Tag: #cybersecurity

Four in ten Irish businesses have suffered a cyber-attack in the last five years

Four in ten (40%) Irish businesses have suffered at least one cyber-attack in the last five years, with companies facing financial loss as a result.

Research from insurance broker and risk management company Gallagher in Ireland has revealed that more than one in eight (88%) Irish businesses have suffered financial loss and commercial disruption due to a cyber-attack in the last five years.

Gallagher commissioned a survey of 300 business decision makers across the UK & Ireland, 100 of whom are based in Ireland.

Businesses that have experienced a cyber-attack in the last five years reported additional consequences as a result including:

  • the loss of intellectual property (26%)
  • supply chain disruption (23%)
  • reputational damage (23%)
  • ransom payment demands (20%)

Laura Vickers, Director, Gallagher in Ireland spoke of the findings,

Given what we can see from the widespread impact of cybercrime, it is unsurprising that almost every Irish business leader we asked (93pc) said they are concerned about the rise in cyber-crime and the potential impact it could have on their company”.

The Top 3 in Corporate Cybercrime

  • Cyber extortion, whereby cyber criminals threaten to harm a business or steal sensitive information unless a sum of money is paid, was the most common type of attack carried out on Irish businesses, with 37% saying they had been targeted.
  • Phishing attacks, where individuals are tricked into following a malicious link or downloading an infected email attachment, was the second most common attack with 31% suffering this type of incident in the last five years.
  • Followed by what is termed “Man-in-the-Middle (MiTM) attacks”, where the perpetrator intercepts and alters communication between two parties without their knowledge – 23pc of business leaders said their organisation had fallen foul of this.

In Ireland the Gallagher report reveals that large businesses, those with annual turnover exceeding £10m, have been particularly vulnerable, with 57% experiencing cyber-attacks during this period. Mid-sized companies also show substantial exposure, with 39% reporting attacks. Comparatively, smaller businesses have been less frequently targeted, with only 9% experiencing attacks.

Prepare and Respond

Despite the increasing risk of cyber-attacks, 90% of Irish business leaders express confidence in their ability to recover quickly. This optimism may stem from the fact that 94% of businesses have a cyber insurance policy, with 89% confirming their coverage includes risk management, including vulnerability scans and threat monitoring,to mitigate potential threats.

However, the Gallagher survey also highlights areas of concern within Irish business

  • Just 39% of companies provide cybersecurity training for staff, leaving many employees susceptible to phishing and malware attacks.
  • Only 41% conduct regular system vulnerability scans, increasing the risk of undetected weaknesses being exploited by cybercriminals.
  • Less than half (48%) have multifactor authentication (MFA) in place for remote workers, potentially exposing their systems to unauthorized access.
  • Only 42% of business decision-makers are aware that reporting a cyber-attack to the National Cyber Security Centre (NCSC) is a legal requirement. Failure to comply could result in fines of up to €10 million or 2% of global turnover.

Ms. Vickers went on to comment,

“While it’s encouraging to see businesses investing in cyber insurance and risk management, security measures must go beyond just financial protection. Many businesses are still vulnerable due to gaps in employee training, system monitoring, and access controls. Cyber threats are evolving rapidly, and companies that fail to strengthen their security posture risk serious financial and reputational damage.

Equally concerning is the lack of awareness around reporting obligations. Failure to report an attack could lead to significant fines, compounding the financial losses from a breach. Businesses must take a proactive approach, not just in purchasing insurance, but in implementing robust cybersecurity practices and ensuring compliance with legal requirements.”

Understanding NIST CSF 2.0: 6 Essential Updates for Cybersecurity Professionals

Cybersecurity is ever-evolving. With technology advancing, so does the threat of hackers, and it is critical that organizations remain ahead. Hackers constantly uncover new methods of penetrating vulnerabilities, and businesses must be agile to protect sensitive information, systems, and infrastructure.

So, to help organizations reinforce their defenses, the National Institute of Standards and Technology (NIST) has released version 2.0 of the Cybersecurity Framework (CSF). Version 2.0 introduces improvements that enable enterprises to enhance their security, meet requirements, and manage risks more effectively.

Cybersecurity professionals must be familiar with NIST CSF 2.0. The revision includes significant changes that impact how companies approach cybersecurity, from supply chain security and governance to more implementation guidance.

Whether your business is a multinational or local company, these updates provide helpful information for improving security. This article looks at the six most essential changes in NIST CSF 2.0.

