Category: Cybersecurity

Grant assistance announced for businesses with Cybersecurity

Enterprise Ireland and the National Cyber Security Centre today launched the Cyber Security Review Grant which will assist SMEs to take steps to review and update their online security measures to mitigate against the risk of cyber-attacks.

The grant will be administered by Enterprise Ireland, in collaboration with the National Cyber Security Centre.  It will provide Enterprise Ireland clients with access to cyber security experts who will conduct an initial independent review of the company’s cyber security status, identify vulnerabilities, and develop a clear roadmap for the business to enhance their security measures.

The Cyber Security Review Grant is being made available from €85 million in funds that have been allocated to the Department of Enterprise Trade and Employment through the European Union’s NextGenerationEU funding instrument for supporting the digital transformation of enterprise as part of Ireland’s National Recovery and Resilience Plan. This funding is being channelled into:

•    The Digital Transition Fund for the establishment of a digital portal and to provide for direct to company supports.

•    Four European Digital Innovation Hubs with the aim of helping companies (notably SMEs) access research infrastructure, technical expertise and experimentation in order that these organisations can ‘test before invest’.

A suite of digital supports for enterprise is already available under the Digital Transition Fund through Enterprise Ireland, IDA and Údarás na Gaeltachta and the Cyber Security Review Grant launched today expands on the digital supports available from Enterprise Ireland to its clients under this Fund.

Businesses that avail of the Cyber Security Review will receive consultancy from a qualified, external cyber security expert who will investigate current company practices and review the technical implementation of both on-site and cloud software. A detailed report in line with National Cyber Security Centre’s best practise will then be delivered, outlining actionable steps to improve the company’s cyber security position.

Speaking at the launch Minister of State for Trade Promotion, Digital and Company Regulation Dara Calleary TD said: “Irish businesses are increasingly using AI and advanced digital tools to achieve success in international markets. Ensuring the security of the data used in these tools is a crucial foundation for this success. This new cyber security grant will ensure that Irish businesses who embrace digitalisation to strengthen and grow their business can do so with total confidence in their online security.”

Minister of State for Business, Employment and Retail Emer Higgins TD said: “Irish businesses are leading the way and setting the standard for digital transformation across all sectors. They understand the value of enhancing their digital security. I am delighted that the Cyber Security Grant will provide support with the essential first steps towards achieving international best practices in cyber security, an increasingly important factor when competing for business on a global stage.”

Minister of State with responsibility for Public Procurement, eGovernment and Circular Economy Ossian Smyth TD said: “DECC’s Statement of Strategy, Le Chéile 25, sets an ambitious objective to realise a vibrant and expert cyber security industry in Ireland. The collaboration of the NCSC with Enterprise Ireland to deliver this first-of-its-kind grant scheme represents a key milestone in Le Chéile 25 and in the National Cyber Security Strategy 2019-2024.”

Anne Lanigan, Divisional Manager, Technology Services, Enterprise Ireland said: “Leveraging digital tools can significantly enhance your company’s capabilities. However, it is crucial to invest in protecting sensitive information and mitigating the risk of cyber-attacks. This is especially important as recent advancements in AI have made smaller businesses more attractive targets for malicious actors. The Cyber Security Review aims to help business examine any pitfalls which may leave their systems open and vulnerable to compromise and allows them to put the appropriate measures in place. As we enter into International Cyber Awareness month I would encourage EI clients to avail of the support to help them remain one step ahead in an increasingly heightened cyber threat environment.”

Speaking at the launch, the Director of the NCSC, Richard Browne noted: “I’m delighted that we were in a position to partner with Enterprise Ireland in designing the Cyber Security Review Grant. Not only will this enhance the cyber resilience of our Irish businesses, but it supports indigenous Irish enterprises to build up our industrial capacity in cybersecurity.”

The support is available to Enterprise Ireland clients with 80% of the fixed project cost covered to the value of €3,000, encompassing all project expenses, including consultant time and other related costs.

To learn more and apply online visit www.enterprise-ireland.com/cybersecurityreview.

