Menu

Filter by
content
PONT Data&Privacy
  • PONT home
    • mill

    0

    Use of two-step verification doubled since 2017

    More and more companies are taking measures to allow their customers or employees to securely login to their ICT systems, websites or apps. For example, the use of two-step verification increased from 26 percent in 2017, to 61 percent in 2024. 72 percent of companies had a password policy, up from 57 percent in 2017. This is according to the Cybersecurity Monitor 2024. CBS produces the monitor on business resilience to digital threats at the request of the Ministry of Economic Affairs.

    Central Bureau of Statistics June 20, 2025

    News press release

    News press release

    Two-step verification or two-factor authentication (2FA) is a way of logging in that, in addition to a password, requires entering an additional code that changes for each login session. The user receives this code, for example, via a text message, an app, or a separate device.

    A password policy allows companies to require employees or customers to choose a password that meets certain requirements, such as the use of numbers, capital letters and special characters.

    Large companies more often use secure ways to log in

    Large companies are more likely to use secure ways to log in than small businesses. For example, 97 percent of companies with 250 or more employees used two-step verification in 2024, compared with 57 percent of companies with 2 to 10 employees.

    A similar pattern can be seen for the percentage of companies with password policies.

    Faster rise at smaller companies

    The use of secure ways to log in did increase faster among smaller companies. For example, the use of two-step verification by companies with 10 to 50 employees more than doubled: from 29 percent in 2017, to 76 percent in 2024. Using a password policy also increased: from 64 percent in 2017, to 80 percent in 2024.

    Two-step verification was most frequently used in 2024 by companies in information and communications (88 percent), followed by financial services (83 percent) and health and wellness (80 percent). In the hospitality industry, two-step verification was used the least often, but did increase the most: from 16 percent in 2017, to 44 percent in 2024. A similar picture can be seen for the percentage of companies with password policies.

    Declining trend in cyber incidents

    Despite the measures taken, cybersecurity incidents may continue to occur. Large companies are more likely to have cyber incidents than small companies, but across all company sizes, the number of companies with incidents decreased. As recently as 2017, nearly 40 percent of the largest companies (250 or more employees) reported having had an incident due to an outside attack in the previous year; in 2024, the figure was 16 percent.

    Share article

    Comments

    MORE REACTIONS

    Leave a comment

    You must be logged in to post a comment.

    NEWS

    Cybercrime affects three-quarters of Dutch, but far from everyone keeps smart devices up-to-date

    News press release

    Employees more confident about digital security, but phishing grows

    News press release

    New BIO2 enacted: government tightens information security

    News press release

    Election special #1: CDA vs. PVV - digitization themes compared

    News press release

    Ahead of the Lower House elections on Oct. 29, in this election special we compare the positions of the eight major parties according to the polls. In each edition...

    Standards framework for special information tightened

    News press release
    Digital Government

    IGJ starts investigation into Clinical Diagnostics Rijswijk laboratory

    News press release

    NCSC publishes GitHub checkscripts for Citrix systems

    News press release

    New guidance for government mobile apps

    News press release

    'The enemy within': KPMG outlines profile of the fraudster

    News press release
    KPMG

    Cyber resilience in Practice: increase your organization's digital resilience

    Cyber threats are becoming more sophisticated and targeted, making organizations more vulnerable to digital attacks. Cyber resilience is not just about preventing incidents, but more importantly about recognizing risk, assessing cyber threats and structurally improving your organization's digital resilience. This two-day course provides a practical understanding of cyber threats and the tools and methods to better protect your organization. You will learn how to assess public cyber scans, recognize vulnerabilities and effectively implement cyber resilience measures.

    Learn more

    Information Security and Privacy Issues in Government

    The increasing role of standards frameworks and laws and regulations raises new questions. Learn all about developments in the cybersecurity sector and get acquainted with available tools, such as the BIO and ISO27001 standards frameworks.

    Learn more

    Expert membership

    Expert membership

    Benefit now

    New EU Legislation: Privacy & Data Essentials in 1 Day

    Many new laws and regulations around data, cyber, technology, AI and digital platforms are coming our way from Brussels. Consider, for example, the impact of the Data Act, the AI Act, the CRA and NIS2. Important new legislation: what's the latest? In this course we address the question of how you as a professional can prepare yourself. You will get an overview of the most important laws and regulations and we will discuss the latest developments.

    Learn more

    Join PONT | Data & Privacy

  • Access to Knowledge Base
  • Read e-books
  • Contact with peers
  • Own news overview
    • BECOME A MEMBER

    General

    Service

    Navigate

    Berghauser Pont Media Group

    CONTACT

    𝕏

    Copyright 2025 Berghauser Pont | Website created by Buro Zero