ING: Growing importance of cybersecurity for IT service providers

Information technology service providers will have to play a greater role in making companies more resilient to cyberattacks, according to ING. The bank foresees that the group of companies specialized in cybersecurity do not have enough capacity to help businesses strengthen their defenses. Small and medium-sized enterprises in particular are still underprepared in this area.

According to ING, companies managing IT infrastructure should also expand to offer cybersecurity services. Although they will have to invest in broadening their expertise, it will pay off in the end, as the bank expects companies to spend up to 11 billion euros on cybersecurity by 2025.

The threat of cyberattacks is increasing, ING notes. The bank estimates the total damage to Dutch companies at between 8 and 12 billion euros, primarily from loss of turnover, loss of customers, and the expense needed to restore a firm's image after an attack. Reputation damage and loss of intellectual property are among the other expenses.

Ransomware, which encrypts computers with a password that can be provided after a ransom is paid, is a booming branch of cybercrime. From the second half of 2019 to the first half of 2021, attempted attacks more than tripled. Usually, the ransom is between 0.4 percent and 2 percent of turnover, according to Cyberveilig Nederland.

For companies, that is only a small proportion of the total damage caused. The time during which the systems are down and the period that is needed to get everything back in order are much more expensive because normal business activities cannot take place.