Internet security incidents, a survey within Dutch organizations

This paper presents the main results of a survey held by de Vrije Universiteit and KPMG EDP Auditors, concerning Internet-related security incidents. The survey was held within Dutch organizations that are currently using the Internet.The first aim of the project was to determine the actual security risks of using the Internet. This requires insight in the percentage of companies experiencing Internet-related security incidents, the damage caused by the incidents, the way the affected companies deal with the incidents and a profile of the perpetrators. The second aim of the project was to determine the effectiveness of security measures.This was done by (1) analyzing the security incidents to find out in which way they could have been prevented and (2) determining possible correlations between security measures and (the absence of) security incidents.