Business

Almost 90% of Irish companies hit by disruption or financial loss due to cyberattacks

Rise in cybercrime a growing concern for businesses, research finds

Cyber extortion was the most common type of attack on Irish businesses at 37 per cent, the report found
Cyber extortion was the most common type of attack on Irish businesses at 37 per cent, the report found
Ciara O'Brien
Fri Apr 04 2025 - 00:01

Almost 90 per cent of Irish businesses have suffered some form of financial loss and commercial disruption as a result of a cyberattack in the past five years, new research has found.

The report, from insurance broker and risk management company Gallagher in Ireland, found 40 per cent had been the victim of at least one cyberattack in that period.

Some 26 per cent also reported the loss of intellectual property, while 23 per cent said they had experienced supply chain disruption and reputational damage, and 20 per cent had experienced ransom payment demands.

“Given what we can see from the widespread impact of cybercrime, it is unsurprising that almost every Irish business leader we asked [93 per cent] said they are concerned about the rise in cybercrime and the potential impact it could have on their company,” said Laura Vickers, director of Gallagher in Ireland.

READ MORE

Why driverless vehicles just can’t quit humans

Serial dealmaker Cathal Friel: ‘It’s important not to hand easy money to the next generation’

I was the first pregnant senior manager in the organisation. My employers were shocked

Might cuts reduce RTÉ to a newsdesk with a few commissioning editors attached?

Among the top attacks seen in the corporate world, cyber extortion was the most common type of attack on Irish businesses at 37 per cent. Phishing attacks through malicious links or infected email attachment, was the second most common attack at 31 per cent, followed by “Man-in-the-Middle” attacks at 23 per cent.

Despite the increased risk of cyberattack, the majority of companies felt they could recover quickly. Only 39 per cent said they provided cybersecurity training for staff, while only 41 per cent said they regularly carried out scans for system vulnerabilities. Less than half had implemented multifactor authentication for remote workers.

“While it’s encouraging to see businesses investing in cyber insurance and risk management, security measures must go beyond just financial protection. Many businesses are still vulnerable due to gaps in employee training, system monitoring, and access controls,” Ms Vickers said.

“Equally concerning is the lack of awareness around reporting obligations. Failure to report an attack could lead to significant fines, compounding the financial losses from a breach. Businesses must take a proactive approach, not just in purchasing insurance, but in implementing robust cybersecurity practices and ensuring compliance with legal requirements.”

The survey spoke to 300 business decision makers across the UK and Ireland, 100 of whom are based in Ireland.

Large businesses were particularly vulnerable, the report found, with those with annual turnover of more than £10 million seeing a larger incidence of cyber attacks, at 57 per cent. That compared to 39 per cent of mid-sized companies and 9 per cent of smaller businesses.

  • Join The Irish Times on WhatsApp and stay up to date

  • Sign up to the Business Today newsletter for the latest new and commentary in your inbox

  • Listen to Inside Business podcast for a look at business and economics from an Irish perspective

Ciara O'Brien

Ciara O'Brien

Ciara O'Brien is an Irish Times business and technology journalist

Business Today

Business Today

Get the latest business news and commentary from our expert business team in your inbox every weekday morning