‘The People Hacker’ Jenny Radcliffe to headline Dublin Cybersecurity Lunch and Learn

Renowned social engineer and ‘The People Hacker,’ Jenny Radcliffe, will be the keynote speaker at an upcoming Cybersecurity Lunch and Learn Event, hosted by Viatel Technology Group on October 4th, 2024.

With a background in burglary, con-artistry, and non-verbal communication, Radcliffe has spent her career ethically exploiting the ‘human element’ to help businesses and organisations identify and address security vulnerabilities. The upcoming event, designed for senior IT managers and C-suite executives concerned about their cyber responsibilities, will provide attendees with invaluable insights into the current Irish cyber threat landscape. 

With cyberattacks becoming increasingly sophisticated, understanding the tactics employed by malicious actors is crucial in safeguarding sensitive data and protecting businesses from financial and reputational damage.

Radcliffe’s unique insights and engaging presentations have made her a sought-after speaker at cybersecurity events around the globe, and she expressed her enthusiasm for the event, stating, “I’m excited to be heading to Dublin for Viatel’s Cybersecurity Lunch and Learn Event, and I am looking forward to sharing insights and driving important discussions in the cybersecurity community.”

The Cybersecurity Lunch and Learn Event will be held at the popular FIRE Restaurant, located at the Mansion House, Dublin, from 12pm on Friday, October 4th. Prior registration is absolutely essential with places limited. Senior IT managers and C-suite executives are encouraged to register early to secure their attendance. Registration via www.viatel.com

Data loss and ransomware attacks among top cloud cybersecurity risks

A new survey from leading Irish IT managed services provider Auxilion reveals that data loss/theft and ransomware/malware attacks were the cybersecurity concerns most cited by IT leaders when it comes to the cloud – at 30% respectively.

The research, carried out by Censuswide and involving IT decision-makers across large enterprises in the Republic of Ireland, found that 40% of respondents see IT security risks as a main concern associated with adopting and managing cloud computing.

A similar proportion (42%) said that the changing cybersecurity landscape was one of the biggest obstacles to the successful delivery of their IT strategy. Moreover, one in four (26%) IT leaders in Ireland do not think current laws and regulations are sufficient to protect privacy, access, and confidentiality in a cloud-based environment.

Adding to this, almost a quarter (24%) of IT decision-makers surveyed who are currently using the cloud do not think their own organisation has sufficient capabilities to manage cloud computing and more than a third of those respondents admitted to having little or no visibility of their workloads in the cloud (36%).

Despite this, some 83% consider cloud to be a more secure approach for their organisation. It appears that IT leaders are being proactive in this area with 83% also having a cloud security strategy in place and 73% currently using a technology partner to manage their cloud strategy and services.

The study also found that the shift to cloud is set to continue with nearly all respondents (96%) expecting to migrate more workloads, applications, and processes to the cloud over the next 12 months.

On October 9th, Auxilion, HPE and Zerto will be holding an event hosted by broadcaster Ivan Yates to discuss the increased need for robust data protection, cloud security, and business continuity capabilities.

Donal Sullivan, CTO, Auxilion, said: “While the cybersecurity landscape is constantly evolving, organisations are facing an even bigger uphill battle at the moment with the rise of threats enabled by Artificial Intelligence and the introduction of the European-wide NIS2 regulation in October.

“This means businesses not only need to be more proactive when it comes to securing their data and responding to incidents, they also need to ensure that they are meeting their compliance and regulatory obligations. This requires the right technologies and partners that can support security, mobility and scalability.

“The truth is that in this day and age, resilience and recovery are as important as detection and prevention when it comes to cybersecurity. Businesses which fail to recognise this and adapt their strategy could be at risk operationally, reputationally and financially.”

Chris Rogers, Senior Technology Evangelist, Zerto, said: “Rapid recovery from a cyber incident is more than a reactive measure – it’s a critical component of a resilient and forward-thinking business strategy. The ability to swiftly bounce back from disruptions not only minimises downtime but also safeguards reputation, customer trust, and bottom line.

“The real competitive edge lies in turning these challenges into opportunities for growth and innovation, and partnering with experts to unlock advanced cyber resilience capabilities can significantly accelerate an organization’s journey to cyber maturity.”

