shift to the cloud, hereby risks occurred. These strongly increased cyber security risks are explained by three components as described below.
15 September 2021
|
Report
:
Cyber Security Best Practices in the Age of the Coronavirus
Prediction of trends in the ransomware threat landscape
Based on Group-IB’s observations of the ransomware threat landscape, our experts have compiled the following list of eight trends that the world should look out for in the coming year.
17 September 2021
|
Report
:
Ransomware Uncovered 2020/2021
CISO's guide to ransomware prevention in 5 minutes
This e-book describes what actions to undertake to prevent a ransomware attack. On top of that it presents how to respond after an ransomware attack has taken place. Furthermore solutions are presented to help your organisation against ransomware attacks.
3 November 2021
|
Report
:
Ransomware Prevention in 5 Minutes [eBook]
Hacking a city; who are the stakeholders?
In the E-guide ''This is how you hack a city'', the municipality of The Hague and Cybersprint outline what it takes for an organization to prepare itself to continuously improve digital security and how to involve hackers in the process. Working on cybersecurity also means working with various internal and external stakeholders.
17 November 2021
|
Report
:
E-Guide: Zo Hack Je Een Stad
Hacking a city; organizational readiness
In the E-guide ''This is how you hack a city'', the municipality of The Hague and Cybersprint outline what it takes to prepare your organization to continuously improve digital security and how to involve hackers in the process. There are various tools to prepare an organization to implement adequate digital security policies and thus work on their organizational readiness.
17 November 2021
|
Report
:
E-Guide: Zo Hack Je Een Stad
Digital identity and the need for an active government
A trusted digital identity, to which a number of verified attributes or claims are attached,
such as a name, BSN or proof that you are over 18, offers great added value and ease of use in doing digital business with each other. To realize plans around digital identity, the Dutch government will have to change course. The developments in the market and at the European level demand a more active government role in creating trust in a digital identity, enabling careful identification, reliable authentication and controlled authorization in a collaborative system.
22 December 2021
|
Report
:
Digitale Identiteit en de Noodzaak van een Actieve Overheidsrol
Good preparation is essential to cyber resilience
The odds of an organization being affected by a cyber incident are 1 in 8. But preparing for and practicing a cyber crisis is hardly done. "Good preparation is essential to limiting the damage" states Job Kuijpers, CEO at EYE Security. Organizations often discover a cyber incident too late. At that point, something is already wrong; a lot of money has disappeared, data has been stolen or all systems have been locked down by ransomware. That is the moment when processes come to a standstill and it becomes clear that an organization has been affected.
28 January 2022
|
News
:
Cyberaanvallen: ‘Een crisismanager moet inhoudelijk snappen waar het over gaat’
Defending enterprises against modern cybercriminals — who are plentiful, well-resourced, persistent and endlessly inventive — has never been an easy task.
Today’s enterprise security programs face formidable challenges.As technologies evolve and increase in complexity, the attack surface continues to grow while head counts remain stagnant. It’s no easier to find, hire and retain talented cybersecurity professionals than it was a few years ago. This means that security leaders must find ways to accomplish more with the same number of people. The only way to achieve this aim consistently is to work smarter and not harder. Security programs must rely on intelligence that can guide them in applying their efforts where they’ll have then biggest impact. With access to the right intelligence sources—timely, relevant, in context and presented in a manner that makes
them easy to understand and use to drive action—it will finally be possible for security teams to gain the upper hand over attackers.
23 March 2022
|
Report
:
Top Five Areas Where Intelligence Bolsters Your Security
Participative and Constructive Ethics (PACE)
In het platform Participative And Constructive Ethics (PACE) worden activiteiten samengebracht die betrekking hebben op de ethische aspecten van
AI-toepassingen. Het gaat om het verbinden van kennis en praktijk en het ethisch (her)ontwerpen van AI en de toepassingsomgeving. Het platform is onderdeel van de Nederlandse AI Coalitie, Bouwsteen Mensgerichte AI en volgt de aanpak van een learning community of practice.
9 June 2022
|
Report
:
Ethiek en AI in de praktijk, samenwerken en samen leren
Cyberattacks are increasing in the Netherlands in 2022
Compared to 2021, the Netherlands has experienced an increase of 55% in cyberattacks in 2022. Moreover, almost half of the Dutch companies has experienced a threat in the cyber domain.
