275 cyberattacks per day — that is the figure that should put every Belgian business leader on alert. Behind this 165% jump in just three years lie two inescapable facts: every SME is a target, and most are unprepared. A chronic underinvestment set against a growing shortage of cyber talent. How to act… now?
The figures revealed by Agoria are staggering: 275 cyberattacks per day in 2025 (+165% in three years), with at least one in four businesses affected in 2024. Despite this very real situation, most Belgian SMEs (99% of the national economic fabric) suffer from what Agoria calls “cyber-poverty”: a high level of vulnerability resulting from underinvestment in cybersecurity, even as they are a preferred target.
The Belgian paradox: explosive growth, shortage of experts
If SMEs are insufficiently protected, it is not for lack of specialist players. In fact, the Belgian cybersecurity sector is doing rather well. With revenue growth of over 65% in three years, the more than 700 companies and organisations in the sector continue to create many jobs. Yet behind these results, cybersecurity players face a chronic problem: a shortage of experts. A structural deficit of 4,000 vacant positions, which contributes to exposing SMEs. Already reluctant to allocate budgets for their own security, they also struggle to hire the rare specialists available on the market. The consequence of this ‘cyber-poverty’ is that SMEs become a prime target for cybercriminals.
How do cybercriminals target SMEs?
Various reports agree: the majority of breaches exploit the human factor. Through error, manipulation or abuse, cybercriminals do not try to bypass complex security systems — they simply exploit basic weaknesses. As in France, where ANSSI observes mass attacks on firewalls and VPNs. SMEs, given their limited resources, difficulty recruiting experts and partial view of cybersecurity, offer ideal territory for cyberattacks. For business leaders, the first step is awareness: 275 cyberattacks per day in Belgium! Then comes action — before it is too late.
5 questions to escape ‘cyber-poverty’
A sophisticated antivirus is not enough. If your employees connect without a VPN or via unsecured access points, it is like locking the front door while leaving the window open. Here are 5 questions to ask your IT team.
1. Do we have a VPN for all our remote access?
According to ANSSI, “perimeter” devices are priority targets — that is, security tools such as the firewall or VPN. The latter secures the connection between an employee working from home and your server. Without a professional VPN, every remote connection is an open door.
2. Are our backups externally stored AND regularly tested?
The right answer is specific: automatic, daily, off-site and tested monthly. If you hesitate, the answer is no. According to the Verizon DBIR 2025 report, 75% of system intrusions involve ransomware. And without a proven backup, you will have only one option: pay the ransom.
3. Do all our employees have two-factor authentication?
With 60% of breaches linked to the human factor, two-factor authentication blocks 99% of fraudulent access attempts, even with a stolen password. It is free and effective.
4. Who can access what in our system?
Apply the principle of least privilege. Does your sales rep really need access to accounting? Should your intern be able to download the entire client database? An access audit is essential — not because you distrust your teams, but to minimise risk.
5. If we get hacked tomorrow morning, what happens?
Do you have an identified crisis procedure? A business continuity plan? Cyber insurance? An emergency contact? In France, 58% of SMEs cannot assess the consequences of an attack. What about you?
