Hiscox Cyber Readiness Report 2025 Reveals Impact of Cyber Attacks on Irish Companies
- 31% reported employee burnout after cyber attacks
- 25% said toxic work culture was another post attack result
- 23% cited increased employee sick days as an issue after cyber attacks
- 62% of businesses see vulnerabilities from third-party AI tools as a major risk over the next five years
- 40% of Irish businesses suffered a cyber attack in the past 12 months
- 70% paid a ransom to prevent sensitive data from being published, yet 29% had their data leaked anyway
- One in three said a cyber attack materially threatened their company’s solvency
Dublin, Ireland (7 November, 2025) – Irish companies hit with cyber attacks in the last year report that they are experiencing increased employee burnout and sick days, and a spike in toxic work culture as a result of the attack. That’s according to the Hiscox Cyber Readiness Report 2025, which surveyed 500 Irish businesses and found that 40% of Irish businesses surveyed had suffered a cyber attack in the past 12 months.
Now in its ninth year, the recent annual Hiscox Cyber Readiness Report 2025 has revealed the growing scale of cyber threats facing Irish businesses, with new risks emerging from Artificial Intelligence, as well as persistent challenges from ransomware.
Frequency and impact of attacks
In total, 40% of Irish businesses surveyed reported suffering at least one cyber attack in the past year. More than a third (36%) of those suffered a distributed denial of service (DDoS) attack, where criminals overwhelm a company’s servers with traffic, forcing systems offline and halting normal operations.
The consequences can be severe. 31% of businesses said a cyber attack had a material impact on their company’s financial health, while 28% reported greater difficulty attracting new customers.
Hidden cost of attacks
However, the hidden cost of cyber attacks lies in the toll on the so-called ‘human firewall’; the employees who serve as the first line of defence against cyber threats. As companies scramble to recover data, restore trust and rebuild their reputation, a hidden crisis is emerging with 25% of Irish employees describing their workplace as ‘toxic’ in the aftermath of a cyber event.
Of the organisations which suffered a cyber attack in the last year, 33% also reported high stress among employees, 31% cited employee burnout and 23% reported increased employee sick days. However, 38% did notice increased employee loyalty to the organisation while 33% said there was increased camaraderie among employees following the attack.
Stephen Donaldson, Head of Underwriting at Hiscox Ireland, commented:
“The financial and reputational damage caused by cyber attacks is well known, but this research sheds light on a lesser-seen impact, the effect on employees’ health and morale. The number of people reporting stress or burnout is deeply concerning, costing organisations not only through sick leave but also in lowered morale and staff retention. Employers need to look beyond the figures on the balance sheet and invest in the wellbeing of their staff, particularly in challenging times.
“The advantages of working together in a positive and coordinated way during a crisis are evident. When managed well, such situations can actually strengthen team spirit and build resilience. When your plans are solid and your team pulls together with well-defined roles and responsibilities, the effect on your people can be entirely different. It’s vital to take every potential impact on staff into account in your crisis response planning — not only during the incident itself, but also in how you support colleagues and restore morale afterwards.”
Ransomware payments often fail to deliver
Irish businesses remain heavily targeted by ransomware. Of those who suffered an attack, 70% admitted to paying a ransom in the past 12 months to prevent sensitive data being published. However, the outcomes were often disappointing:
- Over one-third (35%) still had to rebuild systems despite receiving a recovery key.
- Nearly three in ten (29%) reported that their data was leaked anyway.
AI: A threat or an opportunity?
Almost two-thirds (62%) of Irish businesses view vulnerabilities from third-party AI tools as a major emerging risk over the next five years. Moreover, 38% reported that they were targeted between 1-10 times in the last 12 months due to vulnerabilities related to AI.
At the same time, most (66%), see AI as more of an asset than a vulnerability, highlighting both the opportunities and dangers the technology presents. Although companies are beginning to take extra precautions when it comes to AI, with 42% reporting expecting that their company will invest against AI-related security risks by bringing some AI hardware and software development work in-house, and a further 38% saying that they are ensuring that cyber insurances include AI risks.
Progress but concerns remain
Despite the challenges, over half (56%) of Irish businesses believe their cyber resilience has improved in the past 12 months. One in four companies expect to expand cybersecurity and data-protection investments significantly in the year ahead.
Stephen Donaldson said the Hiscox Cyber Readiness Report 2025 also highlighted that cyber criminals are evolving just as fast as businesses adopt new technologies like AI.
“While most companies recognise AI’s potential to boost productivity, there’s real concern about the vulnerabilities it brings, especially through third-party tools.
“Ransomware in particular remains a costly and disruptive problem in Ireland. Too many businesses pay up in the hope of a quick recovery, but as the data shows, many still face leaks or system rebuilds even after payment. This underlines the importance of preparation, resilience, and having a clear incident response plan in place before an attack happens.
“Cyber resilience is no longer optional – it’s business critical. From protecting solvency to safeguarding customer trust, companies that invest early and continuously in cyber security will be the ones best placed to weather the next wave of threats.”
The report, now in its ninth year, surveyed 500 companies in Ireland as part of a global study of 5,750 businesses across seven countries. The survey was conducted by Wakefield Research. The research was conducted between 29 July and 8 August 2025.
For more information and to access the full report, please visit:
https://www.hiscox.ie/sites/