2 December 2022
|
Report
:
Position Paper: Van NIS naar WBNI
Global figures on cybercrime in 2022
Globally, every 11 seconds a company has become the victim of ransomware in 2022. The yearly damages of cybercrimes amounts up to 5,5 trillion euro.
2 December 2022
|
Report
:
Position Paper: Van NIS naar WBNI
OT-security is a target for hackers, while the topic lacks awareness
OT-systems are a target for hackers. A lot of companies lack awareness with regards to OT-security, while attacks on OT infrastructure are costly and are not quickly detected.
2 December 2022
|
Report
:
Position Paper: Van NIS naar WBNI
Cyberweerbaar NL is developing a cyber incident monitor
Cyberweerbaar NL is developing a Cyber Crisis Monitor to improve cyber resilience by learning from cyber incidents. The monitor will register incidents and share key lessons learned by participating organisations. It will focus on behavioural and organisational factors that contribute to the occurrence or resolution of cyber incidents.
The project is funded by the SPRONG Grant, awarded by the SIA Directorate to The Hague University of Applied Sciences (THUAS), Saxion, NHL Stenden University of Applied Sciences, and a large consortium of societal partners. The grant aims to enhance cooperation in the field of cyber resilience over the next eight years.
Security Delta (HSD) is contributing to this consortium for approximately two years with 60 project hours per year. HSD has written a memorandum about the success factors of the Cyber Crisis Monitor and has made several connections. The success of the monitor depends on the willingness of organisations and participants to report and upload information about incidents.
21 March 2024
|
News
:
Development Cyber Crisis Monitor: Learning from Cyber Incidents
Governments tighten cyber regulations globally, emphasizing independent assurance and industry standards
NCC Group is closely advising governments and legislators globally on shaping new cyber laws and policies to create a more secure digital future. While politics may have delayed some reforms, cyber rules for critical infrastructure continue to tighten, and governments are also moving to assure the quality and standards of the cybersecurity industry. Emerging regulatory trends include demands for independent third-party testing of high-risk AI systems and positive global cooperation on cybersecurity, though with differing national approaches. Looking ahead to 2024, upcoming elections may lead to a policy hiatus, but incident reporting requirements and new hardware/software security standards like the EU's Cyber Resilience Act are set to strengthen. For organisations, it's crucial to get ahead of increasing cyber regulations, ensure executive buy-in, leverage policy insights, and navigate the regulatory complexity to achieve true security, not just compliance.
The report focuses on the regulatory and policy approaches of Australia, Europe, Canada, United Kingdom, United States, and Singapore.
3 April 2024
|
Report
:
Global Cyber Policy Radar: Report on Cyber Security Regulation Trends
Software is developed to increase the cyber resiliency of critical national infrastructures and manufacturing processes
Investments are made in order to enable industrial organisations to discover their Operational Technology (OT) devices, networks and vulnerabilities. Such industrial organisations are active in many sectors, among which are the critical national infrastructure sector (energy, water, rail and aviation), manufacturing sector, military sector and Smart City sector.
18 May 2021
|
News
:
Awen Collective Secures Investment Round Led by Dutch Security TechFund
Secure access to data and applications is becoming more important
Recently, data leaks have occurred in governmental organisations and the industrial sector. Secure access to (sensitive) data within such organisations is therefore becoming more important. Consequently, businesses provide various organisations with secure access to specific data and applications (for example cloud-management applications).
18 May 2021
|
News
:
Dutch Security TechFund Invests in SonicBee to Make Data Access Secure and Compliant
Increased cooperation within the healthcare sector creates cybersecurity risks
cooperation creates openness in a chain by exchanging (sensitive) data. And the weakest link in a chain creates increased security risks throughout the chain. These risks can be specifically traced back to an increased risk of data leaks and cyber attacks. For example, ICT facilities such as chat and video, customer portals and medical equipment (sensors in combination with self-measuring instruments) often use the internet over which sensitive data is exchanged between specialists and clients. In addition, clients are often not aware of the security risks. An additional issue is that there is a great variety of medical equipment that does not always meet the security requirements. In addition, location independence and self-reliance also increase the risk of data breaches and misuse by cybercriminals and malicious employees.