Almost a third of businesses in Ireland reserve budget for paying ransoms

Expleo, a global engineering, technology and consulting service provider, today announces research findings which show that 31% of businesses in Ireland reserve budget to pay ransoms in the event of successful cyber attacks. The survey also found that despite most organisations tackling multiple cyber-threats on an ongoing basis, only a small proportion expect to fall victim to a cyber-attack in the next 12 months.

In anticipation of the launch of its Business Transformation Index 2024, Expleo’s analysis surveyed medium- to large-sized businesses across the island of Ireland, uncovering the impact and prevalence of cybersecurity threats. It found that the payment of ransoms, and the expectation of paying them, is embedded in many organisations’ cybersecurity strategies. In the last 12 months alone, 33% of businesses have paid a ransom to cyber-criminals.

The research found that one-third of enterprises have been severely impacted by an incident within their organisation in the last 12 months, while 31% have been severely impacted by a cybersecurity incident in their supply chain.

Given the devastating impact that cyber-attacks have on business operations and customer trust, the research found that businesses are preparing for significant investments in cybersecurity in the next 12 months. Expleo’s research found that the average enterprise in Ireland will spend €1.18M on cybersecurity in the next 12 months with one in seven spending more than this. Signalling what this could be spent on for some, a sizeable proportion (27%) of organisations reported that their security technologies and processes are outdated. Meanwhile, a quarter of businesses admitted that they do not invest enough in cybersecurity.

Overall, the survey pointed to an acceptance among businesses in Ireland that they will fall victim to cyber attacks, with 29% saying they anticipate this in the next 12 months. However, this is far lower than the proportion of businesses who fell victim to cyberattacks in the last 12 months. Half of all businesses admitted that their defences were breached by a ransomware attack in the last 12 months, rising to 53% of businesses who fell victim to social engineering attacks. In fact, of the 89% of businesses who said they were targeted with social engineering attacks in the last 12 months, 60% reported that the attacks resulted in a security breach.

The majority of businesses have also been targets of voice-cloning, phishing, whaling (phishing attacks on senior figures in the organisation), malware and AI-powered attacks in the past year, with success rates of between 40% and 50% across all cyberattacks.

Rob McConnell, Global Solutions Director, Expleo Group, said“Given the high success rates of known cyber-attack attempts, our research shows that if businesses have avoided falling victim to one type of attack, they have probably not been so fortunate with another. We have reached the point where it is not if you will be targeted, but when and how often. Every single business should expect to be targeted by sophisticated attacks on an ongoing basis. It is only with this level of pragmatism that they will be able to deploy the defences needed to combat or detect these advances.

“At the most basic level, enterprises must be confident that they are investing enough in cybersecurity and that their systems and processes are constantly being updated and reinforced. But that will only go so far in protecting them. Organisations must adopt zero-trust frameworks which mean even the CEO is not trusted by the network.

“This is the reality of doing business anywhere in the world today. Businesses that accept this can adopt a culture of openness that will remove some of the blame game associated with cybersecurity. In doing so, they will be able to work proactively towards a more robust organisation with the mindset and infrastructure needed to mitigate risk.”

Belfast cybersecurity firm ANGOKA bound for space

Belfast-based cyber security firm ANGOKA has been accepted to the Airbus Space Accelerator programme. The accelerator is described by Airbus as “an exciting opportunity not only for existing space companies, but for any business with the desire and potential to work in space”.

Speaking at an event at Farnborough International Airshow, ANGOKA director Yuri Andersson said this is a chance for ANGOKA “to deepen its ties with the space industry, helping us to develop the next generation of cybersecurity solutions.”

Airbus says the accelerator is part of the wider Community for Space Prosperity (CUSP) initiative to develop the UK’s space ecosystem, where the 14-week programme will help startups, academics and non-traditional space businesses to advance their technical offering, understand the commercial space landscape and build connections within the wider space industry.

Airbus is running the accelerator with Plexal, the London-based innovation boutique which collaborates on technology with government, startups and industry.

Mr Andersson says there is rapid growing convergence between terrestrial and non-terrestrial communication networks for improved coverage and bandwidth.

“A new space economy is being built where in the near future there will be in-space infrastructure such as in-space assembly and manufacturing, orbital data centres and human habitats,” he added.

“Much of the data will be kept in space and processed in space, and to support the communications needs of the future space economy we need new solutions for cybersecurity and digital infrastructure. With emerging cyber threats from quantum computers and AI, traditional approaches such as those based on PKI [Public Key Infrastructure], or Distributed Ledgers are no longer adequate, and this requires a complete paradigm shift.” says Mr Andersson.

ANGOKA has also been selected to the Mandala Space Ventures and the Venture into Space programmes supported by UK Space Agency.

Datapac’s Managed Threat Ops service analyses over 380 million cybersecurity events in first year

Datapac, Ireland’s leading technology solutions and services provider, is today announcing that its Managed Threat Ops service has analysed over 380 million cybersecurity events since it was first launched 12 months ago.

A cybersecurity event is any activity on an organisation’s network that may be indicative of a security concern, such as a failed login attempt or a login from a different geographical location.

Other events in the past year have included suspicious movement within company networks or otherwise unusual behaviour patterns, lateral movement techniques that may be used by attackers to move within a network after gaining initial access, and anomalous user behaviour that may indicate a compromised account or insider attack.

Managed Threat Ops provides 24/7/365 cyberthreat hunting, response, and neutralisation to stop cybersecurity incidents in their tracks. It leverages a combination of human-led expertise and AI acceleration, enabling organisations to change their cybersecurity approach from reactive to proactive and freeing up internal resources.

In its first year, the service has been adopted by customers across a broad spectrum of organisation sizes and industry verticals such as legal, the public sector, distribution, construction, retail, hospitality, and not-for-profit. Managed Threat Ops provides proactive support to businesses of all sizes, including single-site SMBs as well as national and multinational enterprises.

Since adoption, some key benefits noted by customers are that the service operates in the background with minimal notifications or interruptions to workflows, and delivers speedy remediation in times as low as 15 minutes in the event of an incident.

Driving the demand for the Managed Threat Ops service is the ever-evolving cyber threat landscape. Increasing threat sophistication means that some traditional cybersecurity solutions, such as antivirus, firewalls, and unmanaged endpoint protection, are often not enough to provide sufficient protection for businesses.

In the coming year, Datapac expects a number of key driving factors will contribute to increased uptake of the Managed Threat Ops service. These include new pieces of legislation that are due to come into effect – the NIS2 Directive and the Digital Operational Resilience Act (DORA) – which mandate robust cybersecurity measures to ensure compliance and security management best practices.

In addition, in line with growing cyber threats, cybersecurity insurance is becoming a necessity for more organisations. In order to secure favourable premiums and, in many cases, to secure cybersecurity insurance at all, organisations need to have 24/7 managed threat detection and response in place.

Patrick J Farrell Solicitors in Newbridge, Co. Kildare, adopted the Managed Threat Ops service to protect their highly sensitive organisational and customer data. “In times of increased cybersecurity threat, we felt the need to have a managed threat service and we are very happy with the service we get from Datapac in providing that,” said Niall Farrell, Managing Partner.

Karen O’Connor, General Manager, Datapac: “A key strength of the Managed Threat Ops service is its ability to cut through the cybersecurity noise, as some seemingly benign security events could bypass most traditional cybersecurity systems, posing a risk to data security. More and more organisations of all sizes are realising the benefits that 24/7 managed threat detection and response services can provide in the modern threat landscape. Managed Threat Ops is robust enough to meet the demands of larger enterprises, yet scalable enough to operate within the more moderate budgets of organisations in the SMB space. Going forward, it will also help organisations to remain compliant as new regulations come into force. We’re looking forward to continued success with the service amid increasing demand from customers for proactive and reliable cybersecurity.”

A fifth of office workers in Ireland have access to the company data of a previous employer

HCSa leading IT, cybersecurity, and digital transformation services company, is today announcing the results of new research which found that nearly a fifth (19%) of office workers in Ireland still have access to the company data of a previous employer. Of these, 48% use that previous employer’s data to help them in their current job.