 

1. Expanded Scope Beyond Critical Infrastructure

 

When NIST CSF was first released, it aimed at critical infrastructure sectors such as energy, transportation, and healthcare. They were classified as at high risk for cyberattacks, so cybersecurity was a priority. 

However, since threats in cyberspace have evolved, it has become clear that all enterprises across any industry segment and size confront serious security threats. CSF 2.0 expands the scope from critical infrastructure to address this, calling all enterprises in all industries to adopt its standards.

This broader application means that companies that once thought the framework did not apply now have a systematic and tried-and-tested method for enhancing cybersecurity. Whether your company is a small startup with customer information, a medium-sized business with financial transactions, or a multinational organization with sophisticated networks, NIST CSF 2.0 gives your organization specific guidance that can be applied to strengthen your defenses. 

2. New Govern Function Added

The most significant change in NIST CSF 2.0 is the introducing of a sixth function: “Govern.” The framework was initially defined around five core functions—Identify, Protect, Detect, Respond, and Recover—focused principally on operational security controls.

So, with ever more advanced cybersecurity threats, organizations need more than technological defenses alone. They need effective leadership, good policies, and sound decision-making. The governance function was added to satisfy these needs and enable cybersecurity at the highest organizational level.

This new position places cybersecurity in the hands of business leaders, executives, and decision-makers, not in IT teams’ exclusive control. It focuses more on risk management, accountability, and alignment with business objectives so that planning for security is not something apart but is fully included in a company’s overall business.

By concentrating on governance, CSF 2.0 encourages proactive, as opposed to reactive, organizational behavior, reducing the likelihood of breaches and increasing long-term resilience. With this addition, cybersecurity is now firmly established as a core business priority, as opposed to being the exclusive concern of IT.

3. Stronger Focus on Supply Chain Security

Cyberattacks now go beyond directly attacking enterprises—oftentimes, they hit weaknesses in third-party suppliers, service providers, and vendors. A compromised partner can have a ripple effect, compromising an entire network. In response to this growing threat, NIST CSF 2.0 focuses much more on supply chain security, forcing enterprises to take a more formal and proactive approach.

With this update, firms should be able to identify prospective threats in their supply chain, establish definite cybersecurity standards for their suppliers, and monitor third-party security procedures regularly. This is especially vital for highly outsourced industries, as hackers target more minor, less secure suppliers to penetrate larger entities.

4. Improved Alignment with Other Frameworks

Various organizations with many security frameworks exist, such as ISO 27001, CIS Controls, and COBIT. Compliance with many such frameworks is cumbersome, but NIST CSF 2.0 makes aligning with them more directly easier.

Also, this increased alignment allows organizations to integrate CSF 2.0 with existing security programs without unnecessary duplication. If your organization is already implementing another security framework, adopting CSF 2.0 will supplement what you’re doing and won’t add additional work. This transition is especially valuable for companies that must comply with numerous regulatory requirements as it provides one unified method for cybersecurity.

5. More Guidance for Implementation

One of the most intimidating challenges with cybersecurity frameworks is knowing how to use them. NIST CSF 2.0 addresses this challenge by being more prescriptive in guidance and using real-world examples. Businesses now get more detailed descriptions of security, more concrete guidance for deploying the framework, and more examples showing how companies can improve their security.

Therefore, this transparency increases the usability of CSF 2.0, even for companies that do not possess in-depth cybersecurity expertise. Instead of listing general principles, the framework lists specific actions companies can take. This update provides a template for securing themselves without guesswork for companies that do not possess implementation skills.

6. Emphasis on Continuous Improvement

Cybersecurity is never a one-time activity—it is an ongoing process. NIST CSF 2.0 reinforces this idea by emphasizing continuous improvement. Companies should regularly update their security, monitor emerging threats, and modify their methods in reaction to new risks.

This adjustment recognizes that cyber threats never stop changing. Yesterday’s solution is not today’s solution. With a culture of continuous improvement, companies can stay proactive against emerging means of attack and limit their exposure to breaches. CSF 2.0 allows companies to establish a dynamic security program that adapts and does not remain static and ineffective.

Final Thoughts

The release of NIST CSF 2.0 is a significant leap forward in cybersecurity. With more scope, a new “Govern” function, increased supply chain security, better framework alignment, more guidance, and a focus on continuous improvement, this update benefits all organization sizes in strengthening their defenses.

If you work in cybersecurity, now is the time to adopt NIST CSF 2.0. It can protect your organization, meet compliance, and stay ahead in today’s ever-changing threat landscape.

 

What Are Residential Proxies? Learn More About Their Role In Online Privacy

It’s no secret that most of us get concerned about our online data. Most internet users prefer that companies not use their personal information, as surveyed in January 2025.

