Newsletter
Subscribe
Subscribe

76% of Irish businesses will struggle to meet NIS2 requirements

NIS2
/ 22nd January 2025 /
George Morahan

Three-quarters of IT decision-makers at Irish businesses believe they will struggle to meet all the requirements of NIS2 when the EU cybersecurity directive comes into effect this year.

Some 76% of IT decision-makers agreed that Irish businesses would struggle, and 99% have called for more financial support from government to achieve compliance.

Of the 200 respondents to a survey commissioned by Datapac and carried out by Censuswide, 34% cited organised cybercrime as the top concern among Irish firms.

Phishing and social engineering were also given by a third (33%) of respondents, and a further 27% believe that the Dark Web poses one of the biggest threats to their business.

The overwhelming majority (86%) of organisations have experienced a cybersecurity incident in the past 12 months, with 76% of these incidents escalating to a data breach.

Business Bulletin

Two-thirds of businesses are aware of their limitations, with 65% believing they lack adequate internal skills and resources to handle rising cybercrime risks.

The same number (65%) have increased their cybersecurity spending in the past year amid a wider push to enhance security measures to protect against potential data breaches and compliance risks.

Organisations are increasingly turning to managed detection and response (MDR) services, with 64% of IT decision-makers surveyed recommending MDR solutions as an effective strategy to address both compliance and security risks.

“Our survey shows that organisations in Ireland are facing increasingly sophisticated cyber threats, and pressure to keep pace with evolving regulatory demands such as NIS2," said Damien Mallon, senior systems engineer with Datapac.

"There is a clear disconnect between IT leaders and senior management when it comes to cybersecurity, and many organisations likely to be impacted by NIS2 may find themselves on the back foot if cybersecurity governance is not made a company-wide priority.

NIS2
The government did not meet the October deadline for passing the NIS2 directive into Irish law.

“In an era of ever-intensifying cyber threats, readiness is key, and businesses must assess their current cybersecurity strategies to ensure that they meet evolving needs.

"We see the importance of pairing robust internal processes and governance with external expertise, which can help organisations to strengthen their defences, achieve compliance, and thrive in an ever-changing digital landscape.”

The EU had set a deadline of 17 October for Member States to bring the NIS2 into national law, which the outgoing government failed to meet before the general election.

Photo: Damien Mallon. (Pic: Supplied)

Sign up to The Business Plus Panel to help shape the business decisions of tomorrow and win vouchers for your opinions! 
chevron-down linkedin facebook pinterest youtube rss twitter instagram facebook-blank rss-blank linkedin-blank pinterest youtube twitter instagram