In Ireland, cybercrime is double global levels, with four out of 10 organisations failing to assess the risks.
Economic crime is hitting record levels in Ireland, with almost half of businesses (49pc) reporting crime in the last two years.
According to new PwC figures, more than one in 10 lost more than €4m due to economic crime in the last two years while another 66pc lost up to €810,000 through cybercrime.
The study found that four out of 10 Irish companies are failing to do risk assessments, usually the first step to prevent fraud before it takes root.
“The research highlights that economic crime, fuelled by cybercrime, is becoming more prevalent and more costly for Irish businesses,” said chief superintendent Patrick Lordan from the Garda National Economic Crime Bureau.
The clean-up costs of economic crime are also substantial. For example, almost seven out of 10 (69pc) participants confirmed that they had spent the same or more on the subsequent investigations as the actual crime itself – and this was substantially more than the global experience (46pc).
Risky business
Interestingly, the survey also suggests that few Irish businesses fully appreciate the impact of fraud on employee morale, business relations and their reputation/brand, while global companies are much more aware of the potential collateral damage.
The survey reveals that the incidences of cybercrime in Ireland have increased substantially – 61pc reported having suffered cybercrime over the last two years compared to 44pc in 2016 – and have reached almost double global levels (31pc).
A similar proportion (61pc) also expect even more cybercrime in the future, up from 36pc in 2014.
Phishing was the most prominent (66pc) technique for targeted cyberattacks, followed by malware (56pc). Surprisingly, this was substantially less for global companies (33pc and 36pc, respectively).
“As the value of transactions over the internet increases exponentially year on year, fraudsters are turning to new ways of redirecting funds and are successfully achieving their goals,” said Pat Moran, PwC Ireland cyber leader.
“The funds allocated to crime detection and prevention are increasing, with Irish companies investing more than global companies, and that has a multiplier effect in terms of understanding and detecting fraud.
“With the rise in reported frauds, this may suggest that Irish companies have been rewarded for their efforts to uncover crime, but fraud levels are still rising. Put simply, the impact of fraud is no longer an acceptable cost of business.”
Moran pointed out that very few companies are using data analytics and AI to combat fraud – just 15pc and 6pc, respectively.
The survey results coincide with news that the Central Bank of Ireland has issued a fine of €443,000 against Dublin-based Appian Asset Management for succumbing to a cyber fraud whereby an email phishing attack led to a series of transactions resulting in the loss of €650,000 from a client’s fund.
The Central Bank pointed to significant breaches and regulatory failures, including insufficient red flags to spot that a fraud was occurring.
A similar phishing attack against Meath County Council saw €4.3m mistakenly transferred to Asia. Fortunately, the funds were recovered.