No business is too small or insignificant to escape the attention of cybercriminals. That’s the key message from Enterprise Ireland programme manager Paul Browne who is urging companies to take advantage of the new Cyber Security Review grant launched earlier this month.
A collaboration between Enterprise Ireland and the National Cyber Security Centre (NCSC), the grant offers eligible companies 80 per cent of the cost of what can best be described as a cyber health check carried out by certified cybersecurity experts. The overall value of the cybersecurity review is set at €3,000.
“Cybercriminals are some of the most innovative actors out there,” Browne points out. “They tend to be first to use new technologies and use it in malicious ways. They are using automated and AI-powered tools to do things like create video deep fakes of people with Irish accents, for example. It is now cheaper and more profitable for them to target smaller companies.”
Indeed, smaller companies might make more attractive targets as they may be less well-protected and not fully appreciate the value of the data in their possession. “Irish businesses are highly innovative and that makes their data very valuable to cybercriminals,” says Browne. “It takes courage to be innovative, but you can’t be brave if you’re constantly fending off cyberattacks.”
Digitalisation has created increased vulnerability for many businesses, he explains. “Every business is digital to one extent or another and the more digital your business, the greater the attack surface it presents. Businesses need to be able to operate and innovate in a cyber-safe way.”
This is important not just for the protection of their data but for their ability to do business. “Enterprise Ireland clients and trying to sell into international supply chains,” Browne notes. “Those international customers want to know their cyber credentials and be sure they don’t represent an additional point of vulnerability. Cybersecurity is a new commercial reality for businesses.”
The Cyber Security Review grant is not the only way in which Enterprise Ireland is helping Irish companies to bolster their cyber defences. “We are supporting a cluster of really good cyber companies,” he points out. “Some of them are using AI to scan the attack surface and screen for incoming threats. Part of our job in Enterprise Ireland is to take these innovations and spread them out across our client base. It’s like what the author William Gibson said, ‘the future is already here, it’s just not very evenly distributed’. We are trying to make sure it is distributed better.”
The grant launch coincides with Cybersecurity Awareness Month, which sees events taking place across Europe and around the world to educate the public about online threats and the importance of digital safety.
“It is worldwide collaboration to address a global issue,” he notes. “It’s not just our problem, it’s everyone’s, and organisations across the world are sharing information on it.”
Collaboration at home is important as well. “We are working closely with the NCSC, and I’ve been very impressed by what they’re doing. They are very quick to disseminate knowledge as soon as it becomes available. Cybersecurity is as much a people and a business issue as it is a technical issue. We’ve all heard about people being scammed and the work the NCSC is doing in relation to that is very valuable.”
The Cyber Security Review grant is aimed at encouraging companies to take the first steps on their security journey, Browne adds. “It gives companies access to cybersecurity experts who will assess current security measures, identify vulnerabilities, and create a roadmap to improve defences.”
Companies in receipt of the grant can choose a cyber security consultant from a list provided by Cyber Ireland, the national cybersecurity cluster organisation that brings together industry, academia and Government to represent the needs of the cybersecurity ecosystem in Ireland.
The consultant will interview key company personnel, investigate current company practices, review on-site and cloud software being used, and deliver a tailored report with actionable recommendations to improve cybersecurity. “The consultants are great at prioritising and recommending actions that companies will be able to take. They don’t try to do it all at once.”
He strongly urges companies to apply for the grant as soon as possible as it will be available for a limited time, allocated on a first-come, first-served basis, and is likely to be oversubscribed. “The application form could hardly be simpler and takes just four minutes to complete. To be eligible for the scheme, companies must be Enterprise Ireland clients. We know a lot about those companies already, so the application form doesn’t require exhaustive detail. Companies need to move fast, there is no longer any such thing as being able to fly beneath the cybercriminals’ radar.”