More than half (58%) of large Irish companies were the victim of an attempted external cyberattack over the past year.
That’s according to 'The state of cybersecurity resilience 2021' report from Accenture Security, which also found almost nine in every 10 companies (86%) believe the financial cost of staying ahead of cybercriminals is now “unsustainable” – an increase of 65% in the proportion who said the same one year previously.
Eighty two per cent of the more than 4,700 Irish companies who took part in the study said they had to increase their spending on cybersecurity in the past 12 months.
But almost half (48%) said because they lacked accurate and timely information over their company’s overall cash position, they could not reach their optimum cybersecurity level, and were thus exposed to online threats.
Respondents also listed other reasons why they felt they were lagging behind in terms of meeting cybersecurity objectives:
- 44% said working in 'silos' – that is, working as part of an insular team or department – was preventing them from reaching their cybersecurity goals;
- 45% said unclear accountability was hindering progress;
- 47% said old, legacy computing platforms meant up-to-date security was not possible;
- And 43% said an overall lack of funding was their primary issue.
Despite many Irish organisations believing their online ecosystem is secure, indirect attacks – successful breaches to the organisation through the supply chain – accounted for 63% of all cyberattacks reported over the past year, an increase of 29% on the year before.
"While the Irish organisations in our survey are far quicker than before at detecting a breach, mobilising their response, and getting operations back to normal, cyber adversaries are getting more resourceful at finding new ways to carry out their attacks," said group technology officer with Accenture Security, Jacky Fox.
Ms Fox said the research highlighted that when it comes to managing cyber risks, security officers needed to move away from security-focused silos and collaborate with the executives in order to fully understand and address cybersecurity needs.
There were, however, a number of measures organisations could adopt to bolster their cybersecurity measures, she explained.
- Striking a balance between cybersecurity and business objectives;
- Reporting any issues to the CEO and board of directors;
- Consulting often with CEOs and chief financial officers (CFOs) when developing a cybersecurity strategy;
- Protecting their organisation from loss of data;
- Embedding cybersecurity into cloud initiatives;
- And measuring the maturity of their cybersecurity program at least annually.
"Even a global pandemic can’t stop cybercriminals – if anything, the vulnerability and uncertainty was a breeding ground for new attacks," Ms Fox said.
"Organisations too often focus solely on business outcomes at the expense of cybersecurity but spending more on cybersecurity without being closely aligned to the business doesn’t make your organisation safer.
• Accenture's report can be read in full at: www.accenture.com/us-en/insights/security/invest-cyber-resilience