Hiscox research finds 71% of Irish businesses suffered a cyber attack. Rising for the third consecutive year.
Almost three quarters (71%) of Irish businesses suffered at least one cyber attack over the last 12 months – a 22-point increase on the previous year (49%) according to new data from the latest Hiscox Cyber Readiness Report. Download the full report here.
Ireland is seen as ‘ground zero’ for cyberattacks across the annual global study, now in its seventh year, with the highest median average number of attacks (20) in all countries studied, a fourfold increase on the previous year. The global percentage of companies suffering at least one cyber attack is 53%.
In line with Belgium, The Netherlands and France, the most common point of entry for hackers was a corporate-owned server (57%), while the most common outcome was a financial loss due to Payment Diversion Fraud (43%).
Despite the high number of attacks, Ireland’s cost of all cyber attacks is relatively low: 51% stated their annual bill was less than €10,000, a big improvement on last year when only 35% were below €10,000.
Consequently, the mean and median averages have significantly dropped in Ireland, with the median cost attack €8,860 compared with €15,103 last year, while the largest single attack was €118,128, compared to €5,198,000 in the 2022 report.
As with last year’s study, Ireland is again more likely than any other country to pay a ransom (77%), with Phishing (70%) overtaking ‘unpatched servers’ (now just 20%) as the most likely entry point.
Ransoms were paid, whether to recover data or prevent the publishing of sensitive data, but only one third (33%) reported the full recovery of data, with 31% reporting the attacker asked for more money.
Irish SMEs choose Cyber Insurance
Of all countries surveyed, cyber insurance ownership is highest in Ireland (69%), and the majority of those have a standalone policy (44%). IT spending has increased from a median of €468,280 to €890,560, but cyber-specific spend has increased by just one-point, from 22% to 23%.
The changing nature of work has also made an obvious impact, as the average number of staff in Irish companies working remotely dropped from 43% to 20%. This may explain how businesses are now more concerned about “rapid business growth outpacing cyber risk management controls” (32%) and “lack of government intervention” (32%) than “employees working remotely” (23%) which was last year’s most significant concern.
Simon Sheahan, Senior Cyber Claims Underwriter at Hiscox Ireland, commented: “The fact that Ireland tops the list of cyber insurance ownership is a welcome one, but with the growing number of attacks on business increasing for the third year in a row, it illustrates how cyber must now be viewed as a standard business risk.
Preparing for the worst is welcome, but trying to stay ahead of the threats is equally important, and we see that hackers are constantly changing how they work in an effort to identify new vulnerabilities, as we can see from the rise of Phishing emails as the main entry point.
It is a positive that the median costs for Irish businesses has dropped, but the significant increase in the number of businesses being attacked means we must all remain vigilant of the growing threats.”
What is the Hiscox Cyber Readiness Report?
Now in its seventh year, the Hiscox Cyber Readiness Report surveyed over 5,005 professionals responsible for their company’s cyber security strategy across eight countries: the US, UK, Ireland, Belgium, France, Germany, Spain and the Netherlands, and more that 200 companies across Ireland.
- Businesses in Ireland more likely (77%) than any other country surveyed to pay ransom
- Only 33% of ransomware victims who paid recovered all their data
- Smallest firms hit harder - number of businesses attacked with fewer than 10 employees, rose by more than half to 36%
- Business email compromise is still the hackers’ favourite weapon
- 51% of Irish businesses say annual bill for cyberattacks was under €10,000 - global average is over €15,000
The Cyber Readiness Report 2023 shows that 69% of Irish companies now have cyber insurance as standalone or part of another policy, up from 64% two years ago. Cyber insurance coverage not only protects from financial loss but includes training resources and emergency response tools to reduce the impact of a breach on your bottom line.
Learn how your business stacks up and how you can be more cyber ready by downloading the full report.
At Hiscox, we want to help ensure your business and your clients businesses are cyber ready.
We have introduced two new tools that allows you to assess a firms cyber preparedness and resilience at managing cyber attempts and attacks - The Health Check and Maturity Model.
Assess the business in minutes: Let’s start your Cyber Health Check
Tell us about your business. Then answer seven cyber questions to receive your Cyber Health Check score. Choose the option that comes closest to how your business handles cyber security.
An in-depth evaluation: The Maturity Model
The Maturity Model offers insurance brokers a robust review of a company’s cyber risk profile.
It allows company’s and brokers to assess and gauge the firms’ strengths in six key cyber security areas, using an in-depth question set.
The result is a gold standard, value-added service, allowing companies to see where they have gaps in their cyber security operations across three key functions – people, process and technology.
To find out more about the Cyber Readiness Report 2023 or would like to discuss our range of cyber insurance solutions and please contact: