Nearly Half of Dutch Listed Companies Do Not Provide Information on Cybersecurity in Annual Report

iStock-1173319475 (2)Many publicly traded companies in the Dutch AEX, AMX and AScX indices fail to be transparent on cybersecurity efforts in their annual reports. While the Netherlands is a highly digitized society, 47 percent of listed companies there do not provide much insight into how they are keeping their organizations secure.

The Cyber Security Annual Report (CSAR) by the Erasmus School of Law in Rotterdam shows that nearly half of those companies do not mention any specific measures taken on the cybersecurity front, thereby keeping investors in the dark. Only Ahold (Giant Food Stores, Stop & Shop, Peapod), paint and coatings company AkzoNobel, commercial real estate company Unibail-Rodamco-Westfield and private banking firm Van Lanschot provided six or more cybersecurity measures in place in their annual reports. Amongst those were the appointment of a CISO and providing employees with security awareness training (SAT).

According to the authors of the CSAR study, the absence of any Dutch laws requiring information on cybersecurity in annual reports leads to organizations that do not feel the need to share their policies. The Netherlands being named the country in Europe most likely to be hit by cybercrime should be an indication that publicly traded companies there do not have the luxury to leave information on cybersecurity out.

Being transparent on the measures being taken within the organization can also lead to a trickle-down effect by which the entire organization (and society!) becomes more aware of the risks of cybercrime. Furthermore, providing additional information on results and value of cybersecurity efforts like new-school security awareness training will make investors feel more confident and will inspire other companies to go the extra mile.

Request A Demo: Security Awareness Training

products-KB4SAT6-2-1New-school Security Awareness Training is critical to enabling you and your IT staff to connect with users and help them make the right security decisions all of the time. This isn't a one and done deal, continuous training and simulated phishing are both needed to mobilize users as your last line of defense. Request your one-on-one demo of KnowBe4's security awareness training and simulated phishing platform and see how easy it can be!

Save My Spot!

PS: Don't like to click on redirected buttons? Cut & Paste this link in your browser:

Subscribe To Our Blog

New call-to-action

Get the latest about social engineering

Subscribe to CyberheistNews