The 5 basic principles of running a secure digital business
For Dutch companies, digital security is a condition for seizing the opportunities of the digital economy. The reality is that entrepreneurs face cyber threats daily. Companies must defend themselves against these threats and invest sufficiently in security measures. The cyber risks for entrepreneurs are diverse. They range from having to pay a ransom to regain access to their own company network to the failure of production facilities, which immediately jeopardises the continuity of the company.
Why are there 5 basic principles for secure digital business?
The Digital Trust Center has drawn up the 5 basic principles of secure digital entrepreneurship to help entrepreneurs put basic security measures in place. Entrepreneurs who follow the 5 basic principles increase their resilience against cyber risks that can disrupt their business.
For whom?
The 5 basic principles have been organised in such a way that any entrepreneur, whether self-employed or SME, can work with them. The measures are accessible and practical. Do not wait any longer and get started right away, making your company more resilient to cyber risks. Large companies with their own IT department are not a direct target group for these basic principles.
1. Identify vulnerabilities
By mapping your dependencies and interests, you know which threats are relevant to the organisation, what are the organisation's crown jewels or interests to be protected, what risks arise, and how to address them. Who is responsible, what is the level of risk acceptance, and how are risks secured? Read more about identifying cyber risks.
2. Encourage safe behaviour
Many cyber incidents start and end with people. Employees can unintentionally (but sometimes intentionally) cause great damage to an organisation. Safe behaviour can be promoted by focusing on a safety culture, learning from mistakes, sound processes, and awareness around security risks. See how to encourage safe behaviour.
3. Protect systems, devices, and applications
Systems, applications and devices keep your organisation running. But vulnerabilities in software and hardware can cause them to be severely disrupted. So, it is important to protect them by choosing secure settings and detecting threats in time. Check out the 5 steps.
4. Limit access
Failure to properly manage access to data and systems can lead to data breaches or unauthorised access. Define for each employee which systems and data access is required to work. Ensure that access rights are changed when someone takes on a new position or leaves the company. Read how to limit access to data and services.
5. Prepare for incidents
Not all incidents can be prevented, so assume an incident will occur. To be resilient to digital incidents, it is important to know how to respond to incidents. If things go wrong, you also want to know how to repair the damage. Read how to prepare for incidents.