Companies need to invest in guarding against online threats, according to a new EY report...
EY has warned that Irish firms need to invest more time and money in guarding against cyber attacks.
Its 19th Global Information Security Survey has found that cyber security incidents have increased by 30% in the past two years.
It comments that "poor staff awareness and behaviours remain the top concern and most frequent cause of incidents."
The report also highlights inadequate knowledge of information security at board level and insufficient budgets as factors which are leaving companies open to online risks.
The study found that almost three out of four Irish organisations (72%) had experienced a significant cyber security incident, compared to 57% globally.
55% of Irish executives surveyed said that they believe their organisation is unlikely to detect a sophisticated attack on their business - while only a third (33%) of executives globally say the same. The worldwide figure is down from 56% two years ago while the Irish number has stagnated.
Commenting on the findings, Hugh Callaghan, Cyber Security Leader, EY Ireland said: "Our research shows that while Irish businesses are now more focused than ever on managing cyber risk, they are still playing catch-up with cyber criminals, who continue to find ways around organisations’ security controls and exploit their employees’ lack of awareness to steal money and data.
"As advisers to clients across Ireland and internationally, we are also seeing an increase in cyber attacks that not only steal data but also destroy it. Indeed there is a real threat of a significant cyber security incident putting an unprepared organisation out of business for good, so there is an onus on companies to protect themselves by stepping up their focus and investment in tackling this threat."
Coinciding with the report, EY has opened its newly expanded Advanced Security Centre in Dublin.
It will be home to the hosts the firm’s dedicated cyber security team who conduct ethical hacking, computer forensics and vulnerability research activities.