Cyber security: trust in a digital age | BDO Trend Report

> Cyber security: trust in a digital age | BDO Trend Report

Technology creates unprecedented opportunities but also makes companies more vulnerable than ever. Cyber crime ignores borders and has become a daily reality, including for Belgian businesses. 

Our BDO Company Barometer revealed that nearly one in five Belgian companies was hacked in 2025, with about half of those victims paying ransom to cyber criminals. That means almost 1 in 10 companies paid ransom to recover their hijacked data.

Hackers no longer focus solely on multinationals. SMEs are increasingly targeted precisely because they tend to be less protected.  Belgium's Centre for Cybersecurity handled 635 national incidents in 2025 alone, a significant increase over prior years. And the Belgian cyber security sector faces a shortage of roughly 1200 professionals, meaning many organisations simply do not have the in-house capacity to keep up.

The financial cost of cyberattacks runs into billions globally. But the greatest loss is often invisible and far harder to recover: trust. Trust from customers, from partners, from employees. Once that is compromised, the damage extends well beyond the balance sheet.

In our Trend Report: The business world in 2030, developed in collaboration with trendwatcher Tom Palmaerts, we explore what cyber security looks like in 2030 and why the answer is as much about human behaviour as it is about technology.
 

The threats are evolving faster than most defences

Cyber attacks are becoming more complex and more sophisticated. Ransomware remains the most common method (systems are locked and only released after payment). But supply chain attacks are rising fast. In these cases, hackers do not target your company directly. They compromise a supplier, a freelancer or a software provider to gain access to your systems. Any chain is only as strong as its weakest link.

Not every attack is technical either. Disinformation campaigns can confuse customers and employees alike. A false post on social media or a leaked document can damage a company's reputation within hours. And then there are deepfakes. Criminals are now able to mimic the voice of executives convincingly enough to force urgent payments. What stops these attacks is often not complex technology, but rather an employee who asks the right question at the right moment. Common sense remains the first line of defence.

The quality of your data plays a role here too. Poor or inconsistent data leads to flawed business decisions and undermines trust in your systems and your leadership.

What is coming next

A new threat is on the horizon: quantum computing. Computers capable of calculating millions of times faster would render many of today's encryption methods useless. The mainstream quantum era has not arrived yet, but banks, governments and technology companies are already preparing. Belgian businesses should follow developments closely and gradually make their security quantum-safe.

On the regulatory side, the EU Cyber Resilience Act is pushing companies to design products and software more securely and take responsibility for vulnerabilities. That may feel like additional regulation, but it also delivers greater trust among customers, suppliers and investors. Like the AI Act, this legislation aims to provide frameworks and certainty, though its strength will ultimately depend on enforcement, collaboration and innovation.

Technology is not enough on its own

The human factor is the one pattern that stands out across every major cyber incident. Employee awareness is consistently the weakest link and the strongest potential defence. Companies that invest in crisis drills, that screen suppliers and freelancers for their cybersecurity practices, and that build a genuine security culture across the organisation are far better positioned than those relying on technology alone.

BDO's Global Risk Landscape 2026 survey confirms this: 35% of CEOs see cyber as a top-three risk their organisation is unprepared for. Yet many are still thinking about it too tactically, treating it as an IT issue rather than a strategic priority. And 23% of CEOs admit they are underspending on cyber security. The gap between awareness and action remains wide.

A layered approach, combining technical safeguards with human vigilance, regular testing and clear response protocols, remains the most effective defence.

What you will find inside the report

The cyber security section of our Trend Report includes:

  • some real-world examples of how deepfakes and social engineering are being used against companies today, 
  • concrete dos and don'ts for business leaders
  • Advice and insights from BDO's Risk Advisory team on building a layered defence that combines technology with common sense.

The report makes the case that cyber security is not just a technical challenge. It is a trust challenge. And in a digital economy, trust is the currency that matters most.

This article is part of ourTrend Report: The business world in 2030, a collaboration between BDO Belgium and trendwatcher Tom Palmaerts.