52% of Irish firms lack strategies for data leaks

The rate of data breaches and cyber hacks in Ireland is steadily increasing however, people’s rate of awareness towards such crimes is staying at a considerably low level. Although many companies and managers across the country would admit that breaches are happening more frequently than ever, many have chosen to do little to nothing about it. 52% of firms in Ireland have no comprehensive strategy when it comes to preventing digital crime or data leaks according to a report from Grant Thornton. With new general data protection regulations being enforced in May 2018 by the European union such firms will have to face astronomic fines of up to 20 million euro for not complying with EU law and their responsibility to securely protect their customer’s data and information.

With the U.K.’s impending exit from the European Union, Ireland is becoming a popular target for hackers as it is left as the only English speaking country in the EU. As Ireland is a key supply partner with the US, this makes it a target to cyber-attacks. Irish firms need to be educated on the importance of implementing a secure data protection and information security program as cyber-attacks are becoming inevitable and a regular risk of day to day business. Irish businesses are more vulnerable than their EU counterparts to cybercrime, to the point where ransom payments to cyber criminals are now so frequent that many are trying to ‘expense’ them.

Ernest and Young’s 19th Global Information Security Survey found that cybersecurity incidents have increased by nearly 30% in two years, with the main forms of attack aimed at stealing data and disrupting systems. The worldwide survey, conducted among 1,735 IT security professionals and executives — including 54 in Ireland — found almost three out of four Irish organisations have been the focus of attacks, compared to just over half globally. According to an article from PricewaterhouseCoopers, the frequency of cyber attacks against Irish businesses has risen from 25% in 2012 to 44% currently, considerably higher than the global average of 32%. These figures demonstrate the position that Ireland is in and should highlight to managers and CEOs the importance of implementing a reputable information management system or face the consequences that are associated with breach of data such as risking the company’s reputation, losing clients, facing court cases and with the new GDPR coming in also a substantial fine.

Investigators have warned of a clear danger to the economy from increasingly sophisticated international gangs specialising in computer crime. According to a report by the European commission global cyber crime is estimated to cost around €350 billion each year, and results in up to 150,000 job losses in Europe alone; roughly 0.6% of the total unemployed population. The average cost of fraud to organisations in Ireland has increased from €498,000 in 2014 to €1.7m, while the number of attacks has almost doubled since 2012. The cost of cyber-crime to the Irish economy is estimated at €630m annually. Taking all the figures into account, only 16% of Irish firms believe that cybercrime is a credible threat according to a Grant Thornton report.

An EC report shows that the Irish are particularly vulnerable to such cyber threats, with 57% of Irish people admitting to opening emails from strangers, while 75% said they use the same password across different online services. Companies are not guarded against cyber-attacks by merely investing in cyber security tools, people in the company are also vulnerable to attacks and should be properly trained to deal with cyber-attacks and know how to best prevent them. If you think of an information management system like a house alarm, you could have a state of the art house alarm with flashing lights but it wouldn’t make much difference if you didn’t know how to set it up or use the passcode.

At Certification Europe, we offer ISO 27001 information security management systems certification and training programmes which provide standardised requirements for an information security management system (ISMS).  ISO 27001 implements measures and takes into account the regulatory requirements for the protection of personal data. ISO 27001 certification is suitable for any organisation of any size that wishes to reduce the risk to their company and customers of data breaches and cyber hacks. Both the banking and financial sectors are particularly susceptible to data breaches. Our information security training courses are specifically designed for professionals with the responsibility of processing customer information and data.  ISO 27001 training course will allow you to identify information security risks in your organisation and also show you how to successfully and confidently implement the information security system in your organisation.


Person with laptop and hardhat ISO certification
Robert Lyons
Robert Lyons


Related ISO Certifications

Certification Europe small Rosette logo symbol

ISO 9001

Quality Management System

Quality Management System ISO 9001 is an internationally recognised global standard that confirms an …
Certification Europe small Rosette logo symbol

ISO 14001

Environmental Management System

ISO 14001 Environmental Management System ISO 14001 is the global standard for organisations wanting …
Certification Europe small Rosette logo symbol

ISO 45001

Occupational Health and Safety

Occupational Health and Safety ISO 45001 is an international standard that specifies requirements for …
Certification Europe small Rosette logo symbol

ISO 50001

Energy Management System

Energy Management Systems ISO 50001 is a global standard for organisations looking to improve …
Certification Europe small Rosette logo symbol

ISO 27001

Information Security Management Systems

Information Security Management Systems ISO 27001 is the international standard for managing risks related …
Certification Europe small Rosette logo symbol

ISO 22301

Business Continuity Management Systems

Business Continuity Management Systems ISO 22301 is the business continuity management system (BCMS) standard. …
Certification Europe small Rosette logo symbol

ISO 20000-1

IT Service Management Systems

IT Service Management Systems ISO 20000-1 Service Management is the international standard for quality …
Certification Europe small Rosette logo symbol

ISO 13485

Medical Devices

Medical Devices ISO 13485 is a globally recognised quality standard that identifies the requirements …
Certification Europe small Rosette logo symbol

ISO 27701

Privacy Information Management Systems

Privacy Information Management Systems ISO 27701 is the global standard for Privacy Information Management …
Certification Europe small Rosette logo symbol

BS 10012

Personal Information Management System

Personal Information Management System BS 10012 provides a framework for a Personal Information Management …
Certification Europe small Rosette logo symbol

ISO 27018

Protection of Personally Identifiable Information (PII)

Protection of Personally Identifiable Information (PII) ISO 27018 is the global standard organisations use …
Certification Europe small Rosette logo symbol

ISO 27017

Cloud Data Protection

Cloud Data Protection ISO 27017 is the global standard used by organisations to strengthen …

Related Insights

How to make small business sustainability a priority

Small business sustainability is becoming a priority in the drive towards Ireland becoming net zero – here’s…

What is circular economy and what does it mean for organisations?

The circular economy is not a new phenomenon. Read our breakdown of what the circular economy is…