Category: Cybersecurity

One in Three Irish Households Experience Cybercrime

Kyndryl the world’s largest IT infrastructure services provider, today published new research highlighting escalating threats from cyberattacks and scams to Irish households. The findings offer an in-depth perspective on cybersecurity readiness, habits and vulnerabilities among individuals in Ireland, highlighting a lack of basic cybersecurity precautions and awareness, which include:

  • One in five (20%) respondents reported directly experiencing a cyberattack or online fraud in the past year.
  • An additional 15% reported attacks within their household. In total, more than one in three (36%) Irish households have experienced cybercrime over the last 12 months.
  • Almost half (48%) of respondents reuse the same password across multiple sites.
  • More than a quarter (26%) acknowledge using public Wi-Fi for sensitive activities like banking and online shopping, exposing themselves to attacks.

“While businesses are grappling with the complexities of maintaining future-ready IT infrastructure, as highlighted in our recent Kyndryl Readiness Report, the same principles apply to consumers: effective cybersecurity starts with people,” said Chris Davis, Managing Director, Kyndryl Ireland. “Cybersecurity readiness isn’t just about having the latest tools – it’s about fostering awareness and proactive behaviours among individuals. Increasing public awareness and education is crucial to help individuals protect themselves in an ever-evolving digital environment. At Kyndryl, we believe that a collaborative effort involving government, businesses, and educational institutions is essential to fostering a more secure digital society, and we’re committed to supporting that mission.”

The new research was conducted by 3Gem Research and Insights and builds on findings of organizational readiness that Kyndryl recently published in its inaugural Readiness Report.

Cyber threat concerns are pervasive

Cybersecurity worries are widespread, with 73% of respondents most concerned about personal devices being hacked, such as smartphones and laptops. The second biggest concern is online scams (68%), followed by identity theft (58%). Nearly half (48%) fear sensitive information being leaked through data breaches, while 28% express anxiety over ransomware attacks.

Young adults most at risk of cyber fraud

Almost one in five (21%) individuals experienced a cyberattack or online fraud attempt in the last year, with an additional 15% reporting that a household member had been targeted.

Young adults, particularly those aged 25-34, appear to be the most vulnerable, with 29% having been directly targeted by cybercriminals. This figure drops to 19% for those aged 45-54, and just 11% for individuals aged 65 and above.

Poor password practices still prevalent
Password reuse remains a major security risk, with 48% of respondents stating they use the same password across multiple accounts – a habit that significantly increases vulnerability to cyberattacks. This risky behaviour is most prevalent among 18-24 year-olds (57%), compared to 36% of those aged 65+.

Alarmingly, 41% of respondents say they rely on memory to store their passwords, making it less likely they use strong, complex alphanumeric combinations. Reliance on memory increases with age, from 37% of 18-24 year-olds to 50% of 55-64 year-olds.

Only 24% of respondents use a password manager, considered one of the safest ways to store and generate strong passwords. Meanwhile, 17% write their passwords on paper, 12% rely on browser auto-fill, and 4% admit to using the same password for all accounts.

Risky online behaviour still common
Risky online practices remain widespread, with 26% of respondents admitting to using public Wi-Fi for online banking or shopping – leaving them exposed to potential attacks. This behaviour is particularly prevalent among younger age groups, with 41% of 18-24 year olds and 35% of 25-34 year olds engaging in this high-risk activity.

Additionally, 18% of respondents opt out of using Two-Factor Authentication (2FA), a highly effective method for securing online accounts. Among younger respondents, the figure rises to 23% of 18-24 year olds and 24% of 35-44 year olds.

Consumers have little tolerance for data breaches

Consumers expect high standards of data protection from service providers. If a breach occurred, 74% of respondents said they would be likely to stop using a financial service, such as a bank or insurance provider, while 75% would do the same for social media platforms like TikTok or Instagram.

Slightly more lenient attitudes were noted for other services: 70% would be likely to stop using a retailer, 69% an email provider, and 64% a gaming service following a breach.

Public is divided on responsibility for cybersecurity education

When asked who should take the lead in educating the public about cybersecurity, 35% of respondents believed that this was the responsibility of the National Cyber Security Centre (NCSC), the body formally responsible for Ireland’s cybersecurity. Schools were the second-most popular choice, with 19% believing they should bear primary responsibility.

