The number of targeted cyber attacks have more than doubled in Ireland in the past year, but companies are identifying the attacks more quickly, new research from Accenture has found.
The study found that 31 per cent of companies are detecting three out of four attempted attacks compared with 8 per cent in 2017. The rate of successful attacks dropped from 30 per cent to 13 per cent over the period.
More than half said it often took up to seven days to detect a breach; a third didn’t discover the problem until weeks later.
Accenture’s 2018 State of Cyber Resilience report found security teams were identifying 70 per cent of attempted attacks.
Part of that success was down to increased reporting by employees outside the cyber security teams. However, although employees played a role in detecting the attacks, they also contributed to some of them. The research found among the highest frequency attacks were internal breaches and accidentally published information.
The vast majority of Irish companies said internal attacks were the most frequent, and more than half said these attacks had the greatest impact on their business. In terms of frequency, hackers were in second place at 49 per cent. Accidentally published information was third at 41 per cent.
Irish security professionals were found to be above average in cyber security capabilities identified by Accenture, demonstrating high-performing capabilities in 23 of the 33 identified by the company, which was above the global average of 19.
However, successful attacks still had a serious impact on businesses. Some 62 per cent had experienced loss of IT services because of a breach, with 40 per cent suffering financial loss and 42 per cent reporting a loss of operational services.
“Irish businesses have definitely built up their cyber resilience, with only one in eight focused cyber attacks now getting through,” said Chris Davey, security associate director at Accenture in Ireland. “However, with the number of attempted breaches notably on the rise, continued vigilance and further investment in this important security area is required.”
Companies are also taking cyber security more seriously, with almost half saying a major investment had been made between six months and a year ago, and a third expecting to increase cyber security spend over the next three years.
The study, which was conducted from January to mid-March 2018, and surveyed more than 4,600 senior enterprise security practitioners in 15 countries.