The research of 503 office workers based in Ireland was carried out by Censuswide on behalf of HCS, with the support of Fortinet, a global leader driving the evolution of cybersecurity and the convergence of networking and security. The aim of the survey was to explore office workers’ attitudes to, and experiences of, cybersecurity at work. The full results and analysis of the survey are available as part of a new report by HCS called ‘HCS CyberWatch Report: Insights into 2024’s Cyber Threats’.

The study also highlighted the risk that current employees can pose to data security within organisations, if effective access controls are not in place. Of those surveyed, 43% say that in the job they have now, they have access to privileged or sensitive company data that they shouldn’t, and 52% of these admit that they access it. It is perhaps not surprising, then, that 61% of office workers don’t trust their employer to protect their own personal data.

Meanwhile, 15% of office workers say that their organisation’s cybersecurity measures prevent them from doing their job effectively. Some of those surveyed are finding ways around this, with 22% of office workers admitting to having bypassed internet access controls implemented by their organisation by using tools such as a web proxy to access blocked sites.

When it comes to working arrangements, it appears that there is still a way to go in making employees feel secure and supported outside of the office. Almost a fifth (19%) of those who work remotely or on a hybrid basis feel more vulnerable to security risks when working from home, while 27% feel they have less technical support. Some 48% of remote or hybrid workers access their company network via a secure VPN, while the same percentage (48%) use home Wi-Fi.

Dan Hegarty, Head of Sales, HCS, said: “These findings highlight the urgent need for organisations to proactively manage access permissions and implement robust access policies. In doing so, businesses can mitigate the risk of unauthorised data exposure and protect their valuable assets against potential breaches. In addition, providing ongoing awareness training can empower employees to play an active role in protecting company data. Not only will this bolster the security of sensitive customer and company information; it will uphold trust with employees regarding the safeguarding of their own personal data.

“It’s concerning to see that employees are finding ways to circumnavigate organisational security measures. Organisations need to ensure that the cybersecurity infrastructure in place is robust, while also setting out clear protocols for employees. Meanwhile, it’s crucial that employees feel supported when working outside of the office. A well-defined remote or hybrid work strategy should have cybersecurity at its core to enable employees to work securely and efficiently, with speedy remediation in the event of an issue to minimise downtime.”

Okta invests in cybersecurity team to expand presence in Ireland

Okta has announced that it will be expanding its footprint in Ireland by further investing in its cybersecurity workforce in the region. The new high level security roles to be hired in Dublin is part of Okta’s ambition to recruit world leading cybersecurity talent, combating the growing threat landscape and building a robust security culture.

Part of Okta’s recently announced Secure Identity Commitment, the cybersecurity specific roles will focus on product development, vulnerability detection, hardening Okta’s own corporate infrastructure and onboarding critical applications. They are part of continued expansion in Ireland with additional roles to be hired in sales, marketing, legal and HR.

“Identity-based attacks have become a top method for nation-state hackers and cybercriminals.  As the leading neutral identity provider, it is important for us to recruit the best talent to support our customers, partners and our own workforce,” said David Bradbury, Chief Security Officer at Okta.

“These new hires reflect our long term commitment to lead the industry in the fight against identity attacks, and leverage Ireland’s diverse and unique talent pool to accelerate our vision of enabling everyone to safely use any technology, continued Bradbury.”

The new roles and growth of the Ireland team come as Okta opens a new office in the heart of Dublin. The new 14,000 square foot LEED Gold certified office will support Okta’s investment in new headcount and provide a green and energy efficient place for employees, customers, prospects, and partners to gather and collaborate. Opening in June 2024, Okta’s Dublin office will continue to serve as an international hub, is on target for WELL Silver certification, and will be a leading pillar of sustainability in the community.

“I am thrilled that we are continuing to grow our team in Ireland, and investing in critical cybersecurity roles in our Dublin office”, commented Jimmy Kehoe, Vice President of Emerging and Ireland GM. We have built a world-class culture in Ireland. With a new and sustainable office space, our team will be able to continue to flourish and we will be able to enable our customers and business across EMEA to realise the power of identity and safely use any technology, continued Kehoe.”