Meanwhile, only 12% of respondents feel employers should play a leading role, and just 7% believe universities should be primarily responsible for cybersecurity education.

New research highlights crucial cybersecurity gaps in education sector

New research highlights the need for ongoing concern for the UK education sector’s cybersecurity posture in the light of a growing threat landscape. ESET ‘s findings reveal that nearly three-quarters (73%) of institutions surveyed have experienced at least one cyber-attack or breach in the past five years, with a fifth reporting three or more incidents. This aligns with government data from 2024, which found that 77% of education organisations had experienced a breach or attack in the previous year – far higher than the 50% of UK businesses overall that had been targeted.
Despite being a key target for cyber threats, one-third of education institutions surveyed still lack fundamental protections, such as antivirus software (33%) and strong password policies (35%2). Additionally, the majority (79%) have not adopted advanced measures like managed detection and response.
Another key but often overlooked safeguard is cyber insurance, which, according to government data, under half of primary schools (44%) and even fewer secondary schools (36%) report having in place. In fact, the ESET findings reveal that 7% of institutions operate without an annual cybersecurity budget at all.
This cybersecurity shortfall not only jeopardises organisational data but puts sensitive student information at risk. As cybercriminals increasingly target educational institutions, students’ personal and academic data remain highly vulnerable to theft or misuse. Compounding the issue, one in five (21%) education organisations surveyed admit they feel unprepared / not confident to tackle the rising tide of AI-driven cyber threats.
When asked about the main reasons why they wouldn’t take out a cyber insurance policy, many stated that they prefer to prioritise the budgets they have for cybersecurity measures (37%). Others cited concerns about payout reliability (33%) and complex or unclear policy terms (32%). Meanwhile, 28% believe cyber insurance is too expensive, while 18% revealed they simply don’t understand its value.
Top threats persist
These revelations all come at a time when education organisations continue to battle familiar foes, with data breaches (61%), malware (55%) and phishing (43%) topping their list of concerns. While three-quarters (76%) of education organisations surveyed believe their staff have excellent or good knowledge and awareness of cyber security best practices and online safety, over  half still plan to prioritise increasing staff awareness and training and expanding their cyber security tools or software over the next 12 months (55% and 51% respectively).
The case for managed support
Over three-quarters (77%) believe their institutions would benefit from enhanced cyber security measures with managed support from an external, specialist cyber security provider. However, nearly half (47%) of education organisations surveyed said they would need evidence of a cyber-attack’s potential detrimental and financial impact on their institution to help convince their finance department to approve a larger cybersecurity budget.
Jake Moore, Global Cybersecurity Advisor at ESET, commented: “Education organisations are sitting on a ticking time bomb. While it’s clear that the sector recognises the critical importance of cybersecurity, there is a huge disconnect between budget allocation, lack of insurance and its misconceptions, and inadequate measures, which is leaving institutions highly vulnerable. A comprehensive strategy that includes both cutting-edge security tools, like managed detection and response, and appropriate insurance coverage, is essential to protect against potentially devastating financial and operational impacts.
“These findings underscore the urgent need for education organisations to adopt a more robust and integrated approach to cybersecurity. Institutions can better safeguard their operations, staff and students, by increasing investment, educating stakeholders, implementing advanced solutions, enhancing training, and collaborating with specialised providers.”

Cybersecurity Challenges in Irish Online Gambling: Navigating a Complex Landscape

As the online gambling industry in Ireland continues to expand, so do the challenges associated with ensuring cybersecurity. This vibrant sector, fuelled by technological advancements and changing consumer preferences, faces a myriad of threats and regulatory hurdles aimed at safeguarding both operators and players. With the advent of new technologies and the increasing sophistication of cyber threats, the stakes have never been higher for ensuring robust cybersecurity measures are in place.

Evolving Regulatory Landscape

As mentioned earlier, online gambling in Ireland is popular, and the recent introduction of the Gambling Regulation Bill marks a significant shift in the country’s approach to the activity. This legislation emphasizes the importance of data protection and consumer safety, requiring operators to adapt swiftly to new cybersecurity requirements. In particular, the bill places a strong emphasis on the need for online gambling platforms to implement advanced security protocols to protect sensitive user data. This includes both personal information and financial transactions, which are prime targets for cybercriminals.