Today, if there is one thing that challenges privacy, it is website tracking, targeted ads, and, to an extent, the threat of data breach.

One solution to all of these problems is using residential proxies. They protect the digital identity and also provide you more control over the online presence.

This article details what residential proxies are, how they work, and why you need to take them seriously in today’s digital world and the privacy and security battle.

What Are Residential Proxies?

A residential proxy is a server that hides your internet activity using a real home IP address. These are regular ISPs, making websites assume you are a normal home user.

Unlike data center proxies, residential IPs are rarely blocked because they appear like normal people. Websites trust them more.

It works because your web request first goes to a proxy server that gives you a residential IP. It covers up your actual location so that the websites you visit can’t identify your real location.

You can learn more about residential proxies and their privacy-boosting benefits. Learn about detailed resources to take full advantage of them.

Main Features of Residential Proxies

Some important features make residential proxies effective in protecting online privacy and security:

1. Authenticity

They use real IP addresses from ISPs, which makes them ordinary users. This prevents website and anti-bot detection and blocking.

2. Geo-targeting

Users can choose between IPs from specific locations to browse region-restricted content in streaming services or to run location-based studies in the playground market.

3. Enhanced Privacy 

Residential proxies mask your real IP address so that when you visit a website, the website cannot trace what you are doing to your real physical location.

Benefits of Using Residential Proxies

If you’re looking to improve our online privacy, here are four huge bangs that residential proxies can provide to you:

1. Improved Anonymity

These proxies use genuine residential IP addresses that blend with common internet traffic. This increases the proxies’ degree of anonymity. Since your connection looks like it also has a regular home user connection, websites become quite hard to identify or even block you with this method.

2. Bypassing Geo-restrictions

You can access region-restricted content and services through IPs from certain locations. This is helpful when you are required to see some streaming platforms and sites accessible only in specific nations.

3. Enhanced Security

Residential proxies provide more security concerning your internet usage as they hide your IP address from the server, therefore acting as a connection between your device and the internet for security purposes. It is harder for cybercriminals to target you directly because of this thing.

Popular Ways to Use Residential Proxies

Due to its unique benefits, residential proxies have become necessary tools for many online activities. People use them in these main ways:

1. Web Scraping and Data Collection 

Residential proxies help you overcome anti-scraping measures by rotating IPs. This makes them perfect for:

  • Keeping competitive pricing through price monitoring in different regions.
  • Data gathering through research about trends and competitors’ offerings in the market
  • SEO analysis to ensure search rankings from various locations

2. Ad Verification and Brand Protection 

Residential proxies are being relied on by advertisers to:

  • Intercept ads to make sure they’re displayed where they are meant to be shown.
  • Prevent wastage of ad spending on click fraud
  • Watch online for counterfeit products or misuse

3. E-commerce Operations 

Residential proxies are beneficial for online sellers when:

  • Having multiple seller accounts on Amazon platforms
  • Accessing region-specific pricing information
  • Proving that promotions look differently to customers in different markets

4. Cybersecurity 

These proxies are also helpful for those security applications.

  • Masking real IP addresses for data protection purposes.
  • This will help in reducing exposure to tracking and targeted ads.
  • Gathering threat intelligence anonymously
  • Testing system vulnerabilities through simulated attacks from different locations

Residential vs. Datacenter Proxies: What’s the Difference?

The main difference between residential and datacenter proxies is where their IP addresses come from:

Residential Proxies use IPs from real household devices assigned by Internet Service Providers. This makes them:

  • Harder to detect by websites
  • Better for bypassing anti-bot systems
  • More expensive
  • Sometimes slower
  • More reliable for accessing complex sites

Datacenter Proxies use IPs from data centers and cloud servers. They offer:

  • Faster connection speeds
  • Lower costs
  • There is a higher risk of being blocked
  • Less geo-targeting options
  • Better performance for simple tasks

Choose residential proxies when you need anonymity and access to protected sites, especially for social media management or ad verification. 

Datacenter proxies work better for speed-sensitive tasks like basic web scraping or SEO monitoring, where detection risk is lower.

Things to Think About Before Using Proxies

Before diving into residential proxies, the following should be considered:

1. Cost Considerations 

Datacenter proxies tend to cost less than residential proxies. This higher price is due to how these IPs are purchased and maintained. Scarcity and complexity make real residential IPs more expensive to manage. Sometimes, this price difference can be very significant if you need proxies or have a specified budget.

