Research: Quarter of small SMEs take no action to be digitally secure

Quarter of small businesses take no action to be safe online

The survey found that large companies are significantly more likely than average to take actions toward online safe behavior. Small companies (up to 10 employees) take the least action. A quarter of these companies (24%) do not even take any action for safe online behavior.

Phishing occurs most often in work situation

In the work setting, phishing is the most commonly reported form of cybercrime. One in five employees has received a phishing email at work in the past 12 months. Six in 10 would be embarrassed after clicking on a phishing link, but 91% would immediately tell others if they downloaded a virus on a work computer. In second place is being called to get money or data ("social engineering"). IT professionals report experiencing all forms of cybercrime more often than other employees.

Majority does not report cybercrime

More than half of the employees who encountered cybercrime (56%) did not report or report it. If they did, it was usually reported to the company's ICT department (29%). The main reasons for reporting or reporting were to create a safer online environment (59%) and to prevent the perpetrator from victimizing again (57%). Reasons for not reporting are that people think there is no point, that it takes too much effort and that it is not considered important.

Research Alert Online 2022

Each year a survey is conducted on the knowledge, attitudes and behaviors of different target groups regarding online safety. The research consists of a main report and sub-reports on business and government. For the Industry sub-report, the survey was conducted among 1,166 employees and 382 ICT managers. Download the subreport to read the insights of business employees.