The regulatory landscape is further complicated by the need for compliance with international standards, such as the General Data Protection Regulation (GDPR). This European Union regulation requires companies to ensure the protection of personal data and privacy, adding an additional layer of complexity for online gambling operators in Ireland. Compliance is not just a legal obligation but also a critical component in maintaining consumer trust.

Cybersecurity Threats on the Rise

The online gambling sector is facing an increasing wave of cyber threats. Among the most common are Distributed Denial of Service (DDoS) attacks, which can cripple a website by overwhelming it with traffic. Account takeovers are another significant threat, where hackers gain access to user accounts, potentially leading to financial loss and identity theft. SQL injection attacks, which involve inserting malicious code into a database query, can also compromise user data.

The impact of these threats is not merely theoretical. Past data breaches in the sector have highlighted the severe repercussions for both operators and players. For operators, a breach can result in financial losses, legal liabilities, and reputational damage. For players, the consequences can be equally dire, undermining their trust in online platforms and deterring them from engaging with online gambling services in the future.

Harnessing Technological Innovations

To combat these threats, the industry is increasingly turning to technological innovations. The use of AI and blockchain technologies is being explored to enhance security measures. AI can help detect and respond to threats in real-time, offering a dynamic defence against cyber attacks. Blockchain technology offers numerous benefits; its decentralized and transparent nature ensures secure transaction records that are highly resistant to tampering. However, these technologies are not without their challenges. AI systems require large amounts of data to function effectively, raising concerns about privacy and data protection. Blockchain, while inherently secure, is not immune to vulnerabilities and requires careful implementation and management.

The Role of Player Protection Measures

Consumer protection regulations are at the forefront of the new gambling rules, requiring operators to implement measures against fraud and identity theft. This includes the secure handling of personal information and financial transactions. Operators are also required to install sophisticated monitoring systems that track player behaviour, identifying signs of problematic gambling. These systems must balance the need for user privacy with the need for intervention, ensuring that players are protected without infringing on their rights.

Industry Response and Future Outlook

The response from online gambling operators has been proactive. Many have invested in specialized IT teams and advanced security software to bolster their defences against cyber threats. Collaboration with cybersecurity firms is becoming increasingly common, facilitating the sharing of threat intelligence and best practices. These partnerships allow operators to stay ahead of emerging threats and ensure their platforms are secure.

Looking ahead, the future of cybersecurity in the Irish online gambling industry will likely be shaped by ongoing regulatory changes, technological advancements, and the evolving threat landscape. As global standards influence local practices, operators must remain vigilant and adaptable to maintain the trust and security of their users. The dynamic nature of the online gambling industry in Ireland challenges operators to not only comply with regulations but also stay ahead of cyber threats. As the sector grows, so too must the commitment to robust cybersecurity measures, ensuring a safe and secure environment for all involved.

In conclusion, the cybersecurity challenges faced by the Irish online gambling industry are multi-faceted and complex. They require a concerted effort from regulators, operators, and technology providers to ensure that the sector remains secure and trustworthy. As the industry continues to evolve, the focus must remain on protecting both operators and players from the ever-present threat of cybercrime.

Cybersecurity experts show biggest scam threats for 2025

Smarter, faster, and more sophisticated scams are coming. Thanks to AI, scammers are more efficient than ever, stealing money at record rates. Every day AI tools such as ChatGPT and OpenAI are used as scam arsenal, leading to around 13 million people in the UK to lose around £1.4bn each year.

Global scam protection leader F-Secure stays one way step ahead of cyber criminals, defending people from scams before they happen. F-Secure’s team of cybersecurity experts share the new threats the country will face in 2025:

New regulations for banks, telcos and social media companies who fail to prevent scams

Calvin Gan, Senior Manager, Scam Protection Strategy, says: “Right now lawmakers around the world are targeting telecom providers, banks, and social media companies, saying they should be held responsible when their customers fall victim to fraud. Australian lawmakers are pushing through a bill that will fine companies up to $50 million for failing to protect their customers from scams, and here, in a world first, UK bank refunds for fraud became mandatory after the Payment Systems Regulator (PSR) reduced the maximum compensation from a previous proposal of £415,000 to £85,000, covering more than 99% of claims.

“Passing new laws that empower businesses to beef up protection against scams is a welcomed move. Scam fighting is not a top-down only effort but involves everyone from governments to organisations and even individuals. Just like we’ve seen with GDPR in Europe forcing companies to take data privacy more seriously, new legislation like this would create an extra protection mechanism for consumers.