2. Ethical Usage 

Using proxies responsibly matters. Read through the website’s terms of service and privacy regulations. Do not violate them. Some activities to avoid include:

  • Unauthorized web scraping
  • Identity theft
  • Cyberstalking
  • Online abuse or harassment

However, these activities are both ethically and legally wrong.

3. Provider Selection 

Find proxy providers that get their IPs legally and with users’ consent. Be wary of any free or cheap-sounding proxies, and they may:

  • Log your data
  • Inject malware
  • Have security vulnerabilities

Using a proxy that is a reputable provider will mean that using this proxy is ethical and secure.

Conclusion 

There is no denying that residential proxies are powerful resources to protect your digital identity. It uses real IP addresses to keep you anonymous and get past firewalls online.

These days, with so many data breaches every day, masking your location is a good extra protection.

The proxies are used for research purposes to learn about the market and protect their brands; meanwhile, individuals can access geo-restricted content.

Residential Proxies are another item to be included in your privacy toolbox. The cost is a small price to pay for knowing these people are there if needed in our increasingly digitally connected world.

 

One in Three Irish Households Experience Cybercrime

Kyndryl the world’s largest IT infrastructure services provider, today published new research highlighting escalating threats from cyberattacks and scams to Irish households. The findings offer an in-depth perspective on cybersecurity readiness, habits and vulnerabilities among individuals in Ireland, highlighting a lack of basic cybersecurity precautions and awareness, which include:

  • One in five (20%) respondents reported directly experiencing a cyberattack or online fraud in the past year.
  • An additional 15% reported attacks within their household. In total, more than one in three (36%) Irish households have experienced cybercrime over the last 12 months.
  • Almost half (48%) of respondents reuse the same password across multiple sites.
  • More than a quarter (26%) acknowledge using public Wi-Fi for sensitive activities like banking and online shopping, exposing themselves to attacks.

“While businesses are grappling with the complexities of maintaining future-ready IT infrastructure, as highlighted in our recent Kyndryl Readiness Report, the same principles apply to consumers: effective cybersecurity starts with people,” said Chris Davis, Managing Director, Kyndryl Ireland. “Cybersecurity readiness isn’t just about having the latest tools – it’s about fostering awareness and proactive behaviours among individuals. Increasing public awareness and education is crucial to help individuals protect themselves in an ever-evolving digital environment. At Kyndryl, we believe that a collaborative effort involving government, businesses, and educational institutions is essential to fostering a more secure digital society, and we’re committed to supporting that mission.”

The new research was conducted by 3Gem Research and Insights and builds on findings of organizational readiness that Kyndryl recently published in its inaugural Readiness Report.

Cyber threat concerns are pervasive

Cybersecurity worries are widespread, with 73% of respondents most concerned about personal devices being hacked, such as smartphones and laptops. The second biggest concern is online scams (68%), followed by identity theft (58%). Nearly half (48%) fear sensitive information being leaked through data breaches, while 28% express anxiety over ransomware attacks.

Young adults most at risk of cyber fraud

Almost one in five (21%) individuals experienced a cyberattack or online fraud attempt in the last year, with an additional 15% reporting that a household member had been targeted.

Young adults, particularly those aged 25-34, appear to be the most vulnerable, with 29% having been directly targeted by cybercriminals. This figure drops to 19% for those aged 45-54, and just 11% for individuals aged 65 and above.

Poor password practices still prevalent
Password reuse remains a major security risk, with 48% of respondents stating they use the same password across multiple accounts – a habit that significantly increases vulnerability to cyberattacks. This risky behaviour is most prevalent among 18-24 year-olds (57%), compared to 36% of those aged 65+.

Alarmingly, 41% of respondents say they rely on memory to store their passwords, making it less likely they use strong, complex alphanumeric combinations. Reliance on memory increases with age, from 37% of 18-24 year-olds to 50% of 55-64 year-olds.

Only 24% of respondents use a password manager, considered one of the safest ways to store and generate strong passwords. Meanwhile, 17% write their passwords on paper, 12% rely on browser auto-fill, and 4% admit to using the same password for all accounts.

Risky online behaviour still common
Risky online practices remain widespread, with 26% of respondents admitting to using public Wi-Fi for online banking or shopping – leaving them exposed to potential attacks. This behaviour is particularly prevalent among younger age groups, with 41% of 18-24 year olds and 35% of 25-34 year olds engaging in this high-risk activity.

Additionally, 18% of respondents opt out of using Two-Factor Authentication (2FA), a highly effective method for securing online accounts. Among younger respondents, the figure rises to 23% of 18-24 year olds and 24% of 35-44 year olds.

