Protect your business against cybercrime

A virus is a small programme that can damage or delete data on your computer. It can even wipe or block (encrypt) your hard drive. Many viruses spread via email. Malware (malicious software) is a collective term for all software created by criminals to deliberately damage computers and operating systems. Malware can also be used to steal confidential information in exchange for money, or to release it back to you. This is a form of extortion.

In phishing, criminals try to steal your login details, credit card information, PIN code, or other personal information. They do this by pretending to be from a reliable organisation via email or telephone. Or they create a website that looks like your bank or credit card company’s site. If you provide your details, they can withdraw money from your account. A real bank will never ask for your login details or password.

Ransomware is a computer virus. It is a form of malware. Ransomware can make files on your computer or telephone inaccessible. Or, for example, block your telephone. This often happens via a phishing email or a malicious link. The virus informs you that you must pay a sum of money to regain access. The police advise against paying. Find out what to do if you are a victim of ransomware.

In the event of a data breach, a criminal has gained access to computer files containing personal data held by your business. It is not always obvious that you have had a data breach. However, you may notice suspicious activity, such as suspicious login attempts or the loss of documents containing sensitive information. If you have detected a data breach, you must report it within 72 hours. You do this via the data leak reporting desk (Meldloket Datalekken, in Dutch) of the Dutch Data Protection Authority (Authoriteit persoonsgegevens, AP).

In a DDoS attack, criminals send a large amount of data to a server. This makes your website or web page very slow or inaccessible, for example the login page for your service. A DDoS attack is a form of hacking.

Many websites have input fields where customers can enter their payment details and address. Or where customers can log in. Cybercriminals can misuse these input fields to steal data. Read how you can protect your customers from formjacking.

In digital skimming, cybercriminals steal your customers' payment details while they make a payment in your online shop. This happens during the payment process without customers noticing. Read more about digital skimming and how to protect your business and customers.

Make an inventory of the IT components you use within your business (in Dutch). And determine what the most important components are. Identifying your risks will help you understand where you are vulnerable to cyber incidents. Such incidents can seriously disrupt your business operations or damage your reputation.

Start by analysing your risks

• Determine the preconditions. Who is responsible for the risks? And what risks can you accept, and to what extent?
• Next, determine what your organisation's most important data, products, services, or trade secrets are. These are your business interests that need to be protected.
• See how these are supported by technology. And which systems, applications, or processes you use to do so.

Then investigate what threats there are

Who could attack your most important assets and how could they do so? Do you already have measures in place to protect them?Are these measures tested regularly and do they offer sufficient protection? If not, the risk analysis will help you take appropriate measures. Give risk analysis a permanent place in your organisation. Update your inventory of IT components and risk analysis regularly.

Human error plays a role in most cyber incidents, a mistake causing a data breach, for example. Criminals also encourage unsafe digital behaviour through social engineering or phishing emails. Build a security culture within your business. In such a culture, reporting incidents is encouraged, safe behaviour is open to discussion, and there is a particular focus on what can be learned from cyber incidents.

Support your employees and management by educating and training them in recognising cyber risks. Ensure they know how to handle information and systems safely and what to do if something goes wrong. Support them in this wherever possible. Sometimes technology can help. For example, a password manager or a simple button in your email programme to report phishing.

Ensure that your devices and software are up to date. Install software updates immediately. And check the settings of devices and software before connecting them to your network. This will make you more resilient to potential cyber threats and incidents and make your organisation less vulnerable to attacks.

There are measures you can take to protect your IT and reduce the risk of attacks:

• Choose secure settings to better protect your digital infrastructure. Check the default settings when you buy new software and devices and change as needed.
• Consider using firewalls.
• Regularly update software to fix vulnerabilities.
• Divide your company network into separate parts so that attackers do not have immediate access to everything in the event of a breach.
• Actively monitor systems for misuse so that you can quickly identify problems and respond to them if necessary.

Determine for each employee in your business which systems and data they may access. Employees and external partners need access to information, systems, and locations. But they do not need access to all company information at all times and in all places.

Only give employees and external parties access to what they need to do their job or provide their service. And only for as long as they need this access. This reduces the risk of an incident or misuse.

In addition, use strong and different passwords to protect your devices and accounts. Set up additional security layers, such as multi-factor authentication, for access to sensitive information.

Monitor and manage access rights and adjust them when an employee changes roles or leaves. Use personal accounts. And ensure clear processes for new and departing employees. This reduces the risk of misuse.

Even if you take all the necessary measures, your business will likely be affected by cyber incidents. That is why you should draw up a risk analysis (in Dutch) and an incident response plan (in Dutch), for example. These will help you respond when a cyber incident occurs.

All businesses will have to deal with a cyber incident at some point. And when that happens, every second counts. By thinking about your response to incidents in advance, you will not waste time deciding on a strategy. You can respond quickly, assess the damage, and inform the appropriate authorities.

It is also wise to have a plan in place in case of damage or loss of data. And to store your backups in different physical locations. Do not forget to practise and test your plans regularly.