“Still, there’s no 100% guaranteed way to prevent scams from happening in the first place. People need to take precautions daily, especially on scam-prone channels like social media and messaging apps.

Cheap, easy AI tools will be deployed in sophisticated cyber attacks

Laura Kankaala, Head of Threat Intelligence: “Using AI tools for malicious purposes (like generating malicious and manipulative content) has already been evident throughout this past year. As we head into 2025, we are bound to see more sophisticated attacks that leverage everyday AI tools – like ChatGPT, ElevenLabs, or basically any AI tool that is cheap and easy to access online. The reality is that cyber criminals are abusing this readily available technology to fine-tune their scams and consumers must be better informed, whether that’s from their bank, mobile phone or another service provider, or by the cybersecurity industry to help educate consumers. We all play a part.“

“While AI companies do put restrictions on malicious usage, most of them are not very successful at it. They need to be doing more to stop the use of their platforms for nefarious purposes – it cannot only be left up to legislation to enforce boundaries for what kind of content can be generated. Bottom line, the companies developing these tools should also be held up to a higher moral standard.”

Multi-stage scams will become more prevalent 

Joel Latto, Threat Advisor, says: “Cybercriminals have long relied on social engineering, and multi-stage scams represent some of their most deceptive tactics. These schemes often involve direct interaction with victims, enhancing their believability. For instance, a scammer might call a victim claiming they’ve applied for a loan. When the victim denies it, they are “transferred” to a supposed bank representative—another scammer, probably sat next to them—who proceeds to seek sensitive banking details. Malware further elevates these schemes, rerouting legitimate customer service calls to fraudsters or tricking victims into contacting fake numbers embedded in phishing emails.

“Such scams are effective because victims believe they are speaking with genuine, helpful representatives, which makes them more susceptible under pressure. This is something we’ve seen dramatised through TV series’ such as Cold Call, which has recently rocketed up the charts on Netflix following its release five years ago. Perhaps more popular now because scams are much more commonplace, and viewers are much more likely to relate.

“Until now, the scalability of these scams was limited by the human capacity of fraudsters, who could only handle a limited number of interactions in specific languages and time zones. AI is changing this equation. With the rise of sophisticated conversational AI chatbots, scammers can now mimic real human interactions at scale, conducting conversations 24/7 across multiple languages. Coupled with realistic deepfake audio, these new call-based scams blur the line between human and machine interaction, making them far more dangerous than traditional robocalls.

“To counter these evolving threats, defenses must adapt, and mobile phone service providers must act. Blocking call-forwarding malware, detecting suspicious numbers, and developing sophisticated audio analysis tools to spot deepfakes are essential. Equally critical is educating users about the signs of scams and potential red flags. Defensive strategies must evolve as fast as attackers’ capabilities, leveraging AI-driven solutions and strong collaboration between cybersecurity experts, telecom providers, and regulatory bodies.”

High-yield, high-risk: the rise of Bitcoin investment scams on a new playing field

Sarogini Muniyandi, Senior Manager, Scam Protection Engineering, says: “Decentralised Finance (DeFi) is a new blockchain-based financial service that’s been gaining traction and acceptance over the last year. DeFi refers to financial services provided by an algorithm on a blockchain, without a financial services company. It is an alternative approach that largely operates outside the traditional centralized financial infrastructure.

“As DeFi becomes mainstream, scammers will take advantage of anyone interested in Bitcoin investment and other digital assets, especially those that are unfamiliar with the risks of blockchain-based finance. By 2025, DeFi is expected to attract even more users seeking alternatives to traditional finance. The DeFi market provides loans, interest-bearing accounts, and high-yield investments that promise substantial returns, which can entice investors of all experience levels. With the rising popularity of DeFi, the total value locked (TVL) in these projects is projected to grow, making it a prime target for fraudsters who can steal funds on a larger scale.

“DeFi platforms operate on decentralised blockchain networks, allowing users to participate without traditional identification or regulatory oversight. This open environment enables scammers to steal victims’ funds and vanish into thin air, all while remaining anonymous. By manipulating the smart contract and tools used to automate DeFi functions, the risks of stealing investor funds are at stake. Some DeFi platforms offer investors with unsustainable, extremely high-yield rates for farming Bitcoin derivatives, only for investors to later discover they can’t withdraw their Bitcoin or that the platform has disappeared with their funds.

