Newsletter
Subscribe
Subscribe

Irish businesses show gaps in cybersecurity as 6 in 10 overlook regular software updates

smartphone
/ 26th June 2025 /
George Morahan

Almost six in 10 (57%) Irish businesses do not regularly update their software and half (51%) fail to run regular automated data back-ups, indicating a worrying lack of protection against cybercriminals, according to Gallagher in Ireland.

Research by the insurance broker and risk management firm shows a further 39% of Irish organisations have provided cybersecurity training to their staff.

A total of 300 business decision-makers in the UK and Ireland, including 100 from Ireland, responded to the survey to assess what critical cybersecurity tools organisations are using to protect themselves.

Some 92% of Irish businesses believe they are adequately protected against cyber-attacks, highlighting what Gallagher termed a disconnect between perception and reality.

“Our research suggests that there is a mismatch between how well protected businesses in Ireland believe they are against cyber attacks - and the steps they have taken to manage such threats," said Laura Vickers, managing director of commercial lines at Gallagher in Ireland.

Business Bulletin

"Regularly updating software is a very basic step but it is crucial for cybersecurity, as updates often include security patches that address vulnerabilities and this in turn could potentially prevent cyber attacks and data breaches.  Yet our survey shows that only 43% of Irish businesses do this.

"Automatic data backup is another crucial cybersecurity measure, as it helps protect against data loss from various incidents - such as ransomware attacks, hardware failures, and accidental deletions. Automated backups are considered more reliable and less error-prone than manual backups.

"Yet only half of Irish businesses run regular automated data back-ups.”

When asked what steps Irish organisations take to protect themselves against cyberattacks, Gallagher found 49% conduct regular automated data back-ups; 48% use multi-factor authentication for all applications utilising remote access; and 43% conduct regular updates of software.

Furthermore, 41% run system vulnerability scans; 39% provide training for all staff on cyber security; 38% use multi-factor authentication for employee email accounts; and 36% undergo regular data back-ups.

“Cybercrime is no longer a niche or occasional risk – it’s a persistent, evolving threat that affects almost every organisation in some shape or form," Vickers continued. 

"Training and awareness are crucial when it comes to protecting an organisation against cybercrime – such training will not only equip staff with the skills they need to spot a potential cyberattack, it will also help them protect their business against such an attack.

"Yet less than four in ten of the businesses in our survey have trained staff in cybersecurity, which is a big oversight.”

The survey also found that two-thirds (64%) of Irish businesses believe they are “very protected” against a cyber attack with a further 28% saying they are “quite protected”.

When it comes to the measures taken by firms to improve cybersecurity, UK businesses are more inclined than their Irish counterparts to run regular software updates.

Around 71% of UK businesses did so versus 43% of Irish firms, and 57% of British firms train all staff on cyber-security versus 39% of Irish businesses.

While numbers were still high, the businesses that feel least protected against cyber-attacks are those in the professional services (75%), healthcare (83%), IT/computing (83%) and financial services (89%) sectors.

The businesses that feel most protected against cyber attacks are those in agriculture, business services, construction, hospitality and leisure, legal services, marketing/PR, manufacturing, retail and utilities, with 100% of business decision makers in these sectors saying they feel sheltered against such threats.

Within Ireland, Munster-based businesses were the most likely to feel protected against cyber attacks, with 100% of those surveyed indicating this to be the case. Ulster-based businesses were the second most likely to feel protected (94%), followed by Dublin-based firms (92%) and those in Leinster (90%) and Connacht (89%)

Munster-based businesses were also the most likely to train their staff on cyber security, with 60% saying they had done so compared to 47% in Dublin, 38% in Ulster, 24% in Leinster and 22% in Connacht.

Cybersecurity
Almost six in 10 Irish firms overlook software updates, according to Gallagher

When it comes to regular automated data back-ups, Connacht businesses (78%) were the most likely to have taken this cybersecurity measure, followed by those in Dublin (51%), Ulster (50%), Leinster (38%) and Munster (20%).

At 60%, Munster businesses were the most likely to update their software regularly, followed by businesses in Dublin (53%), Leinster (33%), Ulster (31%), and Connacht (22%).

(Pic: Getty Images)

Sign up to The Business Plus Panel to help shape the business decisions of tomorrow and win vouchers for your opinions! 
chevron-down linkedin facebook pinterest youtube rss twitter instagram facebook-blank rss-blank linkedin-blank pinterest youtube twitter instagram