Fear of reputation loss is stopping firms and organisations reporting that they have suffered an IT attack, the country's top cybercrime detective says.
But Detective Chief Superintendent Pat Lordan, head of the Garda Cyber Crime Bureau, said honesty really is the best policy, warning that time is critical if criminals are to be traced and any money movements stopped.
"If we know the money is gone from your company through, for example, a business email compromise, if we know about it very quickly, there's a good chance of getting the money back. We can stop it somewhere," he said.
"The problem is, if you hide in your bunker and you don't report it for a couple of days and you're terrified of the Data Protection Commissioner and of the customer finding out, that money will never be seen again."
Mr Lordan said reports are also a vital source of information for helping prevent other organisations falling victim. "We're probably not seeing enough reports being made on the different types of frauds and scams. We need to know about the new one very quickly," he said.
He said a timely report by a small company enabled Gardai and the company's own technical people to devise a response that saved a much larger company from losing days of production when it was targeted in the same way a week later.
"The more information we get from the private sector, the more information we can give back," he said.
Mr Lordan was speaking at an international cybersecurity conference in Dublin where several speakers highlighted the role of human error in the lapses that enabled attacks.
He cited the case of a businessman he has encountered who had not upgraded his security system for 10 years as a cost-saving mechanism that could ultimately cost him all his information.
Donna Creaven of the Data Protection Commissioner's office pointed out that such lax behaviour is a breach in itself. She also said companies and organisations are inclined to gather too much information that isn't necessary for the service they supply.
"There's a need to ensure there is data minimisation from the outset. With the growth in technology and innovation, there's a greater capacity to gather data. The more data you have, the greater the risk to your organisation and to the data subject so it's important from the outset to understand what you need, why you need it and then be transparent about it."
Todd Renner of the Federal Bureau of Investigation in the United States also said people handling data need to get "back to basics".
"The number of victims I've responded to that have no back-ups [of their data] or they don't know where the back-ups are or they backed it up some time ago, is phenomenal," he said.
The Zero Day Con gathering, organised by tech firms, Smarttech247, Trend Micro and Palo Alto, heard that cybercrime is a trillion dollar industry, with internet business worth four trillion dollars globally and a quarter of that lost to cybercrime.