Consumers have little tolerance for data breaches

Consumers expect high standards of data protection from service providers. If a breach occurred, 74% of respondents said they would be likely to stop using a financial service, such as a bank or insurance provider, while 75% would do the same for social media platforms like TikTok or Instagram.

Slightly more lenient attitudes were noted for other services: 70% would be likely to stop using a retailer, 69% an email provider, and 64% a gaming service following a breach.

Public is divided on responsibility for cybersecurity education

When asked who should take the lead in educating the public about cybersecurity, 35% of respondents believed that this was the responsibility of the National Cyber Security Centre (NCSC), the body formally responsible for Ireland’s cybersecurity. Schools were the second-most popular choice, with 19% believing they should bear primary responsibility.

Meanwhile, only 12% of respondents feel employers should play a leading role, and just 7% believe universities should be primarily responsible for cybersecurity education.

Qualcom to grow revenues to €18M by end of 2027

Qualcom, a leading Irish provider of IT and cybersecurity services, today announces that it expects to grow its revenues from €13.5 million to €18 million in the next three years. This represents approximately 10% year-on-year growth for the business by the end of 2027.

Within this timeframe, the company will increase its employee numbers by 20% across its information security, professional services, and support desk teams. Qualcom currently has a team of 70 people across its locations in Dublin and Belfast.

As well as organic growth of the business and team, the IT and cybersecurity services provider is open to accelerating this growth through acquisitions. Target companies would be similar to Qualcom in terms of services and culture.

Over the next three years, Qualcom expects to see the biggest growth in cybersecurity services, managed IT services, compliance, and round-the-clock IT support. This demand is being driven by the changing cyber risk landscape, advancements in Artificial Intelligence (AI), and expanding attack surfaces.

Qualcom is also seeing heightened demand from customers for support around standards such as ISO 20007, as businesses increasingly look to secure their supply chains in response to growing cyber threats. To meet this need, the team is rolling out a number of new cybersecurity and managed services.

As a result of this expanded offering, Qualcom forecasts that it will also grow its customer base by more than 25% by 2027. This will include organisations spanning a broad range of industries and across the island of Ireland, with a particular focus on the retail sector in Northern Ireland.

This expected growth follows on from the company recently achieving a Microsoft designation in Azure Infrastructure. In fact, it was just one of a select number of Microsoft partners in Ireland to receive this designation, which adds to its existing Microsoft Modern Work SME and Enterprise designations.

Ken Ryan, Managing Director, Qualcom“We live and work in an increasingly connected world, so the demand for comprehensive managed IT and cybersecurity capabilities will only increase in the years to come. That’s not to mention the pressure on organisations to be compliant with changing legislation and regulations.

“To meet these evolving needs, we are scaling our operations. As well as expanding the team and adding to our portfolio, we are keeping an eye out for possible acquisitions. This ambitious growth plan will further strengthen the support we provide – enabling us to deliver ultra-secure services that give customers peace of mind and drive innovation, not just today but for the future.”

International Cybersecurity Expert to Explore the Disruptive Danger of Disinformation in the Age of AI at Public Lecture

Trinity College Dublin and the ADAPT Research Ireland Centre today announced an upcoming visit of internationally renowned expert in cybersecurity, Professor David J. Hickton of the University of Pennsylvania, in March. Professor Hickton will deliver a public lecture titled: “The Disruptive Danger of Disinformation in the Age of AI” on Wednesday 5th March at 5pm in the Swift Theatre in Trinity College Dublin’s Arts Building.  The event is free and open to the public.  Registration here: https://forms.gle/rSNvsQaJXaccQpd66

Professor Hickton, a former U.S. Attorney and Founding Director of the University of Pittsburgh Institute for Cyber Law, Policy, and Security, will deliver this lecture as part of his March visit to Trinity College Dublin. During his time in Dublin, he will also engage with faculty, researchers, and students along with policymakers and other stakeholders through workshops, guest lectures, and roundtable discussions. During his visit, Professor Hickton will also assume the role of Adjunct Professor in the School of Computer Science and Statistics at Trinity College Dublin.

This timely public lecture will examine the pervasive influence of disinformation in an era defined by rapid technological advances and the rise of generative AI. Professor Hickton will explore the historical roots of disinformation, its role in undermining trust in institutions and science, and the urgent need for global cooperation to address these challenges. The lecture will also discuss potential pathways to address this growing crisis, balancing free speech with the urgent need for regulation.

