Almost one in five Irish firms experienced a cyber attack or data breach in 2022, according to new research by professional services firm Aon.
The survey of 228 senior business leaders from companies across Ireland reveals that 18 per cent of Irish firms were hit with such an issue last year.
Large companies with more than 250 employees were more at risk, with 21 per cent of firms facing an attack last year compared to 9 per cent of SMEs.
The research also finds most senior business leaders in Ireland plan to increase investment in cyber security and resilience in the coming years amid the evolving cyber risks facing Irish firms.
Companies have taken steps in the past year to strengthen their cyber resilience and preparedness, with 38 per cent having enhanced their data recovery and back-up systems and 35 per cent having provided cyber security training to employees.
This represents a slight decrease from levels seen in 2021, when 40 per cent of employees were provided with cyber security training.
Over two thirds of Irish firms (67 per cent) plan to invest more in cyber security and resilience in the coming years. Almost three quarters of firms with more than 250 employees are due to increase their spending on cyber security measures.
The survey also points to the growing dominance of cyber threats on an organisation’s risk register. According to the findings, cyber is now the fourth biggest business risk facing Irish organisations today.
Karl Curran, head of Aon’s cyber solutions Ireland and Nordics, said: “Business leaders are acutely aware of the enormity of the risk that cyber-attacks present and the need to plan accordingly.
“However, far too often, successfully managing cyber risk only becomes a priority after a cyber incident has occurred.
“Despite the majority of Irish firms planning to invest more in cyber security and resilience in the coming years, more than a quarter of Irish business leaders don’t have any plans to invest more in cyber security and resilience in the near future.
“Business and IT leaders are under increasing pressure to make smart security investments. And the truth is there is no one straight line approach to cyber security. It is a continuous journey focused on building resilience.”
Mr Curran added the group is encouraging business leaders to review their cyber security posture and take a strategic approach to managing cyber risk that is informed by data.
“This begins by assessing the cyber risk landscape, identifying the ways in which your IT team can mitigate challenges, transferring risk out of the business and, when faced with a crisis, recovering with speed,” he said.
“By taking a data-driven, circular approach to cyber resilience, business and IT leaders can come together to make better decisions that protect the future of their organisation and its people.”