Four-fifths of all Irish data breaches come from firms' employees
Published 21/01/2014 | 02:30
IRISH companies are suffering data breaches in record numbers, according to a major new survey from The Irish Computer Society.
The survey, conducted among IT administrators in 256 Irish-based companies, reveals that more than half of Irish firms have experienced a data breach in the last 12 months, with 22pc suffering multiple breaches.
The incidence of data breaches is sharply up on the previous 12 months, where just 43pc reported a breach.
One in three Irish company IT managers say that their company's staff are not sufficiently aware of data protection issues, while some 40pc of Irish IT staff receive "insufficient" or "no" data protection training.
Asked about the correct adoption of data protection procedures, more than one in three Irish company IT managers said that policies are not implemented or are just partially implemented.
Asked about the nature of the data breaches generally suffered in Ireland, companies here said that most result from "negligent employees".
However, the next biggest threats were split between "external attackers seeking to obtain data" and "end user devices with sensitive data", such as unencrypted laptops.
The new figures come as reports of a surge in global cyber-attacks multiply.
Last week, the IT infrastructure giant Cisco reported that attacks by online criminals have risen by 14pc in the last 12 months.
Attacks were concentrated mostly against high-value corporate targets in the pharmaceutical, energy and electronics sectors.
Separately, the financial services giant AIG has reported a 30pc rise in companies booking cyber-insurance with the firm as a defence against the rise in online criminality.
A high profile hacking attack on the software firm Adobe, which exposed the details of 150 million users worldwide, is currently being investigated by the Irish data protection commissioner.
The threat of data breaches is exacerbated by moderate levels of awareness and training within Irish companies, according to The Irish Computer Society.
Some 80pc of breaches are caused by staff, with 17pc caused by third parties.
However, the scale of data breaches remains limited, with 80pc limited to less than 100 records.
The Irish IT security industry is still reeling from a series of data breaches over the last 12 months, including the hacking attack on Co Clare-based firm, Loyaltybuild, last November when more than 80,000 people had their credit and debit card details stolen by external hackers.
The attack, which resulted in separate investigations by the Garda Bureau of Fraud Investigation and the office of the Data Protection Commissioner, also compromised the personal data of up to 1.5 million European customers of Loyaltybuild.
The survey of IT administrators in 256 Irish-based companies, more than half of which employ more than 200 people, was completed by Fresh Perspectives on behalf of The Irish Computer Society.