14 June 2021
|
Report
:
Identity & Access Management voor de Zorg
Identity and access management (IAM) for secure healthcare
Cooperation with (chain) partners but also with third parties (for example suppliers) requires a number of security measures that do not stand in the way of the cooperation benefits, but at the same time guarantee the security of the data exchange. IAM offers many advantages and lays the foundation for further security. It helps prevent data leaks and increases privacy, it enables integration with partners in the chain and with third parties in the cloud, and it creates administrative relief and operational cost savings.
14 June 2021
|
Report
:
Identity & Access Management voor de Zorg
Cyberattacks on SME's are increasing
Cyberattacks on SME's are increasing yearly by 20%. The yearly costs of these attacks are between 2 and 4 billion dollar in the province of Zuid-Holland. Expectations are that both the number of attacks and the damages that accompany them will continue to rise.
6 January 2023
|
Report
:
Cyberweerbaarheid in de Logistieke Sector
Cyberattacks in the transport sector threaten essential processes
Around 20% of cyberattacks on SMEs in the transport sector hit the IT systems, disrupting essential processes, crippling the company.
6 January 2023
|
Report
:
Cyberweerbaarheid in de Logistieke Sector
Corporate strategy and culture influences the cyber resilience of companies in transport sector
Important elements in corporate strategy and culture influencing cyber resilience are: the importance that is put on cyber security, whether IT (and cyber security) is outsourced or not, whether companies have a crisisplan or not, and whether companies test their crisisplans.
6 January 2023
|
Report
:
Cyberweerbaarheid in de Logistieke Sector
Employees can be the strongest or weakest link in a company's cyber resilience
Companies in the transport sector acknowledge that there is not enough attention to insider threats. A malicious person chooses the weakest point of entry, which are often the employees.
6 January 2023
|
Report
:
Cyberweerbaarheid in de Logistieke Sector
The cybersecurity skills gap continues to grow
The number of unfilled cybersecurity jobs will increase from just 1 million in 2014 to 3.5 million in 2020. This deficit of skills is likely to become a growing matter of public concern during the early part of this new decade. The threats we face in cyberspace today will only become more intense unless there are sufficient people with the skills to counter them coming through the pipeline. Without investing in training existing staff on how to prevent or mitigate cyberattacks in their field, as well as hiring experts with the skills to spot new threats on the horizon, industry stands to lose hundreds of millions of dollars.
25 May 2021
|
External
:
The 5 Biggest Cybersecurity Trends In 2020 Everyone Should Know About
Reviewing risk management solutions and strategies
A top priority for businesses in 2021 will be the reviewing of their risk management solutions and the contingency strategies. This will be a top concern in order to be ready if another crisis like COVID-19 forces employees home again.
10 June 2021
|
External
:
4 Forecasted Trends for 2021 Security and compliance Strategies
cloud deployment within companies will increase
Companies are looking to provide their employees with the tools to work wherever and whenever they want while also decreasing the costs involved. This means cloud deployments will rise. A decrease in traditional on-site work will also cause a decrease in on-premise software for ease of access, zero maintenance and cost-cutting.
10 June 2021
|
External
:
4 Forecasted Trends for 2021 Security and compliance Strategies
Increase in spending on internal security
An increase in the demand for cloud technology translates into an increase in the security technology industry. With the increase in working from home the need is growing to protect systems from insider threats. Businesses should be preparing for (even) more investments in tools to prevent insider incidents in 2021.
10 June 2021
|
External
:
4 Forecasted Trends for 2021 Security and compliance Strategies
Audit and compliance activities will increase to ensure protection against insider threats
Due to the increase in remote working stakeholders will want added assurance that financial records are not tempered with, better risk management data and the peace of mind that assets are protected from internal and external threats. Organizations will want to make sure they have robust segregation of duties, risk analysis and reporting tools to provide rapid insights to catch and remediate risks. To accommodate remote work and reduced budgets, cloud solutions for this work will be more in demand.
10 June 2021
|
External
:
4 Forecasted Trends for 2021 Security and compliance Strategies
Cloud-based security threats due to misconfigured security measures give way for stricter security protocols and security testing features
The increasing use of and confidence in Cloud services pose new challenges. Cloud-based security threats give way for stricter security protocols and security testing features.
11 June 2021
|
External
:
Top 10 cybersecurity trends to watch out for in 2021
Transparant Systems makes way for online payments through cryptographic systems
When working in the field of global financial settlements, businesses need to pay be aware of the latest trends in cybersecurity. That’s certainly the case for Transparent Systems. These Transparant systems make way for online payments through cryptographic systems.
