Only 28pc of Irish companies have ‘robust’ cybersecurity measures

24 Oct 2024

Image: © Mike Dot/Stock.adobe.com

Globally, a data breach costs an estimated €3m and yet less than a third of Irish companies are well prepared.

Despite the cost of cyber breaches, less than a third of Irish organisations have implemented “robust cyber resilience actions”, according to PwC’s 2025 Digital Trust Insights survey. However, 74pc of the respondents say they are prioritising cyber risk mitigation in 2025.

PwC’s annual study surveyed more than 4,000 business and tech executives across 71 countries and found that 66pc of Irish organisations are expecting their cyber budget to increase in the next year, lower than the global average of 77pc.

The survey finds a gap in the implementation of cybersecurity measures in Ireland, with only 28pc companies in the country having actually implemented robust cybersecurity across their organisations, trailing behind their global counterparts, 33pc of which are more resilient to cyberattacks.

Third-party breaches remain the top cybersecurity concern for Irish businesses as companies continue to depend on third parties, the survey details. This is closely followed by ransomware and cloud-related threats. While globally, the top threat is the cloud, followed by hack-and-leak operations.

Last year, it was reported that nearly three in four Irish business fell prey to at least one cyberattack in the previous 12 months, while only a third of them recovered all data after paying a ransom. While another survey in 2023 found that nearly 20pc of businesses did not have a cybersecurity policy in place.

“Despite the high cost of cyber breaches, less than one in three Irish organisations have implemented robust cyber resilience actions across their businesses,” said Leonard McAuliffe, a cybersecurity partner at PwC Ireland.

“At the same time, they state that they are planning to prioritise cyber risk mitigation in the next 12 months, but their planned investment is behind their global peers.

“Irish companies need to prioritise cyber risk investment even more to safeguard their organisations from cyberattacks,” McAuliffe said.

GenAI and regulations

Generative AI (genAI) has taken the world by storm, with many companies now using AI and offering AI services. Last year’s PWC report found that more than half of business leaders surveyed expected generative AI to lead to “catastrophic” cyberattacks over the following 12 months.

This year, nearly 80pc of companies globally have increased their investment in genAI. According to the survey, genAI has increased vulnerability to cyberattacks by 68pc in the last 12 months. However, companies are also using genAI as a defence mechanism to detect threats such as malware and phishing, the survey notes.

Although, there are still issues with AI, as 39pc of global respondents said internal stakeholders didn’t trust the technology and highlighted difficulties in integrating the technology with existing systems and processes.

Additionally, nearly 40pc pointed to inadequate internal controls and risk management and a lack of standardised internal policies governing the use of genAI as prominent challenges.

Meanwhile, compare to global figures, Irish respondents are less confident about their compliance with new cyber regulations: NIS2, the EU AI Act and DORA. Though globally respondents agreed that these regulations have driven increased investment in cybersecurity this year.

Don’t miss out on the knowledge you need to succeed. Sign up for the Daily Brief, Silicon Republic’s digest of need-to-know sci-tech news.

Suhasini Srinivasaragavan is a sci-tech reporter for Silicon Republic

editorial@siliconrepublic.com