Cybercrime has long ceased to be a theoretical risk. Recently, the Dutch business community was once again confronted with several large-scale data breaches at well-known organizations. Hundreds of thousands, and even millions, of personal data records were exposed.
These incidents cause concern among consumers, but above all, they serve as a clear warning to organizations:
a cyber incident directly affects the continuity of your business.
Large organizations, recognizable vulnerabilities
In recent cyber incidents, criminals gained access to systems containing customer and member data such as names, addresses, email addresses, dates of birth, and bank account numbers. In some cases, the attacks led to extortion, phishing waves, and long-term consequences for those involved.
What stands out in these cases:
- They involved organizations with professional IT environments
- Attacks were sometimes only discovered after data had already been stolen
- The greatest impact occurred after the incident, not during the hack itself
This makes it clear that cyber risks are not limited to “weak” or small organizations. Vulnerability often lies in processes, human actions, or supply chain dependency.
A cyber incident is not an IT issue
Although cyberattacks are often technical in nature, the greatest consequences are usually organizational, legal, and financial. A data breach or system intrusion can cause business processes to come to a standstill, while simultaneously incurring high costs for investigation and recovery. Organizations face legal reporting obligations to regulators and data subjects under the GDPR, which places additional pressure on time and capacity. Furthermore, reputational damage can occur, and the trust of customers and partners can be compromised. Handling an incident also often requires intensive communication and extra efforts from customer service, while consequential damage in the form of phishing or fraud can persist for months. Many organizations underestimate these indirect consequences, while practice shows that these costs often weigh the heaviest.
“We are too small to be a target”
We still regularly hear: “We are not interesting to cybercriminals.” The reality is different.
Most attacks:
- Are automated
- Target commonly used systems
- Do not distinguish between large or small
- Exploit human errors, such as phishing emails
As soon as an organization works with digital data, email, online payments, or customer information, a real cyber risk exists.
Management's perspective on this development
“Cyber risk is not an incident that you resolve after the fact, but a strategic issue that requires attention beforehand. The extent to which you are prepared determines not only the financial impact but also the trust of customers, employees, and partners.”
Why cyber insurance starts with insight, not with the policy
Cyber insurance does not prevent a cyberattack, but it plays an important role in making the consequences manageable when things go wrong. This can provide support for technical investigations, legal and privacy issues, mandatory communication, and the recovery of damages or business interruption. At the same time, dealing effectively with cyber risks requires more than just a policy. In practice, we see that risks are often fragmented and underestimated, and do not sufficiently align with the actual IT environment. Therefore, a sound approach begins with insight: which data and systems are crucial, what is the impact of downtime, and which risks is an organization willing or able to bear itself? Only from that insight can prevention, internal processes, and insurance solutions truly reinforce each other.
About Den Hartigh Adviesgroep
Den Hartigh Adviesgroep has been a renowned consultancy firm since 1916, supporting businesses and individuals with strategic and financial matters. The organization is known for its customer-oriented approach and broad expertise in the field of (Inland) Marine, High-Net-Worth and Film & Events.
For more information
Erik van der Kooij
Marketing/PR manager
Den Hartigh Adviesgroep
078 676 9000
marketing@denhartigh.nl