Cyber Resilience in Small Enterprises
Many small businesses lag behind in their cyber resilience and do not take sufficient basic measures. The emergence of a so-called 'cyber resilience gap' between cyber threats and the measures taken by small businesses is confirmed in the Cybersecurity Monitor from CBS and the advice from the Cyber Security Council. Analysis of data from the CyberSafe Check for freelancers and SMEs shows that the top 3 of all measures taken consists of antivirus software (76%), backups (74%), and recognizing phishing (68%).
If we break down the responses of nearly 10,000 entrepreneurs who filled out the cyber scan by the sectors in which they operate, differences can be seen in the extent to which cybersecurity measures have been taken.
View more data from the CyberSafe Check, with a score per sector for each basic measure.
Incentive for Small Businesses
With practical information, self-scans, and sharing experiences from entrepreneurs who have been affected by a cyber attack, the DTC encourages entrepreneurs to get their basics in order. However, this does not motivate every entrepreneur to improve cybersecurity. An evaluation of the pilot of 'My Cyber Resilient Business' in 2023 shows that a financial incentive ensures that small businesses start working on their cyber resilience and more quickly proceed to the purchase and implementation of cyber-safe measures. Therefore, the DTC is reopening this subsidy scheme and this time is making a larger subsidy budget available.
My Cyber Resilient Business in Brief
- The subsidy can be applied for by self-employed entrepreneurs and SMEs with a maximum of 50 employees and an annual turnover of up to €10 million.
- Eligible measures fall under the following categories:
- Secure network access/wifi
- Password manager
- Two-factor authentication (2FA), two-step verification, and multi-factor authentication (MFA)
- Patch management
- Antivirus software
- Setting up and testing backups
- Risk inventory and evaluation (RI&E)
- Cyber awareness training
- The subsidy amounts to 50% of the costs for purchase or implementation, with a maximum of €1,250 per applicant.
- The budget is distributed in order of receipt of applications until the subsidy budget is exhausted.
Applying for Subsidy in 3 Steps
In three steps, you apply for a My Cyber Resilient Business subsidy. The first step is to know where your company's cybersecurity is still lacking. With the CyberSafe Check for freelancers and SMEs, you can download your own action list (PDF) with the cyber resilience measures to be taken. The second step is to purchase the (subsidizable) products or services from your action list. The final step consists of applying for the subsidy and uploading the action list and the invoice to the Netherlands Enterprise Agency (RVO).
Michel Verhagen, manager DTC: "Entrepreneurs are busy running their businesses. Cybersecurity often does not top the priority list. It is wrongly assumed that small entrepreneurs are not targets, but the reality is different. We encourage small entrepreneurs to take action now and quickly implement the most important cyber measures. Because with a few simple interventions, you significantly reduce the chance of becoming the next victim. Let this subsidy be the final push to take action today."
