16 May 2022

●               49% of Irish companies suffered at least one attack in the last 12 months, up from 39% in 2021

●               Ireland is the only country surveyed where cyber was not viewed as the top business risk, instead the pandemic ranked top

●               One in five business owners across the study say a cyber attack could render them insolvent

●               Costs of dealing with cyber attacks for all businesses have risen by almost a third in the past year. In Ireland, median costs doubled to €15,120 per business.

 

Ireland, Dublin (16 May 2022) – The frequency of cyber attacks in Ireland increased by 26% year-on-year – according to the latest Hiscox Cyber Readiness Report; with 49% of businesses saying they suffered a cyber attack in the past 12 months, compared to 39% in the prior year. Yet while 87% of businesses across the world see cyber as the number one threat to their financial health, Ireland stands alone, with the pandemic remaining the key business concern in contrast to other countries surveyed.

Globally, the seriousness of the cyber threat is not underestimated, with one in five (20%) of businesses across eight countries saying that a cyber attack almost rendered them insolvent – an increase of almost a quarter (24%) compared to the previous year. However, there is a huge gulf in perception between those who have actually suffered an attack and those who have not. More than half of cyber attack victims (55%) see cyber as an area of high risk; whereas amongst companies which have not yet suffered an attack, the figure is just 36%.

Now in its sixth year, the Hiscox Cyber Readiness Report - www.hiscoxgroup.com/cyber-readiness -  surveyed over 5,181 professionals responsible for their company’s cyber security strategy across eight countries: the US, UK, Belgium, France, Germany, Spain, the Netherlands and more than 200 from Ireland.

The report’s other key findings include:

●               More than three out of five respondents (62%) agree that their business was more vulnerable to an attack as a result of employees working from home. This rose to 69% in companies who employed more than 250 people.

●               Average cyber security spending per company is up 60% in the past year to €4.8 million; an increase of 250% since 2019.

●               Adoption of cyber insurance is highest in the financial services industry, where 74% of companies have cover, either through a standalone policy or as part of a wider insurance policy.

●               Irish businesses paid out ransoms more regularly than the rest, with 25% paying five times or more to recover data.

●               Irish companies reported some of the lowest average ransom costs in the study: €12,600 ransom payments and €9,900 recovery costs. The single largest ransom paid in Ireland in 2021 was €42,693.

●               The most common method of entry for Irish ransomware were unpatched servers (65%) - this was far more common in Ireland than in any other country.

 

Richard O’Dwyer, Managing Director at Hiscox Ireland, commented: “The threat of insolvency for many in Ireland is very real given the increasing costs of an attack – the median cost of an attack here has risen sharply, by nearly a third, to just over €15,300, and for some of the worst hit businesses costs topped €4.5million. Business owners will have spent years growing and investing in their business, but one cyber attack could reduce what they have built to financial rubble.

“Remote working is seen as a serious risk and this model of work is not going away any time soon. It has impacted the volume of cyber attacks as cyber criminals gain access via cloud servers, so it is vital that businesses take the necessary steps to protect themselves against the complexity and speed of cyber attacks. In particular, the success cyber criminals continue to have in breaching systems via the use of phishing emails means one of the most effective defences a business can have is continuing to raise staff awareness of the risks.”