Tag: cyber attacks

Cyber attacks hit fifth of firms as ‘online NCT’ launched

Almost one in five of Ireland’s top companies have experienced significant cyber attacks in the last two years, new data shows

The findings come as national domain registry .IE launches Ireland’s first Digital Trust Mark.

Described as an NCT for your online identity, websites and emails carrying the distinctive wolfhound symbol will give customers confidence that businesses of all sizes are operating to the highest digital standards.

“If you have an online presence, you can now be assessed on DigitalTrust.ie in just a few clicks,” said Louise McKeown Doogan, Chief Growth Officer at .IE.

“Once an organisation applies, their website, email and domain setup is assessed using a proprietary scoring evaluation that checks against industry-defined best practice.

“These checks confirm that digital fundamentals are correctly configured, responsibly managed and set up to support trust and reliability online.

“Once you receive your Digital Trust Score, you will either be entitled to carry the mark or you will have clear next steps to reach the required standard.

“We live in an age where some ransomware companies now have customer care departments, and the online health of the nation needs to improve as a consequence.”

The research found that 17pc of Ireland’s key organisations have experienced a significant cyber attack since 2024.

Conducted by Amárach on behalf of .IE, it surveyed 354 essential Irish firms in January.

It follows last week’s Garda data that fraud-related crimes more than doubled in the last 12 months, up 137pc – mainly due to bank scams, phishing and smishing.

“Our findings are concerning, particularly when we know phishing scams (60pc) and the exploitation of system weaknesses (21.3pc) are the most common ways attackers gain access,” said Ms McKeown Doogan.

“An online presence that appears to function may not always demonstrate the authenticity and trustworthiness customers expect.

“Until now there has been no visible way for consumers to know that a website meets a recognised standard – and no way for businesses or organisations to signal that they do.

“The mark signals that they demonstrate authenticity, responsible digital practice and a trustworthy online experience.

“We hope it will become a digital equivalent of the NCT and an essential part of interacting online in Ireland within the next year.”

The Digital Trust Mark is not just for .ie domains but is open to .com and other domains used by Irish organisations.

Applicants will receive a grade by the next working day and if an A-rating is achieved, businesses can display the mark on their website or in their email signature for the following 12 months.

Domains that do not reach an A-rating will be given a detailed outline of what and how they can improve.

See digitaltrust.ie for more information.

Majority of Irish business leaders believe artificial intelligence could pose a risk to their business

Nine in ten Irish businesses (90%) are concerned about the risks artificial intelligence (AI) poses to their business. This compares to six in ten (63%) UK businesses, suggesting that Irish businesses are more worried about AI than their UK counterparts.

Research from insurance broker and risk management company Gallagher in Ireland has revealed that almost nine in ten (89%) Irish businesses are concerned about the increased threat of privacy violations and data breaches which AI could bring, with a similar number (88%) worried about the potential for AI to produce misleading or incorrect information.

Gallagher commissioned a survey of 300 business decision makers across the UK & Ireland, 100 of which are based in Ireland. The survey examined the level of concern about AI amongst Irish businesses and what those concerns related to.

Top six AI risks identified by Irish businesses:

  1. Increased threat of privacy violations and data breaches (89% of Irish businesses said they are concerned about this)
  2. Errors and the potential for AI to produce misleading or incorrect information (88%)
  3. Algorithm bias and discrimination (84%)
  4. Liability or legal accountability in the misuse of AI (83%)
  5. Greater vulnerability to cyberattacks and fraud (82%)
  6. The lack of skills within their organisation to leverage AI (82%).

Commenting on the survey findings, Laura Vickers, Managing Director of Commercial Lines in Gallagher said:

“AI is a rapidly evolving technology that has advanced at a quick pace. While there are many benefits to using the technology, including its ability to streamline processes and offer an enhanced customer experience, our research shows that its fast-growing capabilities and increasingly widespread use have raised concerns amongst businesses.

“Many entrepreneurs and managers have spent years, even decades, building up their firms into successful businesses, therefore it is essential that they proactively address any potential risks.”