11 June 2021
|
External
:
Top 10 cybersecurity trends to watch out for in 2021
Effective risk management through incorporation of security into agile processes
Automation and integration are key factors in development. Through incorporation of security into agile processes, like ModelOps and DevOps, businesses are able to more effectively manage risks and maintain the quality of their development.
11 June 2021
|
External
:
Top 10 cybersecurity trends to watch out for in 2021
Bring Your Own Device and mobile security
The concept of Bring-Your-Own-Device (BYOD) is encouraged in order to minimize costs and increase operational productivity. This is done by increasing employee flexibility through remote work and leveraging the gig economy.
11 June 2021
|
External
:
Top 10 cybersecurity trends to watch out for in 2021
Increased threats connected with Internet of Things devices
Cyberattacks have risen to 2.9 billion events. Over the next coming years this number is expected to grow even more. Expectations are an increase in hardcoded passwords, non-encrypted personal data, updates of software and firmware form unverified sources, issues related to wireless communication security, amongst other things. All these threats are connected with the use of Internet of Things devices, used at home, the public space or enterprise.
11 June 2021
|
External
:
Top 10 cybersecurity trends to watch out for in 2021
Increase in data leaks by employees
Employees are increasingly getting involved in data leaks, wether this is done intentionally or not.
11 June 2021
|
External
:
Top 10 cybersecurity trends to watch out for in 2021
Data highways pose a rampant cybersecurity threat
Data management and data privacy concerns are issues that cannot be ignored by businesses present online. The use of third-party data for business gains must fall under the following:
- Individuals must know how their data will be used
- Data encryption cannot be ignored
- Individuals must be able to opt-out
- companies have to communicate if there has been a data breach
11 June 2021
|
External
:
Top 10 cybersecurity trends to watch out for in 2021
Cyber insurance policy as a way to mitigate financial risks from cyber-attacks
Some US companies have already bought some type of cyber risk insurance and it is expected that other companies will follow. Cyber insurance policies are used as protection against cyber-attacks as a way to mitigate financial risks associated with these attacks.
11 June 2021
|
External
:
Top 10 cybersecurity trends to watch out for in 2021
An increase in spending on cybersecurity expected for 2021
With increasing awareness among businesses, 2021 will see an increase in their spending on cybersecurity. There will also be a rising demand for more security experts, however this demand will far exceed the supply of qualified experts, leading to a widening skill gap, which will be filled with automation.
11 June 2021
|
External
:
Top 10 cybersecurity trends to watch out for in 2021
The demand for cybersecurity professionals exceeds supply
Two in three organizations worldwide have reported a shortage in their IT security staff. This leads to the use of automated security tools such as online vulnerability management solutions. These automated tools would become essential to maintain security.
11 June 2021
|
External
:
Top 10 cybersecurity trends to watch out for in 2021
Increased importance of cybersecurity puts more pressure on IT departments
There is an increasing need of more security on the internet, as cybercrime is on the rise. Security is lagging behind technological innovation while data security is of utmost importance. The theme of data security affects companies and makes a great demand of IT departments within those companies. It is therefore important that IT departments have sufficient knowledge and people in-house to master security issues.
11 June 2021
|
External
:
De 7 software ontwikkeling trends voor 2021
Innovate and increase security through updating legacy systems
By modernizing or updating legacy systems, big steps are already taken for securing data. Another reason to tackle legacy systems is innovation. For many organizations legacy systems are a barrier for innovation.
11 June 2021
|
External
:
De 7 software ontwikkeling trends voor 2021
Increased use of webapps
Nowadays desktop apps and web apps hardly differ. And if there is a difference, it is often the web app that is better. It is expected that web apps become even more prominent in 2021, especially Progressive Web Apps (PWAs).
11 June 2021
|
External
:
De 7 software ontwikkeling trends voor 2021
Growth in Domain Driven Design
Domain Driven Design or DDD is a software architecture tool with the aim of accelerating software projects dealing with complex domains. The use of a ubiquitous language is an important principle. DDD has been around since 2004 and it has been a relevant method all these years. But you can now see that companies and developers know how to apply microservices more and more. Containerized development with, for example, Docker has also become increasingly accessible. Both promote a software architecture of "vertical isolation". Thanks to these developments, we expect DDD to become more prominent, also in communication with customers.