Professor Hickton’s visit builds on the Memorandum of Understanding (MOU) signed last year between Trinity and the University of Pittsburgh, establishing a partnership to drive innovation in AI safety and governance. “This collaboration reflects our shared commitment to addressing the complex challenges of the digital age,” said Professor John Kelleher, Director of ADAPT. “We are honoured to welcome Professor Hickton to Dublin and look forward to the rich insights and contributions he will bring.”

To learn more about Professor David Hickton and his work, please visit: https://www.cyber.pitt.edu/people/david-j-hickton-jd

New research highlights crucial cybersecurity gaps in education sector

New research highlights the need for ongoing concern for the UK education sector’s cybersecurity posture in the light of a growing threat landscape. ESET ‘s findings reveal that nearly three-quarters (73%) of institutions surveyed have experienced at least one cyber-attack or breach in the past five years, with a fifth reporting three or more incidents. This aligns with government data from 2024, which found that 77% of education organisations had experienced a breach or attack in the previous year – far higher than the 50% of UK businesses overall that had been targeted.
Despite being a key target for cyber threats, one-third of education institutions surveyed still lack fundamental protections, such as antivirus software (33%) and strong password policies (35%2). Additionally, the majority (79%) have not adopted advanced measures like managed detection and response.
Another key but often overlooked safeguard is cyber insurance, which, according to government data, under half of primary schools (44%) and even fewer secondary schools (36%) report having in place. In fact, the ESET findings reveal that 7% of institutions operate without an annual cybersecurity budget at all.
This cybersecurity shortfall not only jeopardises organisational data but puts sensitive student information at risk. As cybercriminals increasingly target educational institutions, students’ personal and academic data remain highly vulnerable to theft or misuse. Compounding the issue, one in five (21%) education organisations surveyed admit they feel unprepared / not confident to tackle the rising tide of AI-driven cyber threats.
When asked about the main reasons why they wouldn’t take out a cyber insurance policy, many stated that they prefer to prioritise the budgets they have for cybersecurity measures (37%). Others cited concerns about payout reliability (33%) and complex or unclear policy terms (32%). Meanwhile, 28% believe cyber insurance is too expensive, while 18% revealed they simply don’t understand its value.
Top threats persist
These revelations all come at a time when education organisations continue to battle familiar foes, with data breaches (61%), malware (55%) and phishing (43%) topping their list of concerns. While three-quarters (76%) of education organisations surveyed believe their staff have excellent or good knowledge and awareness of cyber security best practices and online safety, over  half still plan to prioritise increasing staff awareness and training and expanding their cyber security tools or software over the next 12 months (55% and 51% respectively).
The case for managed support
Over three-quarters (77%) believe their institutions would benefit from enhanced cyber security measures with managed support from an external, specialist cyber security provider. However, nearly half (47%) of education organisations surveyed said they would need evidence of a cyber-attack’s potential detrimental and financial impact on their institution to help convince their finance department to approve a larger cybersecurity budget.
Jake Moore, Global Cybersecurity Advisor at ESET, commented: “Education organisations are sitting on a ticking time bomb. While it’s clear that the sector recognises the critical importance of cybersecurity, there is a huge disconnect between budget allocation, lack of insurance and its misconceptions, and inadequate measures, which is leaving institutions highly vulnerable. A comprehensive strategy that includes both cutting-edge security tools, like managed detection and response, and appropriate insurance coverage, is essential to protect against potentially devastating financial and operational impacts.
“These findings underscore the urgent need for education organisations to adopt a more robust and integrated approach to cybersecurity. Institutions can better safeguard their operations, staff and students, by increasing investment, educating stakeholders, implementing advanced solutions, enhancing training, and collaborating with specialised providers.”

Cybersecurity Challenges in Irish Online Gambling: Navigating a Complex Landscape

As the online gambling industry in Ireland continues to expand, so do the challenges associated with ensuring cybersecurity. This vibrant sector, fuelled by technological advancements and changing consumer preferences, faces a myriad of threats and regulatory hurdles aimed at safeguarding both operators and players. With the advent of new technologies and the increasing sophistication of cyber threats, the stakes have never been higher for ensuring robust cybersecurity measures are in place.

Evolving Regulatory Landscape

As mentioned earlier, online gambling in Ireland is popular, and the recent introduction of the Gambling Regulation Bill marks a significant shift in the country’s approach to the activity. This legislation emphasizes the importance of data protection and consumer safety, requiring operators to adapt swiftly to new cybersecurity requirements. In particular, the bill places a strong emphasis on the need for online gambling platforms to implement advanced security protocols to protect sensitive user data. This includes both personal information and financial transactions, which are prime targets for cybercriminals.

