SMEs have been urged to beef up their cybersecurity defences as attacks increase exponentially.
Manager of newly created national cybersecurity entity Cyber Ireland, Eoin Byrne told Cork Chamber’s monthly business breakfast that cybercriminals were increasingly focusing on SMEs and not just bigger firms and multinationals.
The CIT-based researcher said a recent US study found 60% of SMEs that had sustained a serious cyber attack had failed to recover and faced closure after six months.
With Ireland hosting a third of data in the EU, it provided a "massive opportunity" to become a world leader in cybersecurity with the available talent pool, but only if it was made a higher priority by Government.
Mr Byrne said it was perhaps time for the Government to look at moving cybersecurity to a different department than Communications in order to give it a higher focus.
In order for a national strategy to be successful, industry had to be partnered with academia and Government, Mr Byrne said.
Chief executive of Cork cybersecurity firm Smarttech247, Ronan Murphy said the industry had "tremendous challenges" to overcome with two million job vacancies worldwide.
With the global internet economy worth €4 trillion, criminals were able to currently extract up to €1 trillion, he said.
SMEs were particularly vulnerable, he said, with many previously not disclosing being breached for reputational purposes.
However, with legal obligations to report breaches under the EU's most comprehensive reform of data law, the general data protection regulation (GDPR), it was becoming a major challenge for SMEs, according to Mr Murphy.
He said his firm had paid hackers €530,000 on behalf of clients since January, despite advising them not to pay.
SMEs were "low hanging fruit and easy money" for criminals because of a lack of sophisticated defences and even basic housekeeping internally, Mr Murphy said.
Mike Harris of Grant Thornton said senior managers at firms had to lead the way when it came to cybersecurity.
They had to have systems in place to deal with a cyberattack, and it was imperative that they practice their plans repeatedly in order to minimise fallout when it happened, he said.
He said the former head of the FBI and special counsel who investigated alleged Russian efforts to sway the 2016 US election, Robert Mueller, was on record as saying there were only two types of companies -- those who had been hacked, and those who would be hacked in the future.