In the case of hacks, Dutch companies like to make a financial assessment when it comes to preventing fines from authorities and regulators, according to security specialist Sophos on the basis of a recent survey. Paying hackers for two-thirds is even a serious option.

According to a survey conducted throughout Western Europe, Dutch companies score remarkably high when it comes to giving in to hackers, for example after a successful ransomware attack. For example, no less than one third of the Dutch companies surveyed indicated that they are absolutely willing to provide financial assistance to hackers if this would enable them to prevent any reports of these hacks and the subsequent fines to regulators.

In addition, almost a third of the Dutch companies surveyed indicated that they will certainly consider paying hackers if the amount is lower than any penalty or fine. One third of the total number of respondents indicates that they completely exclude any form of payment to hackers.

According to the Sophos researchers, the view of the Dutch companies is not unique. Only British entrepreneurs are more willing to pay hackers to avoid fines.

Worrying development

Sophos finds this attitude of companies worrying. Companies that pay ransoms may get access to their data, but that is not a hard guarantee. Ransom is also a wrong motive if companies do it to avoid fines. Companies still have to report the violation and will receive a significantly higher fine if they do not do so immediately.

According to the security specialist, it is therefore surprising that the companies questioned are really considering paying ransom.

Compliance with the GDPR

The researchers also examined whether companies now consider themselves to be fully compliant with the GDPR legislation and regulations. The study shows that almost three quarters of the companies surveyed consider themselves to be compliant with the GDPR in one way or another. The Netherlands occupies the third position after France, almost half, and the United Kingdom with just over three quarters of the companies surveyed.

It is remarkable that few Dutch companies, slightly less than a third, indicate that they have the necessary tooling in house to comply with the GDPR to be able to prove, in case of successful hacks, that they really comply with the legislation. But this is always more than in the other investigated Western European countries, Sophos says.

More cloud computing positive development

A more positive development in response to the GDPR is that Dutch companies have become more convinced of the usefulness of cloud computing as a result. Because of the GDPR, more than half of the surveyed companies have moved data to the cloud. In addition, more than half of the companies surveyed indicated that they had expanded their use of cloud services.

This news article was automatically translated from Dutch to give Techzine.eu a head start. All news articles after September 1, 2019 are written in native English and NOT translated. All our background stories are written in native English as well. For more information read our launch article.