Irish organisations have experienced a significant uptick in cyber security incidents in the past 24 months and are stepping up their spend and management focus on the issue.
This according to EY’s Global Information Security Survey (GISS) – Path to Cyber Resilience: Sense, Resist, React. The report was published today to coincide with the expansion of the firm’s dedicated Advanced Security Centre (ASC) facility in Dublin which is now the largest of its kind for EY in EMEIA. The survey was conducted amongst 1,735 C-suite leaders and Information Security and IT executives globally (54 in Ireland).
The report shows that poor employee awareness, inadequate knowledge of information security at board level and insufficient budgets are still exposing companies to undue risk. Almost three out of four Irish organisations (72%) had experienced a significant cyber security incident, compared to 57% globally. This represents a 29% increase in Irish organisations reporting incidents when compared to 2014 figures – highlighting the ever-growing prevalence of such attacks, and the real risk to companies large and small across Ireland.
Over half (55%) of Irish executives surveyed said that they believe their organisation is unlikely to detect a sophisticated attack on their business, a figure that has barely changed over the past two years. By contrast, only a third (33%) of executives globally say the same today, a significant drop from 56% two years ago. Two in five (42%) have no communications response strategy for a significant cyber attack involving data compromise and 15% stated that they had no breach detection capability whatsoever.
The report shows that Irish organisations are on the right trajectory with security budgets continuing to rise and almost two thirds (65%) of executives surveyed saying that their organisation’s information security budget had increased in the past 12 months. The research also found that the adoption of cyber insurance is maturing more rapidly in Ireland than elsewhere, with nearly two in five (39%) Irish respondents already having cyber insurance that meets their needs – 50% more than the global average – and a further one in five (20%) actively looking for appropriate cover.
Commenting on the findings, Cyber Security Leader at EY Ireland, Hugh Callaghan said, "Our research shows that while Irish businesses are now more focussed than ever on managing cyber risk, they are still playing catch-up with cyber criminals, who continue to find ways around organisations’ security controls and exploit their employees’ lack of awareness to steal money and data. As advisors to clients across Ireland and internationally, we are also seeing an increase in cyber attacks that not only steal data but also destroy it."
He added, "Indeed there is a real threat of a significant cyber security incident putting an unprepared organisation out of business for good, so there is an onus on companies to protect themselves by stepping up their focus and investment in tackling this threat."
Source: www.businessworld.ie
