The rate of data breaches and cyber hacks in Ireland is steadily increasing however, people’s rate of awareness towards such crimes is staying at a considerably low level. Although many companies and managers across the country would admit that breaches are happening more frequently than ever, many have chosen to do little to nothing about it. 52% of firms in Ireland have no comprehensive strategy when it comes to preventing digital crime or data leaks according to a report from Grant Thornton. With new general data protection regulations being enforced in May 2018 by the European union such firms will have to face astronomic fines of up to 20 million euro for not complying with EU law and their responsibility to securely protect their customer’s data and information.
With the U.K.’s impending exit from the European Union, Ireland is becoming a popular target for hackers as it is left as the only English speaking country in the EU. As Ireland is a key supply partner with the US, this makes it a target to cyber-attacks. Irish firms need to be educated on the importance of implementing a secure data protection and information security program as cyber-attacks are becoming inevitable and a regular risk of day to day business. Irish businesses are more vulnerable than their EU counterparts to cybercrime, to the point where ransom payments to cyber criminals are now so frequent that many are trying to ‘expense’ them.
Cyber Attacks are on the rise.
Ernest and Young’s 19th Global Information Security Survey found that cybersecurity incidents have increased by nearly 30% in two years, with the main forms of attack aimed at stealing data and disrupting systems. The worldwide survey, conducted among 1,735 IT security professionals and executives — including 54 in Ireland — found almost three out of four Irish organisations have been the focus of attacks, compared to just over half globally. According to an article from PricewaterhouseCoopers, the frequency of cyber attacks against Irish businesses has risen from 25% in 2012 to 44% currently, considerably higher than the global average of 32%. These figures demonstrate the position that Ireland is in and should highlight to managers and CEOs the importance of implementing a reputable information management system or face the consequences that are associated with breach of data such as risking the company’s reputation, losing clients, facing court cases and with the new GDPR coming in also a substantial fine.
Investigators have warned of a clear danger to the economy from increasingly sophisticated international gangs specialising in computer crime. According to a report by the European commission global cyber crime is estimated to cost around €350 billion each year, and results in up to 150,000 job losses in Europe alone; roughly 0.6% of the total unemployed population. The average cost of fraud to organisations in Ireland has increased from €498,000 in 2014 to €1.7m, while the number of attacks has almost doubled since 2012. The cost of cyber-crime to the Irish economy is estimated at €630m annually. Taking all the figures into account, only 16% of Irish firms believe that cybercrime is a credible threat according to a Grant Thornton report.
An EC report shows that the Irish are particularly vulnerable to such cyber threats, with 57% of Irish people admitting to opening emails from strangers, while 75% said they use the same password across different online services. Companies are not guarded against cyber-attacks by merely investing in cyber security tools, people in the company are also vulnerable to attacks and should be properly trained to deal with cyber-attacks and know how to best prevent them. If you think of an information management system like a house alarm, you could have a state of the art house alarm with flashing lights but it wouldn’t make much difference if you didn’t know how to set it up or use the passcode.
How can we help?
At certification Europe, we offer ISO 27001 information security management systems certification and training programmes which provide standardised requirements for an information security management system (ISMS). ISO 27001 implements measures and takes into account the regulatory requirements for the protection of personal data. ISO 27001 certification is suitable for any organisation of any size that wishes to reduce the risk to their company and customers of data breaches and cyber hacks. Both the banking and financial sectors are particularly susceptible to data breaches. Our information security training courses are specifically designed for professionals with the responsibility of processing customer information and data. ISO 27001 training course will allow you to identify information security risks in your organisation and also show you how to successfully and confidently implement the information security system in your organisation.