Image: © Pakorn/Stock.adobe.com
More than two-thirds of Irish cybersecurity leaders believe that reputational damage from a cyberattack would ‘significantly’ damage their business.
Cyberattacks are “growing in frequency and complexity”, according to a new cybersecurity report, which revealed that 74pc of Irish organisations surveyed suffered an increase in cyberattacks in the past year.
Insurance company Hiscox just published its Cyber Readiness Report 2024 to explore the role of robust cyber resilience measures in safeguarding against attacks. “As emerging technologies outpace traditional security measures, many firms are struggling to invest adequately in the right talent, tools and strategies to protect against these evolving threats,” said Eddie Lamb, Hiscox’s chief information and security officer.
Hiscox surveyed more than 2,000 professionals responsible for their organisational cybersecurity strategies from the US, UK, Ireland, France, Germany, Spain, Belgium and the Netherlands. The report includes comparisons with previous surveys, mainly the 2023 Cyber Readiness Report that collated responses from more than 5,000 professionals.
The research revealed that, on average, Irish organisations each suffered 58 cyberattacks in the past year, while globally, the number increased from 63 to 66 cyberattacks per organisation.
Many businesses are not financially prepared for cyberattacks, the study found, with 26pc of business leaders said their organisations do not have sufficient resources to effectively manage the financial risks associated with a cybersecurity threat.
The challenge of human error
Globally, 46pc of the organisations that come under a cyberattack reported that an employee was the first point of entry in at least one attack. While the most common point of entry was business emails being compromised through credential or server compromise.
“Human error remains one of the greatest liabilities,” said Lamb, “particularly in the age of remote working”.
“With employees often working from less secure environments, phishing scams, weak passwords and accidental data breaches are all too common.”
More than two-thirds (65pc) of Irish leaders believe that reputational damage from a cyberattack would “significantly” damage their business – marginally higher than other European country leaders. This is driving organisations to pay ransoms, even though this is something experts advise against, who argue that this action fuels the future activities of criminals and there is no guarantee that any encrypted systems will be fixed or any stolen data will be returned.
In the Hiscox survey, the top three reasons to pay ransoms to cybercriminals were to protect customer data, to protect organisational reputation and to recover data because they did not have backups. However, despite paying a ransom, only 18pc of businesses managed to fully recover their data.
New technology increases risks
The adoption of new technologies is also contributing to the rise in cyberattacks, the report found, mirroring the findings of a recent PwC cyber survey on digital trust.
70pc of organisations globally said they have already integrated generative AI into their daily business activities, with 56pc believing it will significantly impact their cybersecurity risk profile.
Despite this, many businesses are underprepared, with more than a third (34pc) of organisations admitting that their cybersecurity measures are “compromised due to a lack of expertise in managing the risks associated with emerging technologies”.
“Businesses need to see technological innovation and cybersecurity as complementary, rather than conflicting, forces,” Lamb advised.
“Business leaders will need to continue to invest in attracting the right expertise to manage emerging technology risks if they are to not just survive but thrive in a world of expanding technologies with their reputations intact.”
Don’t miss out on the knowledge you need to succeed. Sign up for the Daily Brief, Silicon Republic’s digest of need-to-know sci-tech news.