11 June 2021
|
External
:
De 7 software ontwikkeling trends voor 2021
Lean software development as tool to simplify complex software projects and processes
Lean Software Development stands for effective software development with as little waste as possible. The tools and principles of Lean Software Development are used more and more often. For example, companies with software products for software developers implement tools from Lean Software Development.
11 June 2021
|
External
:
De 7 software ontwikkeling trends voor 2021
Breakthrough in online Integrated Development Environments (IDE)
Experts anticipate a breakthrough for IDE's in 2021. They expect this as IDE's have several advantages, such as easy sharing code with co-workers, easy on-the-go editing, and good integration possibilities with other applications. However, there are several disadvantages like the lack of plugins, lacking performance, and the remaining question wether organizations want to share their software projects with Cloud providers.
11 June 2021
|
External
:
De 7 software ontwikkeling trends voor 2021
There is a need for certifications of cyber security and compliance monitoring
"Technological and social developments as well as national and international regulations are constantly evolving. In combination with the growing connectivity and complexity of processes in the public and private sector, this stresses the need for certifications of cyber security and compliance monitoring."
18 June 2021
|
News
:
Cyber Security Expert Hudson Cybertec and Kiwa Join Forces
The NCSC-NL recommends that you ask your email provider to secure all their connections with STARTTLS and DANE
The NCSC-NL recommends that you ask your email provider to secure all their connections with STARTTLS and DANE. DANE is an internet standard that, combined with STARTTLS, prevents stripping attacks. If two email providers both use STARTTLS and DANE, an attacker cannot intercept email that is being send between these providers.
14 April 2021
|
Report
:
Challenges for SME Organizations regarding Security Operations
Regarding the implementation of security operations, SME organizations and smaller healthcare and government institutions often face a lot of challenges. First of all, they generally have limited options to gain in-depth insights in order to consider their own decisions regarding the activities within a SOC. Second, due to tight labor markets, such organizations are often forced to outsource these activities. Another challenge is that, due to a lack of knowledge or experience, SME organizations must follow outdated best practices when contracting SOC services. The latter are often established by IT consultants operating in environments with tens of thousands of employees.
30 November 2023
|
Report
:
Automatisering van Security Operations
Advantages of Standardization of Security Operations
Standardization of security operations provides the following advantages: predictability, integrated security solutions, simplified centralization of security data, automated updates and patches, integrated reporting and analysis, scalability and flexibility, and supporting an ecosystem of security partners.
30 November 2023
|
Report
:
Automatisering van Security Operations
Advantages of Automated SOC-processes
Advantages of automated SOC-processes are: more reliable threat detection and response, increased efficiency and productivity of cybersecurity teams, reduction of human error and incident response delays, scalability and flexibility of cybersecurity operations, free from labor shortages, and improved cost control and affordability.
30 November 2023
|
Report
:
Automatisering van Security Operations
Top threats to business’s cybersecurity in 2023 and beyond
Whether it’s the rise of increasingly sophisticated attack methods, lack of employee knowledge, or insufficient defenses, the threats to your business’s cybersecurity are vast and ever evolving. It's important to explore the top cybersecurity trends and threats that your organization should be protecting against now and in the future.
20 December 2023
|
Report
:
Exploring Modern Cyberthreats and How your Business can Combat Them
How and why CFOs must take their (financial) responsibility to invest in cybersecurity
The whitepaper highlights the crucial role CFOs play in managing cyber risks and making strategic cybersecurity investment decisions for small and medium-sized businesses. It emphasizes the importance of quantifying potential costs and benefits through risk analysis, measuring key metrics, and implementing a robust cybersecurity program to protect financial stability, operational efficiency, and reputation. The paper provides pragmatic formulas to calculate the financial impact of cyber threats, data breach risks, and vulnerability indices, enabling CFOs to make informed decisions and justify cybersecurity investments. It also offers actionable steps based on risk levels to enhance an organization's cyber resilience, from implementing patch management and security awareness training to deploying advanced threat detection technologies and penetration testing.
1 May 2024
|
Report
:
Kwantificeren van cyberrisico’s
Source:
Report
Maak je Zorgen Over Boetes en Datalekken Overbodig: 4 Tips
Cyber Security
Date published
31 October 2023
