More than two thirds of Irish business leaders say their company could be hit by a cybersecurity breach within next 12 months, a new survey has found.
According to the research from IT service provider Auxilion, 67 per cent are more worried about cyber threats over the next year than before, and 64 per cent have noticed an increase in cybersecurity attacks during the last 12 months.
Despite more than half of organisations saying they had suffered a cybersecurity breach in the past, 28 per cent don’t have a cybersecurity strategy in place, with 30 per cent admitting they do not provide regular cybersecurity training for staff.
The research was conducted by Censuswide and questioned 100 c-suite executives from enterprises across Ireland.
Almost a quarter said dealing with the increasing number of cyberattacks was one of the biggest challenges to their organisation, with insecure user interfaces, malware, phishing attacks, data loss and account hijacking among the top risks.
Human error is classed as one of the top risks by one in 10 organisations.
“Our survey highlights a major disjoint between what business leaders believe and the actual reality of the situation. On one hand, there are major concerns about emerging threats and imminent breaches. On the other hand, there is a complacency in terms of taking action and equipping people with the means to address the problem,” said Donal Sullivan, chief technology officer, Auxilion.
“As well as locking down their company systems and data, leaders are equally concerned about protecting their employees when sharing information with others, both internally and externally. For example, any company that is reliant on email for communicating and collaborating is at risk in terms of data storage, access, retention and governance.
“Business owners and IT managers therefore need to think about cybersecurity from two different perspectives. Firstly, they must protect computer systems and networks to prevent service disruption and data theft. Secondly, data needs to be safeguarded against fraudulent activity, unauthorised access, and intentional or unintentional leakage.”