The regulatory landscape is further complicated by the need for compliance with international standards, such as the General Data Protection Regulation (GDPR). This European Union regulation requires companies to ensure the protection of personal data and privacy, adding an additional layer of complexity for online gambling operators in Ireland. Compliance is not just a legal obligation but also a critical component in maintaining consumer trust.

Cybersecurity Threats on the Rise

The online gambling sector is facing an increasing wave of cyber threats. Among the most common are Distributed Denial of Service (DDoS) attacks, which can cripple a website by overwhelming it with traffic. Account takeovers are another significant threat, where hackers gain access to user accounts, potentially leading to financial loss and identity theft. SQL injection attacks, which involve inserting malicious code into a database query, can also compromise user data.

The impact of these threats is not merely theoretical. Past data breaches in the sector have highlighted the severe repercussions for both operators and players. For operators, a breach can result in financial losses, legal liabilities, and reputational damage. For players, the consequences can be equally dire, undermining their trust in online platforms and deterring them from engaging with online gambling services in the future.

Harnessing Technological Innovations

To combat these threats, the industry is increasingly turning to technological innovations. The use of AI and blockchain technologies is being explored to enhance security measures. AI can help detect and respond to threats in real-time, offering a dynamic defence against cyber attacks. Blockchain technology offers numerous benefits; its decentralized and transparent nature ensures secure transaction records that are highly resistant to tampering. However, these technologies are not without their challenges. AI systems require large amounts of data to function effectively, raising concerns about privacy and data protection. Blockchain, while inherently secure, is not immune to vulnerabilities and requires careful implementation and management.

The Role of Player Protection Measures

Consumer protection regulations are at the forefront of the new gambling rules, requiring operators to implement measures against fraud and identity theft. This includes the secure handling of personal information and financial transactions. Operators are also required to install sophisticated monitoring systems that track player behaviour, identifying signs of problematic gambling. These systems must balance the need for user privacy with the need for intervention, ensuring that players are protected without infringing on their rights.

Industry Response and Future Outlook

The response from online gambling operators has been proactive. Many have invested in specialized IT teams and advanced security software to bolster their defences against cyber threats. Collaboration with cybersecurity firms is becoming increasingly common, facilitating the sharing of threat intelligence and best practices. These partnerships allow operators to stay ahead of emerging threats and ensure their platforms are secure.

Looking ahead, the future of cybersecurity in the Irish online gambling industry will likely be shaped by ongoing regulatory changes, technological advancements, and the evolving threat landscape. As global standards influence local practices, operators must remain vigilant and adaptable to maintain the trust and security of their users. The dynamic nature of the online gambling industry in Ireland challenges operators to not only comply with regulations but also stay ahead of cyber threats. As the sector grows, so too must the commitment to robust cybersecurity measures, ensuring a safe and secure environment for all involved.

In conclusion, the cybersecurity challenges faced by the Irish online gambling industry are multi-faceted and complex. They require a concerted effort from regulators, operators, and technology providers to ensure that the sector remains secure and trustworthy. As the industry continues to evolve, the focus must remain on protecting both operators and players from the ever-present threat of cybercrime.

Cybersecurity experts show biggest scam threats for 2025

Smarter, faster, and more sophisticated scams are coming. Thanks to AI, scammers are more efficient than ever, stealing money at record rates. Every day AI tools such as ChatGPT and OpenAI are used as scam arsenal, leading to around 13 million people in the UK to lose around £1.4bn each year.

Global scam protection leader F-Secure stays one way step ahead of cyber criminals, defending people from scams before they happen. F-Secure’s team of cybersecurity experts share the new threats the country will face in 2025:

New regulations for banks, telcos and social media companies who fail to prevent scams

Calvin Gan, Senior Manager, Scam Protection Strategy, says: “Right now lawmakers around the world are targeting telecom providers, banks, and social media companies, saying they should be held responsible when their customers fall victim to fraud. Australian lawmakers are pushing through a bill that will fine companies up to $50 million for failing to protect their customers from scams, and here, in a world first, UK bank refunds for fraud became mandatory after the Payment Systems Regulator (PSR) reduced the maximum compensation from a previous proposal of £415,000 to £85,000, covering more than 99% of claims.

“Passing new laws that empower businesses to beef up protection against scams is a welcomed move. Scam fighting is not a top-down only effort but involves everyone from governments to organisations and even individuals. Just like we’ve seen with GDPR in Europe forcing companies to take data privacy more seriously, new legislation like this would create an extra protection mechanism for consumers.

