Third of businesses have no disaster recovery plan in place in event of cyberattack

According to new research, business owners believe it would take more than five days to get systems back up and running if they were hit by a cyberattack.

With Covid-19 delaying a return to the office, some 63% of owners admitted that some of their employees are less thorough about cybersecurity when working from home.

More than two in five (42%) have not carried out a full security audit since before the pandemic.

The research comes months after the HSE was hit with a major ransomware cyberattack causing the health service’s IT systems to be shut down.

The survey, commissioned by Typetec, found that only 5% of Irish SMBs provide cyber security training to their employees at least once a quarter.

“The consequences of a successful cyberattack can be devastating,” said Trevor Coyle, CTO, Typetec.

“Business owners evidently understand how quickly their businesses can fail without any access to their systems or data. However, many are still failing to take the proactive steps needed to help combat these growing threat levels.” 

Mr Coyle said that the survey shows security audits and regular staff training “are being neglected, with a significant minority of small and medium-sized businesses not even having an effective disaster recovery plan in place”.

He called on SMBs to put the necessary security procedures and processes in place to protect their businesses, employees and customers.

“It’s straightforward to calculate the financial cost of a cyberattack but how do you measure the loss of reputation and brand recognition, post breach,” Mr Coyle added.

“Businesses need to communicate immediately with all affected parties, should a data breach happen. We all need to play our part in this growing battle against cybercrime.” 

The survey included the views of more than 200 Irish business owners in firms of up to 150 employees.