Cyber novices: One third of Irish firms are unprepared for online security breaches

Phishing emails are the main way in for online criminals who extorted sums of up to €40,000 from small Irish companies
Cyber novices: One third of Irish firms are unprepared for online security breaches

39% of Irish companies suffered a cyber attack in the past 12 months, with 70% of those companies targeted more than once.

Ireland had the largest proportion of firms that are not as well prepared for a cyberattack, according to a new global study on security.

The proportion of businesses targeted by cybercriminals in the past year increased globally from 38% to 43%, according to the Hiscox Cyber Readiness Report 2021, with over a quarter of those targeted (28%) experiencing five attacks or more. 

Some firms pushed to the brink 

Those attacks are pushing many firms to the brink, with one in six businesses attacked (17%) saying the financial impact materially threatened the company’s future. Out of the global study, Ireland had the largest proportion of firms (36%) ranked as cyber novices — meaning that they are not as well prepared for a cyber-attack, based on the Hiscox Cyber Readiness model.

Ireland fares poorly among eight countries surveyed

The report surveyed a representative sample of organisations in the US, UK, Belgium, France, Germany, Spain, and the Netherlands and included 320 companies in Ireland.

It found that 39% of Irish companies suffered a cyber attack in the past 12 months, with 70% of those companies targeted more than once.

The highest cost of a single incident or breach to a firm was €742,923, while the median cost was around €6,937.

Around one in every six firms attacked (16%) was targeted with ransomware, and 75% of those firms paid up, either to recover data or to prevent publication of sensitive information. The single largest ransom paid in Ireland was close to €40,000.

Phishing, credential theft, and cloud servers

Phishing emails were the main way in for the extortionists (65%), with smaller companies particularly likely to succumb. Other methods of entry included credential theft through the reuse of staff usernames or passwords, third-party suppliers, and unpatched corporate cloud servers.

On average, Irish firms allocate 21% of their IT budget to cybersecurity. This figure is up from 13% in 2020.

Richard O’Dwyer, managing director at Hiscox Ireland, commented: “The results of this report are chilling. 

One of the big takeaways is the worrying range of financial impacts that cyber attacks can have on a business. 

"The risk of inaction is that the next attack could be enough to sink the business — particularly with the challenging times at present."

More in this section

Lunchtime
News Wrap

A lunchtime summary of content highlights on the Irish Examiner website. Delivered at 1pm each day.

Sign up
Revoiced
Newsletter

Our Covid-free newsletter brings together some of the best bits from irishexaminer.com, as chosen by our editor, direct to your inbox every Monday.

Sign up