‘While DeFi offers financial freedom and potential profits, its open, unregulated, and anonymous nature also creates a ripe environment for scams – something every Bitcoin investor needs to be aware of in 2025.”

IT.ie launches gamified cybersecurity awareness training

IT.ie, the Irish IT managed services company, today, coinciding with Cybersecurity Awareness Month, announces the launch of a new gamified cybersecurity awareness training in a bid to help businesses to tackle the increasing risk of cyberattacks.

The service, which keeps employees on their toes by simulating real cyberattacks, reflects a growing use of gamification by organisations globally and across multiple industries to drive user engagement and business success. A study conducted by TalentLMS found that gamification increases engagement levels during cybersecurity training by 70%.

New regulations, including NIS2 and DORA, are resulting in ensuring that businesses are much more accountable for cybersecurity. Minimising the risk posed by employees will therefore help to reduce the success of attacks. This will save businesses money through decreased insurance premiums, as well as any money that may be paid as ransom.

Human error currently accounts for 90% of data breach incidents. IT.ie’s gamified solution aims to reduce that risk by creating an engaging experience which encourages employees to maintain and upskill their cyber-resistance. This is essential as hackers continue to barrage organisations and their employees with attempted attacks using methods such as phishing, social engineering, malware, ransomware, and spoofing.

IT.ie’s solution begins with a gap analysis, which identifies areas where individuals may be vulnerable and require improvement such as awareness of phishing tactics, or effective password management. The result of the analysis allows IT.ie to create a personalised training path for each user to strengthen the areas where they are weakest.

These training paths feed into Learn.IT, which involves digestible, interactive sessions designed to be engaging, allowing employees to develop their knowledge in manageable increments without significant disruption to their daily workflow.

The gamification comes into play with the Phish.IT element of the solution, which regularly targets employees with realistic phishing attempts to test their recognition, awareness, and response to threats. These simulated attempts mean that employees can get practical use out of the skills they have developed through the training.

As employees engage with the solution, this feeds into an overall company risk score. Over time, businesses and their employees can see the benefits that the training is having as their score decreases. This measurement of success also helps to create a sense of collective responsibility and a positive cybersecurity culture within organisations.

Eamon Gallagher, founder and managing director, IT.ie, said:

Through experience, we know that the journey a business takes in developing a coherent cybersecurity strategy is not achieved overnight, and employees are the last line of defence in terms of the cyber threat landscape. Our Cyber Awareness Training & Phishing simulation platform paves the way for organisations to invest in their people so as to ensure the development of a robust and healthy cyber security culture.  Our goal is to create an experience that is personalised, easily consumable and not overly disruptive from other important day-to-day tasks.”

HP Wolf Security Uncovers Evidence of Attackers Using AI to Generate Malware

HP has issued its latest Threat Insights Report revealing how attackers are using generative AI to help write malicious code. HP’s threat research team found a large and refined ChromeLoader campaign spread through malvertising that leads to professional-looking rogue PDF tools, and identified cybercriminals embedding malicious code in SVG images.

The report provides an analysis of real-world cyberattacks, helping organisations to keep up with the latest techniques cybercriminals are using to evade detection and breach PCs in the fast-changing cybercrime landscape.  Based on data from millions of endpoints running HP Wolf Security, notable campaigns identified by HP threat researchers include:

  • Generative AI assisting malware development in the wild: Cybercriminals are already using GenAI to create convincing phishing lures but to date there has been limited evidence of threat actors using GenAI tools to write code. The team identified a campaign using VBScript and JavaScript believed to have been written with the help of GenAI. The structure of the scripts, comments explaining each line of code, and the choice of native language function names and variables are strong indications that the threat actor used GenAI to create the malware. The attack infects users with the freely available AsyncRAT malware, an easy-to-obtain infostealer which can record victim’s screens and keystrokes. The activity shows how GenAI is lowering the bar for cybercriminals to infect endpoints.
  • Slick malvertising campaigns leading to rogue-but-functional PDF tools: ChromeLoader campaigns are becoming bigger and increasingly polished, relying on malvertising around popular search keywords to direct victims to well-designed websites offering functional tools like PDF readers and converters. These working applications hide malicious code in a MSI file, while valid code-signing certificates bypass Windows security policies and user warnings, increasing the chance of infection. Installing these fake applications allows attackers to take over the victim’s browsers and redirect searches to attacker-controlled sites.
  • This logo is a no-go – hiding malware in Scalable Vector Graphics (SVG) images: Some cybercriminals are bucking the trend by shifting from HTML files to vector images for smuggling malware. Vector images, widely used in graphic design, commonly use the XML-based SVG format. As SVGs open automatically in browsers, any embedded JavaScript code is executed as the image is viewed. While victims think they’re viewing an image, they are interacting with a complex file format that leads to multiple types of infostealer malware being installed.