“Still, there’s no 100% guaranteed way to prevent scams from happening in the first place. People need to take precautions daily, especially on scam-prone channels like social media and messaging apps.

Cheap, easy AI tools will be deployed in sophisticated cyber attacks

Laura Kankaala, Head of Threat Intelligence: “Using AI tools for malicious purposes (like generating malicious and manipulative content) has already been evident throughout this past year. As we head into 2025, we are bound to see more sophisticated attacks that leverage everyday AI tools – like ChatGPT, ElevenLabs, or basically any AI tool that is cheap and easy to access online. The reality is that cyber criminals are abusing this readily available technology to fine-tune their scams and consumers must be better informed, whether that’s from their bank, mobile phone or another service provider, or by the cybersecurity industry to help educate consumers. We all play a part.“

“While AI companies do put restrictions on malicious usage, most of them are not very successful at it. They need to be doing more to stop the use of their platforms for nefarious purposes – it cannot only be left up to legislation to enforce boundaries for what kind of content can be generated. Bottom line, the companies developing these tools should also be held up to a higher moral standard.”

Multi-stage scams will become more prevalent 

Joel Latto, Threat Advisor, says: “Cybercriminals have long relied on social engineering, and multi-stage scams represent some of their most deceptive tactics. These schemes often involve direct interaction with victims, enhancing their believability. For instance, a scammer might call a victim claiming they’ve applied for a loan. When the victim denies it, they are “transferred” to a supposed bank representative—another scammer, probably sat next to them—who proceeds to seek sensitive banking details. Malware further elevates these schemes, rerouting legitimate customer service calls to fraudsters or tricking victims into contacting fake numbers embedded in phishing emails.

“Such scams are effective because victims believe they are speaking with genuine, helpful representatives, which makes them more susceptible under pressure. This is something we’ve seen dramatised through TV series’ such as Cold Call, which has recently rocketed up the charts on Netflix following its release five years ago. Perhaps more popular now because scams are much more commonplace, and viewers are much more likely to relate.

“Until now, the scalability of these scams was limited by the human capacity of fraudsters, who could only handle a limited number of interactions in specific languages and time zones. AI is changing this equation. With the rise of sophisticated conversational AI chatbots, scammers can now mimic real human interactions at scale, conducting conversations 24/7 across multiple languages. Coupled with realistic deepfake audio, these new call-based scams blur the line between human and machine interaction, making them far more dangerous than traditional robocalls.

“To counter these evolving threats, defenses must adapt, and mobile phone service providers must act. Blocking call-forwarding malware, detecting suspicious numbers, and developing sophisticated audio analysis tools to spot deepfakes are essential. Equally critical is educating users about the signs of scams and potential red flags. Defensive strategies must evolve as fast as attackers’ capabilities, leveraging AI-driven solutions and strong collaboration between cybersecurity experts, telecom providers, and regulatory bodies.”

High-yield, high-risk: the rise of Bitcoin investment scams on a new playing field

Sarogini Muniyandi, Senior Manager, Scam Protection Engineering, says: “Decentralised Finance (DeFi) is a new blockchain-based financial service that’s been gaining traction and acceptance over the last year. DeFi refers to financial services provided by an algorithm on a blockchain, without a financial services company. It is an alternative approach that largely operates outside the traditional centralized financial infrastructure.

“As DeFi becomes mainstream, scammers will take advantage of anyone interested in Bitcoin investment and other digital assets, especially those that are unfamiliar with the risks of blockchain-based finance. By 2025, DeFi is expected to attract even more users seeking alternatives to traditional finance. The DeFi market provides loans, interest-bearing accounts, and high-yield investments that promise substantial returns, which can entice investors of all experience levels. With the rising popularity of DeFi, the total value locked (TVL) in these projects is projected to grow, making it a prime target for fraudsters who can steal funds on a larger scale.

“DeFi platforms operate on decentralised blockchain networks, allowing users to participate without traditional identification or regulatory oversight. This open environment enables scammers to steal victims’ funds and vanish into thin air, all while remaining anonymous. By manipulating the smart contract and tools used to automate DeFi functions, the risks of stealing investor funds are at stake. Some DeFi platforms offer investors with unsustainable, extremely high-yield rates for farming Bitcoin derivatives, only for investors to later discover they can’t withdraw their Bitcoin or that the platform has disappeared with their funds.

‘While DeFi offers financial freedom and potential profits, its open, unregulated, and anonymous nature also creates a ripe environment for scams – something every Bitcoin investor needs to be aware of in 2025.”