Business.gov.nl uses cookies to improve the website. These functional and analytical cookies do not contain your personal data. Do you want to watch video content? Third parties may place tracking cookies to track your online behaviour. You can refuse these tracking cookies. How cookies are used on Business.gov.nl.

Logo Business.gov.nl, government information for entrepreneurs.
Home
Running your business
Security and fraud

External communication after a cybercrime incident

Published by:
Digital Trust Center
4 min read

When recovering from a cybercrime incident, it is important that you as an entrepreneur inform the right people, organisations, and authorities. This is important for regaining trust. But in some situations, you are legally required to contact the police or other authorities. Find out what to do.

On this page

When you communicate with external parties, you need to carefully consider what you are communicating, to whom and why. It may well be that informing customers, for example, leads to positive customer appreciation. However, it is also possible that customers experience this as negative. The right tone, timing, and form are of great importance.

The list below shows a number of categories of people, organisations, and agencies that you can (or sometimes must) inform. This is not a complete list, but it provides a guide to get you started. Of course, it is up to each company to consider whether there are others they need to inform or whether they do not need to inform the parties mentioned here. This can differ per incident.

Inform staff about a cyber incident

You inform your staff members about the consequences of an incident and what you expect from them during the recovery. For example, collecting information. Personnel can help to inform customers and suppliers. The staff members themselves can also be victims of the incident. For example, if personal data about them has been leaked. Inform them about this.

Explain the impact of a cyber incident to your customers

You inform customers about the consequences of the incident that affect the service they expect from you. This includes delays in the delivery of orders, payment of invoices, appointments, and sending quotations. You also inform customers about indirect consequences for them. For example, if the personal data of customers has been leaked. Find out when you have to report a data breach and to whom.

Contact suppliers

You inform suppliers about the consequences of the incident that affect the relationship with them. For example, if you expect that they will temporarily not deliver your orders. But also if orders, contracts, or quotations may have been made public. Personal data from the suppliers may be leaked and must be reported to the Dutch Data Protection Authority. It may also be required that you report to the sector supervisor. For example the Netherlands Authority for the Financial Markets or De Nederlandse Bank. In addition, it is possible that a government service prescribes that you must make a report. A digital service provider will also have to report to the CSIRT DSP under certain conditions.

Consider contractual parties and other partners or stakeholders

Contractual parties such as customers and suppliers, with whom you have entered into a contract, can or must be informed. For example, you may have agreed with customers or suppliers that they will be informed in the event of a calamity, so that they can take appropriate measures. In addition to these contractual parties, you can also consider partners in the chain. Many companies use each other's services and sometimes each other's systems. Sharing this information can prevent future incidents.

Report a cyber attack to the police and justice department

Always report a cyber attack to the police. To find out who is behind an attack and to ultimately be able to recover damage and to ensure that the perpetrator is punished. There is currently no clear picture of the scale of cybercrime in the Netherlands. It is not always possible to find out who attacked your company. However, your report does contribute to the initiatives taken by the police to find out who is behind such attacks. A concrete example is the fight against ransomware.

Talk to your insurer or bank

According to the Association of Insurers, the use of cyber insurance is not yet widespread in the Netherlands. It may be wise for you as an entrepreneur to consult with your insurer or adviser about the incident. Discuss which measures you should take or which compensation you can receive. This also applies to your bank. It may be necessary to request new cards, change access to internet banking, or be extra alert to unusual transactions.

Contact your business advisers

Informing third parties such as external advisers can also be wise. Such as a bookkeeper, accountant, legal adviser, or lawyer. They may be able to contribute information and ideas to limit the damage.

Partnerships

Finally, it can be valuable to inform partnerships in which you participate. For example, the specific cybersecurity partnerships (in Dutch) in the Netherlands, or networks such as entrepreneurs or sector associations. By exchanging information, you can help other entrepreneurs and contribute to a more secure Dutch business climate.

It is important to record beforehand which people and organisations are important to inform if an incident occurs. It is smart to make an overview of this. The basic principles for secure digital business also apply here.

How would you rate this page?(question 1 of max 3)
We are sorry to hear that. How can we improve?(question 2 of 3)

Related articles

External links

Questions relating to this article?

Please contact Digital Trust Center

Send an e-mailContact
To top