Val Gabriel, Managing Director of HP Ireland, comments: 

There has long been speculation about AI being used by attackers, but evidence has been scarce, so this finding is significant. Typically, attackers tend to obscure their intentions to avoid revealing their methods, so this behaviour indicates an AI assistant was used to help write their code. It’s cases like this that showcases threat actors are constantly updating their methods. Instances like this one further lower the barrier to entry for threat actors, allowing novices without coding skills to write scripts, develop infection chains, and launch more damaging attacks. So, businesses must build resilience, closing off as many common attack routes as possible and adopt a defence in depth strategy to mitigate any risks.”

By isolating threats that have evaded detection tools on PCs – but still allowing malware to detonate safely – HP Wolf Security has specific insight into the latest techniques used by cybercriminals. To date, HP Wolf Security customers have clicked on over 40 billion email attachments, web pages, and downloaded files with no reported breaches.

The report, which examines data from calendar Q2 2024, details how cybercriminals continue to diversify attack methods to bypass security policies and detection tools, such as:

  • At least 12% of email threats identified by HP Sure Click bypassed one or more email gateway scanners, the same as the previous quarter.
  • The top threat vectors were email attachments (61%), downloads from browsers (18%) and other infection vectors, such as removable storage – like USB thumb drives and file shares (21%).
  • Archives were the most popular malware delivery type (39%), 26% of which were ZIP files.

HP Wolf Security[i] runs risky tasks in isolated, hardware-enforced virtual machines running on the endpoint to protect users, without impacting their productivity. It also captures detailed traces of attempted infections. HP’s application isolation technology mitigates threats that can slip past other security tools and provides unique insights into intrusion techniques and threat actor behaviour.

Keeping Patient Data Safe: Why Cybersecurity Is Important in Medicine

Like most areas of our society, health care has wholeheartedly embraced the boom of digital technology. Computerised equipment and ‘smart’ medical devices have revolutionised patient care, and looking back on the last twenty years, the sorts of advancements that have come about are nothing short of outstanding. 

Of course, it’s not perfect. As is the case with any infrastructure that relies heavily upon technology, there’s always the concern of cyber security. In this article, you’ll learn about the main considerations medical institutions need to make. 

On Data Breaches

Given the vast amounts of personal, sensitive data that hospitals and medical centres deal with on a daily basis, they’ve become a prime target for cybercriminals

Whether it be stealing patient medical histories, financial records, insurance details, bank information, and more, hackers frequently seek to target hospitals for the immense value this sort of data has on the black market for use in fraud and ransom schemes. 

Thankfully, hospitals have now started to employ rigorous encryption methods to ensure patients are protected.

The Risk Involved With Medical Devices

While there wasn’t much concern even ten years ago, the leap in technological advancements seen in medical devices has become a hot topic where cybersecurity is concerned. 

More and more frequently, implantable devices and screening equipment are connected to the internet as standard; this can offer very valuable insight for researchers, but it comes at the added cost of potentially compromising cyber security. 

Aside from the obvious worrisome issue of personal data being leaked, there’s the much more serious implication of hackers being able to interfere with the actual mechanisms of these devices – a very dangerous precedent for patient safety. 

Thankfully, companies like Blue Goat Cyber exist: they work to secure medical devices from a cybersecurity perspective before they even hit the market.  

Training and Awareness in Cybersecurity


When we’re talking cybersecurity, it’s mostly all about letting the latest technology do the work. That doesn’t mean to say that human intervention isn’t crucial, however. 

Over the last several years, hospitals and medical centres have placed a huge focus on training their staff on how to safely handle sensitive and private data. This sort of training includes cyber hygiene (how to keep data organised and properly dispose of information no longer needed), how to distinguish fishing from regular email, and what steps to take to appropriately damage control in the unfortunate event that an attack does happen. 

