One fifth of Irish business held to ransom by criminals in last 12 months - security survey
Over half of Irish firms have noted an increase in the number of security incidents in the past year - with one in five held to ransom by cybercriminals.
This is according to the results of a survey commissioned by leading information security company Ward Solutions, carried out just prior to the recent WannaCry attacks.
Highlighting the scale of the ransomware issue in Ireland, the survey was carried out among 170 senior IT professionals and decision makers here.
Of the firms that said their business was held to ransom, 64pc said that the amount demanded by cybercriminals was less than €1,000.
Just 14pc of those surveyed say that they would pay the ransom if the value of the data merited it while almost half (48pc) would not pay, regardless of the value of the data.
"It’s clear from the results of our latest survey that cyber-crime has continued to grow and evolve over the past 12 months, leaving Irish businesses more vulnerable to attack than ever before," Pat Larkin, CEO, Ward Solutions, said.
"Ransomware continues to present a real threat to companies, affecting one in five of those surveyed. It’s interesting to see that just 14pc of organisations would pay the ransom, while almost half would not pay, regardless of the value of the affected data.
"It’s re-assuring to see some organisations responding to the information threat by investing in their security protection, and employee training and auditing. The ‘human firewall’ is consistently one of your greatest strengths or weaknesses when it comes to protecting your information."
The new GDPR rules will place more stringent requirements on companies to alert the authorities and data subjects and implement an established incident management plan in the wake of a data breach.
"The results indicate that there is still room for improvement when it comes to reporting security incidents to the authorities and affected third parties," said Mr Larkin.
"This will hamper companies’ ability to achieve GDPR compliance, and so organisations need to ensure that they have the systems in place to quickly and effectively react in the wake of a data breach."