 Gender, age and geographic divides

 Other highlights to emerge from the Gallagher research include:

  • 100% of business decision makers in legal, manufacturing, marketing and public relations, utility, business services and professional services firms said they were concerned about the risks AI posed to their business.
  • Concern about AI risks was also high amongst healthcare businesses (96% of business decision makers in this sector said they were concerned about the risks AI posed to their business), financial services firms (94%), construction (89%), hospitality and leisure (88%) and retail (87%).
  • The firms displaying lower levels of concern about AI risks were IT and computing businesses, where only half (50%) of respondents expressed concerns about the technology.
  • Businesses in Dublin (94%), Ulster (94%) and Connacht (89%) are most inclined to be concerned about the risks which AI could pose to their firm while Munster (80%) and Leinster (81%) firms were least concerned.

Ms Vickers added: “It is interesting that our survey found that IT businesses were amongst the least concerned about AI. Perhaps this suggests that those working in IT are more familiar with and better able to understand and manage AI. If Irish businesses learned more about this technology, it may help them to overcome their fear around it – and it may also empower them to make the most of the new technology, while also avoiding the risks and dangers it might bring.”

Almost a third of businesses in Ireland reserve budget for paying ransoms

Expleo, a global engineering, technology and consulting service provider, today announces research findings which show that 31% of businesses in Ireland reserve budget to pay ransoms in the event of successful cyber attacks. The survey also found that despite most organisations tackling multiple cyber-threats on an ongoing basis, only a small proportion expect to fall victim to a cyber-attack in the next 12 months.

In anticipation of the launch of its Business Transformation Index 2024, Expleo’s analysis surveyed medium- to large-sized businesses across the island of Ireland, uncovering the impact and prevalence of cybersecurity threats. It found that the payment of ransoms, and the expectation of paying them, is embedded in many organisations’ cybersecurity strategies. In the last 12 months alone, 33% of businesses have paid a ransom to cyber-criminals.

The research found that one-third of enterprises have been severely impacted by an incident within their organisation in the last 12 months, while 31% have been severely impacted by a cybersecurity incident in their supply chain.

Given the devastating impact that cyber-attacks have on business operations and customer trust, the research found that businesses are preparing for significant investments in cybersecurity in the next 12 months. Expleo’s research found that the average enterprise in Ireland will spend €1.18M on cybersecurity in the next 12 months with one in seven spending more than this. Signalling what this could be spent on for some, a sizeable proportion (27%) of organisations reported that their security technologies and processes are outdated. Meanwhile, a quarter of businesses admitted that they do not invest enough in cybersecurity.

Overall, the survey pointed to an acceptance among businesses in Ireland that they will fall victim to cyber attacks, with 29% saying they anticipate this in the next 12 months. However, this is far lower than the proportion of businesses who fell victim to cyberattacks in the last 12 months. Half of all businesses admitted that their defences were breached by a ransomware attack in the last 12 months, rising to 53% of businesses who fell victim to social engineering attacks. In fact, of the 89% of businesses who said they were targeted with social engineering attacks in the last 12 months, 60% reported that the attacks resulted in a security breach.

The majority of businesses have also been targets of voice-cloning, phishing, whaling (phishing attacks on senior figures in the organisation), malware and AI-powered attacks in the past year, with success rates of between 40% and 50% across all cyberattacks.

Rob McConnell, Global Solutions Director, Expleo Group, said“Given the high success rates of known cyber-attack attempts, our research shows that if businesses have avoided falling victim to one type of attack, they have probably not been so fortunate with another. We have reached the point where it is not if you will be targeted, but when and how often. Every single business should expect to be targeted by sophisticated attacks on an ongoing basis. It is only with this level of pragmatism that they will be able to deploy the defences needed to combat or detect these advances.

“At the most basic level, enterprises must be confident that they are investing enough in cybersecurity and that their systems and processes are constantly being updated and reinforced. But that will only go so far in protecting them. Organisations must adopt zero-trust frameworks which mean even the CEO is not trusted by the network.

“This is the reality of doing business anywhere in the world today. Businesses that accept this can adopt a culture of openness that will remove some of the blame game associated with cybersecurity. In doing so, they will be able to work proactively towards a more robust organisation with the mindset and infrastructure needed to mitigate risk.”