Cloud reliance heightens cyber risks for Irish businesses – PwC report

Majority of Irish executives say their organisation experienced a rise in cyber attacks since 2020

Leonard McAuliffe, a partner in PwC Ireland’s cybersecurity practice, said ransomware attacks are unlikely to abate in 2023. Photograph: Getty Images
Leonard McAuliffe, a partner in PwC Ireland’s cybersecurity practice, said ransomware attacks are unlikely to abate in 2023. Photograph: Getty Images

Increased reliance on third-party providers of cloud-based services has heightened cybersecurity risk and complexity for Irish businesses, PwC analysts have highlighted in a new report.

Based on a survey of more than 3,500 senior executives across 65 countries including 40 in Ireland, the researchers found that an overwhelming majority of Irish executives admitted their organisation had experienced an increase in cyber attacks since 2020 due to enhanced digitisation.

Businesses have significantly increased their reliance on cloud-based systems and outsourcing to third parties since the start of the pandemic, a trend which PwC said is likely to continue into 2023. Yet, just 11 per cent of respondents to the Irish story said they had fully mitigated cybersecurity risks associated with their increased use of cloud services last year.

Irish businesses are anticipating that cybercrime is likely to escalate next year. The top threats that Irish executives believe their business will face next year are email compromises and account takeovers (30 per cent); ransomware (33 per cent); attacks due to third-party breaches (28 per cent); and cloud service vulnerabilities (28 per cent).

READ SOME MORE

Close to half of respondents said they expect the attacks to come from insiders such as employees or contractors.

Leonard McAuliffe, a partner in PwC Ireland’s cybersecurity practice, said: “Driven by events no one could have foreseen, business leaders in recent years have pushed their companies and themselves beyond their comfort zones – out of the office to remote workplaces, into the cloud and along supply chains that are nearly completely digital. With each new venture has come new cyber risks which are on the rise.

“We expect cyber attacks to escalate in 2023 in Ireland and globally with ransomware not abating. Cybercrime is one of the main causes of financial and reputational damage for organisations across the world, and is a growing concern for businesses.”

But despite 50 per cent of the Irish executives surveyed admitting that their organisation had detected a significant cyber threat in the past year and prevented it from impacting operations, Irish participants (38 per cent) ranked cybersecurity risks as a lower priority than their global peers (52 per cent) when it comes to resilience.

The majority of executives surveyed said their organisations are continuing to increase their cyber budgets, PwC said. Three quarters (75 per cent) of Irish participants confirmed that they plan to spend more on cyber in 2023, 65 per cent globally.

Mr McAuliffe said despite the progress made in improving cybersecurity programmes in recent years, organisations still have “a lot more to do”.

He said: “There are three things that need to be put in place to keep pace with digital transformation and help build public trust: a strategic risk management programme, continuity and contingency planning, and clear, consistent external reporting.”

Ian Curran

Ian Curran

Ian Curran is a Business reporter with The Irish Times