News

Recent figures have painted a worrying picture of Ireland’s cyber resilience landscape, highlighting a significant uptick in cyberattacks over the past year. These figures highlight the urgent need for enhanced cybersecurity measures across the nation. At Viatel Technology Group, we work with organisations across the country to develop, implement and manage their cybersecurity infrastructure. For organisations of every size, it needs to be the key consideration for all operational decision- making. In this blog, we reflect on key stats and what you can do to ensure your organisation doesn’t become one of them.

Cybersecurity isn’t about ‘one and done.’ It’s an ongoing effort, like going to the gym. You can’t just train for January and abandon it for the rest of the year.

Eilish O’Connor
CTO, Viatel Technology Group

Ireland: The Most Phished Country in the World

A recent study by the Worldwide Independent Network of Market Research (WIN) on data collection, misuse, and AI revealed that almost two-thirds of Irish adults have experienced phishing, making Ireland the most phished country globally. This rate is nearly double the global average. Additionally, over one-in-five Irish adults have faced credit card fraud or had their bank accounts hacked, which is almost twice the global average of 12%. Despite these high incidences of fraud, only 23% of people understand what happens to their personal information when shared with data collectors, compared to the global average of 30%. Knowledge of artificial intelligence (AI) is also low, with just 21% of Irish adults expressing a strong understanding, and even fewer among those over 55.

The Growing Threat to Smaller Businesses

The National Cyber Security Centre (NCSC) has reported that cyber criminals are increasingly targeting smaller businesses, which often lack the budgets and IT knowledge of larger enterprises. This trend is concerning, especially as the World Economic Forum has listed cybercrime among the top 10 severe global risks. In 2021-2022, 32% of Irish SMEs reported experiencing some form of cybercrime. Alarmingly, 12% of these victims paid the ransom, which is twice the EU average. Some studies suggest even higher figures, with one-third of surveyed businesses admitting to paying ransoms, often multiple times, with an average ransom of €22,773.

Underreporting and Financial Impact

Research by Amarach for Microsoft in 2023 found that 46% of respondents had faced cyber incidents in the last three years, with 30% experiencing data breaches. However, only 14% reported these incidents to regulatory bodies, indicating a significant underreporting issue. Despite these challenges, 74% of organisations haven’t reduced their cybersecurity spending, and 57% conduct regular cybersecurity training. However, gaps remain, with only 44% performing risk assessments and 38% employing a multi-layered defence strategy. This suggests a potential complacency, with 26% of organisations indicating no planned IT security infrastructure investment for the coming year.

The Cost of Inaction

The statistics make it clear: failing to invest in cyber resilience now will result in higher costs later. Paying a ransom to retrieve data is expensive and offers no guarantee of recovery. Business restoration is also costly and time-consuming, affecting operational uptime. Additionally, fines from the Data Protection Commissioner can be substantial. Therefore, whether you choose to work with Viatel or another provider, taking action is imperative.

Understanding the Threat Landscape

Ireland faces a myriad of evolving cyber threats. Phishing and spam are often used to deliver malware and ransomware. As businesses migrate to the cloud and operations become more decentralised, the attack surface grows. Human error remains a significant risk, with phishing emails and weak passwords being common entry points for cyberattacks. Insider threats, driven by disgruntled or careless employees, also pose substantial risks.

Human Risk Management

Bruce Schneier, a security veteran, aptly said, “Amateurs hack systems, professionals hack people.” Human intervention is a common factor in successful cyberattacks. Recent research by Amarach and Microsoft found that almost 40% of Irish business leaders view phishing as the greatest threat to their organisations.

Building Cyber Resilience

There is no single solution to cybersecurity. It requires continuous effort and vigilance. Cyber resilience involves identifying risks, working on them repeatedly, and preparing for inevitable attacks. It is everyone’s responsibility, from top management to individual users.

Frameworks and Best Practices

Fortunately, frameworks like ISO27001, CIS controls, and the NIST framework provide guidance on building resilience. The NIST framework outlines steps to identify assets, protect them, detect issues, respond to incidents, and recover. Continuous improvement is key.

Immediate Actions- What You Can Do Now To Protect Your Organisation

To protect against 99% of attacks, organisations should:

1. Enable multifactor authentication to protect against compromised passwords.
2. Apply Zero Trust principles, including explicit verification, least privilege access, and assuming breach.
3. Use extended detection and response (XDR) and anti-malware solutions.
4. Keep systems up to date, including firmware, operating systems, and applications.
5. Protect data by knowing its location and implementing appropriate defences.

Engaging Leadership and Creating a Security Culture

Cyber risk must be taken seriously at the board level. Regulations like DORA and NIS2 emphasise the importance of cyber resilience and place responsibility on CEOs. Creating a culture of cybersecurity awareness is essential. This involves making security education engaging and relatable, understanding employee behaviours, and fostering a collaborative environment.

A Practical Guide to Cybersecurity

We have created a Practical Guide to Cybersecuirty, enabling you to take the next step in your journey. With this guide, we are breaking through the buzzwords to give you practical, actionable and scalable cybersecurity solutions that will enable you to meet compliance and regulatory guidelines, maintain operational resilience and successfully protect your credit union and its members.
Click here to read.

Get in touch
Ireland’s cyber resilience is a critical issue that requires immediate attention. At Viatel, our cybersecurity experts can help you on your journey to protecting your business. Get in touch today by emailing hello@viatel.com.