Protecting against cyber attacks in a medical setting requires tight collaboration, as it can only take one weak link to have everything fall down like a stack of cards. Software and hardware – if properly maintained – is usually always rocksteady, so human error represents a key area for risk mitigation. 

Wrapping Up

While data breaches and cyberattacks in hospitals may be a scary prospect, with rigorous testing, thorough staff training, and the use of the latest cybersecurity software and hardware, the risks can be managed sufficiently enough that there isn’t a major cause for concern. Hopefully, you now have a better idea of how this standard can be accomplished. 

Expel Announces Expansion into Ireland with Creation of 50 Cybersecurity Jobs

Expel, the leading managed detection and response (MDR) provider, today announced plans to establish a fully remote workforce in Ireland, creating up to 50 high-skilled cybersecurity jobs over the next three years, thanks to the support of the Irish Government through IDA Ireland.

Expel’s investment is part of its ongoing expansion strategy into the EMEA (Europe, Middle East, and Africa) market and aims to tap into Ireland’s thriving technology ecosystem and skilled talent pool.

With a diverse customer base spanning industries such as aviation, technology, and professional sports, Expel’s move into Ireland marks a significant milestone in its global expansion efforts. Expel is trusted by some of the world’s most recognisable brands for their cyber security needs. The company combines world-class security practitioners and its AI-driven platform, Expel Workbench™, to provide cutting-edge visibility for cloud, hybrid, and on-premises environments.

This strategic expansion into Ireland underscores the country’s reputation as a global hub for technology and cybersecurity innovation. As Expel continues to strengthen its foothold in EMEA since its initial expansion into the market in late 2022, collaboration with IDA Ireland and this investment highlights an exciting cornerstone for the future of cybersecurity technology and the accompanying booming workforce in the region.

Emer Higgins, Minister of State for Enterprise, Trade and Employment, welcomed the announcement, saying: “We are delighted to welcome this investment in Ireland’s growing cybersecurity sector. The establishment of Expel’s remote workforce, creating 50 new high-quality jobs, demonstrates the strength of Ireland’s position as a hub for innovation and digital expertise. This commitment not only reinforces our reputation as a leader in the tech industry but also provides valuable opportunities for skilled professionals across the country. We look forward to supporting Expel’s continued success and growth in Ireland.”

 

Cat Starkey, Chief Technology Officer of Expel, said: “Ireland offers the rare mix of a world-class technology infrastructure, a highly talented workforce, and a cybersecurity culture that aligns with our own, making our decision to invest in growing our team there an easy one. We’re thrilled to grow our presence in Ireland, and we look forward to welcoming some of the world’s best cybersecurity professionals and engineers as Expletives.”

Michael Lohan, CEO of IDA Ireland said: “Cyber security continues to be an important cluster across Ireland, and we are a recognised destination of choice for global tech companies. Expel’s decision to establish operations here is a testament to the strength of our talent and technology ecosystem. We are delighted to welcome Expel and look forward to supporting their growth as they create new opportunities in cybersecurity, a critical industry for our economy and the wider global market.”

Building a Zero Trust Architecture: Key Considerations

Cybersecurity has become a major concern for businesses of all sizes. With the rise of sophisticated attacks, you’ve probably heard the term “Zero Trust” being thrown around. It’s not just a trend in the industry. It’s a shift in how we think about protecting our systems and data. The traditional approach, which assumed everything inside the network was safe, is no longer effective. In today’s world, threats can come from anywhere. So, instead of blindly trusting what’s inside, Zero Trust operates on the principle of “never trust, always verify.”

This article explores key considerations when building a Zero Trust architecture and how it can help protect your business in an ever-evolving threat landscape.

1. Understanding the Need for Zero Trust

In today’s threat environment, cyberattacks have become more complex. Organizations can no longer rely on the old method of building a strong perimeter and assuming everything inside is safe. The rise of insider threats and more advanced attack methods demand a more thorough approach.

One reason Zero Trust has gained so much attention is that attackers are increasingly targeting key identity systems. Common attacks on Active Directory (AD), for example, are on the rise. AD holds essential identity information, making it a high-value target for cybercriminals. Attackers often exploit weaknesses in privileged access management to breach systems. Once inside, they move laterally across the network, often gaining full control of the environment. This makes securing Active Directory critical when considering Zero Trust.

By implementing a Zero Trust model, businesses can better protect their identity systems, such as AD, by ensuring that every action, whether it’s a login or access to a resource, is verified continuously.

