Escalating hack attacks now affect more than one in two firms here
Published 19/01/2014 | 02:30
MORE than half of Irish companies have fallen victim to a data breach in the last 12 months, according to a new report from the country's foremost expert body.
The research, conducted among hundreds of Irish companies' IT managers by the Irish Computer Society, reveals that 51 per cent of Irish firms have suffered a data breach over the last year, a jump on 43 per cent recorded in 2012.
The report also reveals that senior Irish executives now rank the threat of hackers far more seriously than in previous years.
The Irish IT security industry is still reeling from a series of data breaches over the last 12 months, including the hacking attack on Clare-based Loyaltybuild last November when over 80,000 people had their credit and debit card details stolen by external hackers.
Last year's attack, which resulted in separate investigations by the Garda Bureau of Fraud Investigation and the Office of the Data Protection Commissioner, also compromised the personal data of up to 1.5 million European customers of Loyaltybuild.
Asked about the nature of data breaches generally suffered in Ireland, companies here say that most result from "negligent employees", according to the Irish Computer Society. However, the next biggest threats were split between "external attackers seeking to obtain data" and "end-user devices with sensitive data", such as unencrypted laptops.
The new figures come as reports of a surge in global cyber-attacks multiply.
Last week, the IT infrastructure giant Cisco reported that attacks by online criminals have risen by 14 per cent in the last 12 months, with attacks concentrated most against high-value corporate targets in the pharmaceutical, energy and electronics sectors. Separately, the financial services giant AIG has reported a 30 per cent rise in companies booking cyber-insurance with the firm as a defence against the rise in online criminality.
A high-profile hacking attack on the software firm Adobe, which exposed the details of 150 million users worldwide, is currently being investigated by the Irish data protection commissioner.
The threat of data breaches is exacerbated by moderate levels of awareness and training within Irish companies, according to The Irish Computer Society.
One in three Irish company IT managers say that their company's staff do not know anything about data protection issues, while 40 per cent of Irish IT staff receive "insufficient" or "no" data protection training.
Asked about the correct adoption of data protection procedures, more than one in three Irish company IT managers said that policies are not implemented or just partially implemented.