For further information about Okta’s Dublin office and to explore career opportunities, visit Okta Ireland.

Ireland wins Gold at the WorldSkills Global Skills Challenge 2024 in Cybersecurity in Melbourne

An Irish team of cybersecurity experts has triumphed over Australia, Korea, Hong Kong, Chinese Taipei (Taiwan), and Singapore to take Gold at the WorldSkills Global Skills Challenge 2024, hosted by WorldSkills Australia. Mark Drinan and Luke Woodside, guided by Dr. George O’Mahony of Munster Technological University (MTU), overcame fierce competition from several nations renowned for their cybersecurity expertise.

The victory marks the first time an Irish team has triumphed in an official World Skills Competition in Cybersecurity, with Ireland first entering the cybersecurity skill in 2021. Team Ireland is now setting its sights on the upcoming WorldSkills International Cybersecurity Competition (Skill 54) in Lyon this September as part of WorldSkills Team Ireland.

The Challenge

As part of the Global Skills Challenge, the teams were put into the scenario of a real-world cyber-attack on a fictitious company that was started based on a rogue malicious USB and insider threat. Over three days the teams had to run digital forensics on an infected end-user computer, each team also had to create reports including a technical brief, a timeline of the cyber-attack, a report for the media and a report for the board of directors. This competition was about accurately identifying what happened and providing real-world preventative measures and recommendations.

The Team

 Team Cybersecurity for WorldSkills Ireland consists of Mark Drinan, a recent graduate from the Cybersecurity Masters at MTU and an engineer at IBM, and Luke Woodside, a graduate from TUS (Technological University Shannon) and Managing Director of Woodside Networks. Mark and Luke beat out stiff competition in regional competitions to make the national team. The team was trained and mentored by MTU Cybersecurity Lecturer and WorldSkills Ireland Expert for Cybersecurity Dr George O’Mahony.

The team trained on and competed nationally using MTU’s Cyber Range, a state-of-the-art cybersecurity platform unique to Ireland. The facility enables simulations of cyber-attacks on virtual organisations, providing invaluable training for students, researchers, and industry professionals without risking real-world damage or outages.

Professor Maggie Cusack, President of MTU, said, “MTU’s leadership in cybersecurity education, research and innovation, mentorship and training ensures that our graduates and trainees have the skills, capabilities and confidence to succeed at the highest levels in Ireland and globally. On behalf of everyone at MTU, I am delighted to congratulate our Team Ireland members on their extraordinary achievement of winning gold at the WorldSkills cybersecurity challenge.”

Dr. George O’Mahony – Cybersecurity Lecturer & Researcher at Cyber Skills at MTU and WorldSkills Ireland Expert Skill 54 – Cybersecurity, said, “This win is a great example of the work Ireland’s cybersecurity academics and experts are doing in preparing young Irish professionals to compete on the world stage. It highlights the calibre of talent being produced and the strong pipeline of skilled cybersecurity professionals available in Ireland. The win is a great boost to the team and a big step along their training and upskilling journey. The work Mark and Luke have put in has been a testament to their drive and determination.”

Mark Drinan, Team Ireland, said, “I am incredibly proud to represent my country and bring home a Gold Medal for Ireland. This medal represents Ireland’s commitment to investing in high-quality, practical cybersecurity education.”

Michael Hourihan (MTU) – WorldSkills Ireland Official Delegate – “This win highlights the positive outcomes that result when skills and technological careers are recognised and promoted at national and international levels. Congratulations to our competitors Luke Woodside and Mark Drinan and to our Cyber Security expert George O’Mahony.”

Ray English (TUD) – WorldSkills Ireland Chair-Technical Delegate – “The Global Skills Challenge held in Melbourne and hosted by WorldSkills Australia was a great platform for the WorldSkills Ireland Team of Luke Woodside, Mark Drinan and Cyber Security expert George O’Mahony to test their preparedness for the Olympics of Skills in Lyon in September 2024. We encourage ICT students to start their Skills Olympics journey by participating in the WorldSkills Ireland National Competitions this September, test your skills against the best nationally and possibly internationally.”