2. Identity and Access Management (IAM) at the Core

At the heart of any Zero Trust architecture is Identity and Access Management (IAM). IAM ensures that only the right people, devices, and applications can access your systems, and it does so by verifying them continuously, not just once. In the past, a user would log in and, once inside, be trusted until they logged out. Zero Trust changes that by constantly checking if the user should still be granted access.

One critical element of IAM is multi-factor authentication (MFA). MFA requires users to verify their identity through more than one method, such as a password and a mobile app confirmation. Relying on passwords alone is risky, as passwords can be stolen, guessed, or reused across multiple accounts.

Zero Trust takes identity management a step further by ensuring that users only have access to what they need, nothing more. This limits the scope of potential damage in the event of a breach.

3. Microsegmentation: Controlling Access to Network Resources

Microsegmentation is another key principle in a Zero Trust environment. In simple terms, it means breaking your network into smaller, more secure segments. This way, even if an attacker gains access to one part of your network, they can’t easily move to another part. Each segment acts like a locked room that the attacker would need additional verification to enter.

This approach helps limit lateral movement, a common tactic used by cybercriminals once they’ve breached a network. By limiting what users and devices can access, you make it much harder for attackers to navigate and compromise other parts of your environment.

Microsegmentation also works hand-in-hand with the idea of least-privilege access. Users and systems should only be granted access to the resources they absolutely need to do their job and nothing more. By applying this concept, you reduce the chances of attackers gaining access to critical resources even if they breach a less important part of the network.

4. Monitoring and Logging Everything

In a Zero Trust architecture, monitoring and logging play a critical role. Continuous monitoring allows organizations to track every request, transaction, and action happening on the network. This ensures that nothing goes unnoticed, and any suspicious behavior can be caught and responded to quickly.

Logging is equally important. By keeping detailed logs of all network activity, security teams can trace the steps of an attacker and better understand how they gained access and what they did once inside. This information is invaluable for both preventing future attacks and improving your current security measures.

Advanced monitoring tools can also help by sending real-time alerts when something unusual happens. For example, if a user suddenly tries to access a part of the network they’ve never accessed before, a security team can be notified immediately and take action to verify whether it’s legitimate.

5. Enforcing Least Privilege Access

“Least privilege” is a core principle of Zero Trust. This means that users and systems should only have the access they need to perform their tasks and nothing more. If a user needs temporary access to a resource, they should be given it for the time required and then have that access revoked.

By limiting the scope of access, even if an attacker gains control of an account, they can’t use it to access critical systems or sensitive data. Regularly reviewing access permissions is important to ensure that users aren’t sitting on permissions they no longer need.

Admins are especially important to monitor. Admin accounts often have access to sensitive data and system controls, making them prime targets for attackers. Ensuring that admin privileges are tightly controlled helps minimize the risks of a breach.

6. Protecting the Network Edge

In today’s remote work world, the network edge has expanded beyond the physical office. Employees are accessing company resources from home, cafes, and various other locations. With this in mind, Zero Trust needs to protect not just the internal network but also the devices and users accessing the network from the outside.

This means verifying users and devices every time they connect, no matter where they are. Whether it’s a cloud service, a remote worker, or an external partner, Zero Trust ensures that access is always verified, regardless of the location or device being used.

7. The Role of Automation in Zero Trust

Automation can play a significant role in enforcing a Zero Trust architecture by handling the heavy lifting of continuous verification. In a Zero Trust environment, every action, login attempt, and data access request requires validation. With hundreds or even thousands of users making requests every minute, managing these processes manually is not just inefficient—it’s practically impossible. This is where automation steps in to streamline the workload.

Automation tools can be programmed to enforce security policies consistently, ensuring that no exceptions or mistakes slip through the cracks. For instance, they can instantly revoke access for users exhibiting unusual behavior, preventing potential threats from escalating. Additionally, automated systems can monitor for known attack patterns, like credential stuffing or lateral movement, and block such actions before they cause damage.

Building a Zero Trust architecture may seem like a big task, but it’s one of the best ways to protect your organization in today’s threat landscape. By focusing on identity verification, limiting access, and constantly monitoring activity, you can secure your network without relying on outdated assumptions of trust.

As cyberattacks continue to evolve, so should your approach to security. Zero Trust offers a modern, proactive way to defend against attackers, making it an essential strategy for businesses looking to protect their data and systems effectively.