As the Belgian online government network recovers from a cyber-attack that took place on Tuesday, its managers now know how the private sector feels.
In the past year, 42% of Belgian companies suffered a cyber-attack of one sort or another. More than two out of three of those were hit on two or more occasions, and almost one in five (18%) suffered more than 15 attacks.
The figures come from the Cyber Readiness Report 2021, produced by the British insurance company Hiscox. The report looks at the state of commercial cyber security in eight countries: Belgium, France, Germany, Ireland, the Netherlands, Spain, the UK and the US.
Belgium suffered more attacks involving ransomware than any of the others apart from Germany. Ransomware, where computer systems are blocked until a sum of money is paid, accounted for 19% of all attacks in both countries.
Across the board, 58% of companies hit by a ransomware attack pays the ransom, although few if any would ever openly admit doing so. Only 8% of Belgium companies admitted it, compared to 21% in Germany and the US. The highest ransom paid by a Belgian company was €496,323 with an average payment of less than €10,000.
- Belgian government websites down after DDoS attack
- Revealed: Belgium left hospitals off of list of essential services for cyber-protection
However Belgian companies spent the least on cyber protection – an average of $1.8 million, compared to $5.5 million in top-spender Germany. Belgian firms spend 21% of their IT budget on security, compared to 13% a year ago. Percentage-wise, that compares well with France, Germany and the UK (both 20%).
“At the start of the pandemic, the majority of businesses put the simple need to carry on functioning ahead of everything else. The concern was that with IT budgets being squeezed, spending on cyber security would be cut. This report shows that was not the case,” writes Hiscox Cyber CEO Gareth Wharton in a foreword.
“Spending on cyber has soared. Many firms have effectively moved their entire business online. As a cyber insurer, we know this has not only lifted awareness of the cyber challenge but moved the conversation about security to the forefront of decision-making.”