Ireland ranks 7th out of 28 EU member states in the European Commission Digital Economy and Society Index (Europe Commision , 2019). It is, undoubtedly, a leading EU member when it comes to the use of digital technology and is home to the European headquarters of nine of the world’s largest technology companies. In short, Ireland is well regarded when it comes to technology and education related to cybersecurity.
What initiatives have been launched in Ireland?
Without the help of the Irish Government, and the initiatives it launched, there is scope to argue that Ireland would not have earned the title of “cybersecurity leader.” Last year, the Government of Ireland launched the second National Cyber Security Strategy for the period of 2019-2024 aimed at making the nation more secure. One of the crucial objectives of this strategy is to implement the best technology and cybersecurity measures in Irish businesses as well as to increase cybersecurity awareness and develop skills among organisations and private individuals (Government of Ireland, 2019).
Its aims may deserve commendation, however, Dublin-based InfoSec consultant Brian Honan, a former exclusive advisor on Cybersecurity to Europol, explains that the strategy is incomplete because it fails to lay out much of a plan for private sector involvement. He stated that « while titled a National Cyber Security Strategy, [it] seems to pay little or no attention to the indigenous private sector within Ireland, » (Leyden, 2020). Nevertheless, it does present an opportunity for private enterprises, in particular cybersecurity companies, to become involved in the initiative.
Alongside this, the National Cybersecurity Cluster Initiative was launched in 2019, with the goal of making Ireland a cybersecurity leader in terms of talent and skill, research and innovation, boosting SME exports, and attracting foreign direct investment (FDI). Minister for Equality, Immigration, and Integration David Stanton, TD explains: « This innovative collaboration between Government, industry and academia will serve as a platform for the industry here to continue to growand compete globally. » (Kennedy, 2019)
What does the cybersecurity landscape in Ireland look like?
At present, there are approximately 6,500 cybersecurity professionals in Ireland, a statistic which helps to illustrate the competitiveness of the market. Approximately 28% of Irish companies are classified as elite while the average number of firms that fall into this category in other countries is 17%.
Yet, cybersecurity issues continue to exist. About 61% of Irish organisations reported that they suffered cybercrime in the last two years and with a loss of €3.1 million (Government of Ireland, 2019).
Is there cause for concern?
According to a survey by Microsoft, in Ireland, 4 out of 5, i.e. nearly 76% of IT decision-makers are worried about their company’s security. Moreover, many large companies, which have already experienced cybersecurity problems, commonly in the form of phishing or hacking, are concerned about cybersecurity measures as they recognise they don’t have the appropriate mechanisms in place and know that there is room for improvement (Microsoft , 2020). Crucially, people have begun to understand that cybersecurity is not simply an IT issue, but a business issue.
Who is at risk of sustaining a cyber-attack?
According to a Magnet Networks survey, 170,000 businesses across Ireland could be vulnerable to crippling ransomware attacks, as they don’t have anyone qualified to look after network security. In the study of roughly 205 companies belonging to different sectors, approximately 48% of the business have no cybersecurity policy in place.
Small businesses, with less than 10 employees, are particularly vulnerable: 68% of them have no policies in place, and 1/3 have no cyber protection. Surprisingly, only 13% of respondents believe that their business is completely secure (Magnet Network, 2017).
Who is concerned about cybersecurity policy?
Worries around cybersecurity are still present in Irish organisations, particularly at management level. 4 out of 10 senior IT decision-makers are worried about digital threats due to challenges in managing employee’s access and identity management (IAM) policies (Microsoft , 2020).
When it comes to security management policy, only 1 in 4 believe they are secure against cyber threats. Only 3 in 10 IT senior decision-makers believe they have a clear strategy to protect and manage sensitive information.
Many senior staff members express concerns, however, 69% are not planning on hiring additional cyber-security staff. On the other hand, out of the 31% who are trying to hire someone, 54% of them can’t find the right candidate (Microsoft , 2020).
When the companies were asked about their biggest cybersecurity fears, the top response was inadequate password and security practices (62%) and ransomware attacks (59%) (Microsoft , 2020).
Figure 1 shows all the main security concerns for Irish organisations.
What measures do Irish companies take to improve their cybersecurity posture?
To prevent exposure to cyber-attacks, 69% of organisations do not allow employees to access their network from personal devices. However, shockingly, the 2019 Microsoft studies show 49% of employees still use their personal email when working remotely and are exposing the firm to potential cyber-attacks (Microsoft, 2020).
Are the Irish and UK cybersecurity landscapes comparable?
In the UK as well, the threat of cybersecurity attacks has not diminished. According to the UK’s 2020 Cyber Security Breaches Survey, approximately half of all UK businesses (46%) have reported a cybersecurity breach in 2019. Moreover, the nature of the attacks has changed; there has been an increase in phishing attacks and a fall in virus and malware attacks.
How do UK companies react to cybersecurity issues?
In recent years, organisations have become increasingly aware of the importance of cybersecurity in the UK. The 2020 Cyber Security Breaches Survey revealed that 8 out of 10 participants regarded cybersecurity as a high priority.
Moreover, the survey highlighted that UK organisations are becoming more resilient to cyberattacks. Businesses are now more likely to make a quick recovery and are less likely to report negative impacts from cybersecurity breaches.
Are UK companies engaging experts to improve cybersecurity posture?
It has been observed that over half, roughly 54%, of UK businesses are now seeking out information and guidance for cybersecurity. About 27% of companies get advice and information from external cybersecurity consultants and service providers and 9% search online.
This presents an excellent opportunity to cybersecurity companies who may use articles and blogs, published online, to attract potential clients. Many organisations, approximately 39%, are now outsourcing cybersecurity to external service providers. The below figure shows the percentage of companies having external cybersecurity providers.
Another interesting finding of the report was that organisations usually think about cybersecurity while filing tax audits, during financial audits, when undergoing technological changes (example moving to cloud), and while meeting with insurance brokers. Therefore, banks and insurance companies may play an essential role in guiding the organisations on cybersecurity (GOV.UK, 2020).
Conclusion
Although cyber-attacks continue to pose a threat to businesses across Ireland and the UK, the situation appears to be improving. Government initiatives have provided concrete facts surrounding the issue and awareness among companies is increasing. There may be still a long way to go, however, over time, and with the help of experts like Stryve, the threat of cyber-attacks should continue to diminish.
How can companies like Stryve help you?
At Stryve, we provide cybersecurity advisory services and cybersecurity solutions which offer access to cybersecurity specialists and the latest cutting edge technologies. Our primary customer base consists of small and medium businesses throughout the UK and Ireland. They may have an IT Manager or CTO in situ but lack a dedicated security lead and are thus interested in receiving support from us.
About Stryve
At the core of our mission is a desire to bring Fortune 500 levels of security and expertise at a price point that is affordable for small and medium businesses. We are a dedicated cybersecurity provider and not a reseller which enables us to configure your cybersecurity requirements based on what is best for your specific context. We work closely with clients to develop relationships and ensure that our solutions not only meet but exceed their expectations. We offer 24/7/365 support and our clients know that if ever have an issue or concern, we are always only a phone call away.