Ireland had the largest proportion of firms that are not as well prepared for a cyberattack, according to a new global study on security.
The proportion of businesses targeted by cybercriminals in the past year increased globally from 38% to 43%, according to the Hiscox Cyber Readiness Report 2021, with over a quarter of those targeted (28%) experiencing five attacks or more.
Those attacks are pushing many firms to the brink, with one in six businesses attacked (17%) saying the financial impact materially threatened the company’s future. Out of the global study, Ireland had the largest proportion of firms (36%) ranked as cyber novices — meaning that they are not as well prepared for a cyber-attack, based on the Hiscox Cyber Readiness model.
The report surveyed a representative sample of organisations in the US, UK, Belgium, France, Germany, Spain, and the Netherlands and included 320 companies in Ireland.
It found that 39% of Irish companies suffered a cyber attack in the past 12 months, with 70% of those companies targeted more than once.
Around one in every six firms attacked (16%) was targeted with ransomware, and 75% of those firms paid up, either to recover data or to prevent publication of sensitive information. The single largest ransom paid in Ireland was close to €40,000.
Phishing emails were the main way in for the extortionists (65%), with smaller companies particularly likely to succumb. Other methods of entry included credential theft through the reuse of staff usernames or passwords, third-party suppliers, and unpatched corporate cloud servers.
On average, Irish firms allocate 21% of their IT budget to cybersecurity. This figure is up from 13% in 2020.
Richard O’Dwyer, managing director at Hiscox Ireland, commented: “The results of this report are chilling.
"The risk of inaction is that the next attack could be enough to sink the business — particularly with the challenging times at present."