More than half (55 per cent) of directors and senior executives report their organisations do not have a board-approved artificial intelligence strategy in place, according to a survey conducted by the Institute of Directors (IoD).

Despite government ambitions for Ireland to become a world leader in AI, 49 per cent of respondents said their company is currently leveraging AI to support business operations.

Caroline Spillane, chief executive of the IoD, said the research showed that members increasingly recognise AI as a critical enabler of long-term competitiveness.

When asked about the relevance of AI to their sector, 40 per cent of respondents cited AI as important for enhancing operational efficiency and a quarter (25 per cent) viewed it as critical for maintaining a competitive edge.

An additional fifth (19 per cent) acknowledged its potential benefits, though not yet essential across all businesses.

Respondents identified key drivers for AI adoption, including automation of routine tasks, enhanced decision-making accuracy, innovation-led competitive advantage, and strengthened cybersecurity and fraud detection capabilities.

In spite of a rising number of digital threats, four in five (79 per cent) of IoD members reported their organisations had not experienced a cybersecurity incident in the past year.

These insights have informed the development of new resources, training programmes, and strategic guidance designed to embed leading AI governance practices and elevate cyber security awareness as core elements of corporate governance frameworks," said Spillane of the research.

"Engagement with our member base, encompassing both early adopters and those still evaluating AI integration, has highlighted a strong appetite for practical insights on leveraging AI to enhance operational performance.”

The survey also highlighted that 73 per cent of respondents are aware of their personal liability as directors in the event of serious non-compliance with the Network and Information Security Directive 2022/2555 (NIS2).

The EU directive, which came into effect last October and is due to be implemented in Ireland later this year, introduces strengthened obligations and extends its scope to additional sectors. Notably, NIS2 places explicit responsibility for cybersecurity at board level.

Even entities not directly in scope may be affected through supply chain obligations. NIS2 requires organisations to establish and implement supply chain security policies governing relationships with suppliers and service providers.

Encouragingly, 70 per cent of respondents reported that their organisations are prepared for NIS2 compliance, reflecting an increasing awareness of the regulatory and governance imperatives associated with cybersecurity in the digital era.

“AI is also driving significant transformation across the Irish business landscape and is prompting important conversations around cyber security which is a major operation risk to business," Spillane continued.

"Establishing a robust incident response plan is no longer simply a matter of regulatory compliance – it is a fundamental component of resilient and future-ready business operations.

"With the adoption of NIS2 just around the corner it is important for board members to be aware of the extra responsibilities this will bring.”

Given the pace of change associated with emerging technologies, IoD has launched two new workshops dedicated to supporting directors and C-suite leaders. They are:

• Cyber security and Data Protection Governance. Led by Dr Valarie Lyons, who is an IoD Ireland Faculty member, and also Company Director, and Chief Operating Officer, BH Consulting.
• Digital and AI for Boards: Mastering the Essentials. Led by Garvan Callan, who is IoD Ireland Faculty member, and a Strategist, Innovator and Transformation Advisor.

Photo: Caroline Spillane. (Pic: Patrick Bolger)