Cybersecurity threats were growing long before the advent of Covid-19 but the migration to remote working has seen that risk grow, like the virus itself, exponentially.
For businesses, it has resulted in a crisis of existential proportions.
“Businesses worldwide are facing an increasing number of cybersecurity threats. Attacks are getting more sophisticated and their impact more severe,” says Matthijs Egger, Enterprise Ireland’s senior market advisor Benelux.
Research backs this up. A survey of more than 5,000 private and public sector organisations across the US, UK and Europe shows 61% of respondents had experienced a cyber-attack in 2019, up from 45% the previous year.
Studies from KPMG find 29% of CEOs now list cybersecurity as the issue having the biggest impact on their company. With good reason – technology company IBM suggests the average data breach in 2020 costs an organisation USD 3.86 million.
Few companies can afford to take such a hit and SMEs are hardest hit. According to the National Cyber-security Alliance, a US non-profit, 60% of small companies that suffer a breach are out of business within six months.
The situation is even graver now, with Covid exposing employers to unprecedented levels of cyber risk as staff work from home, often on their own devices and always on their home networks.
Ireland, the solution to cyber-risk
In today’s challenging environment, chief information security officers are turning to Ireland for cyber-security solutions. There are three very good reasons why. These are talent, innovation and trust, says Pat O’Grady Global Lead for Cyber-security at Enterprise Ireland.
“Ireland is a major global hub for cyber-security. It is home to more than 50 world-leading cyber-security companies, and, as a result, has become an international hotbed of cyber talent,” he explains.
This cyber-security strength is the result of what he calls the country’s “successful triple helix ecosystem” which is based on bringing business, academia and government together to collaborate on focused objectives.
In Ireland, establishing a world-class cyber-security cluster was one such objective.
It led to the formation of Cyber Ireland, an overarching body that brings together industry, academia and government to represent the needs of the cybersecurity ecosystem in Ireland, funded by Enterprise Ireland and industry.
Ireland’s education system helps too, providing second and third level training in computer science and cybersecurity. As well as dedicated cybersecurity degrees at graduate and postgraduate level, the subject is also embedded as a module in a wide range of other programmes.
Science Foundation Ireland, Ireland’s national foundation for investment in scientific and engineering research, funds cybersecurity research.
All this activity helped bring the top five security software companies in the world to Ireland, attracted by its status as an innovation hotspot with globally renowned deeptech clusters in fields such as machine learning, IoT and cloud technology.
“These areas complement a forward-looking cyber-security industry that is pioneering the use of AI to defend against the latest threats,” says O’Grady.
“R&D centres in Irish universities, and national research centres, are fuelling this innovation in areas such as data, machine-to-machine security, and cybercrime.”
Today more than 6,000 people work in Ireland’s cyber-security industry, a strong talent pool with a highly-skilled, multi-lingual workforce. The country is home to more than 40 multinational companies with cyber-security operations, and more than 60 indigenous cyber-security companies and startups. Exports in the sector grew 25% in 2019, an upward trend that is set to continue.
Trusted talent, trusted technologies
Ireland is also a deeply trusted country, with an international reputation for military neutrality and a respected track record in promoting international peace and cooperation, says O’Grady. That helped establish it as a leading destination for data hosting facilities in Europe.
“The most demanding global customers entrust Irish consulting, managed services and technology companies with their cyber-security,” he points out.
Right now, the world needs trusted solutions from trusted providers.
The Covid-driven rush to remote working means organisations are more vulnerable to cyber threats than ever before, a fact that has pushed cyber-security, for once and for all, out of IT departments and into boardrooms.
Organisations are now in a race against time to ensure devices are safe, that home WiFi connections are secure, and that employees are equipped to combat the risk of phishing and cyber-attacks.
“Cyber-criminals and hackers aren’t taking a break to let us all adjust, so more businesses are more vulnerable than ever,” warns O’Grady.
Reducing the threat of threats
They are turning to award-winning Irish companies such as Edgescan which provides vulnerability management and penetration testing globally. Its web application, network and cloud security solutions help cybersecurity teams reduce risk and cost for Enterprise and SME clients.
Demand is also growing at Siren Solutions developer of an investigative intelligence platform that sits on top of existing big data infrastructure.
Avoiding pandemic pandemonium
The pandemic forced companies to introduce remote work at speed. “From start-ups to SMEs and multinational corporations, companies across the board are facing an operational crunch,” says Egger.
While some made the transition with ease, others are struggling to cope with a lack of funds, clients, and possibly a reduced workforce too.
That’s a problem because research has already shown a high correlation between remote working and vulnerability to attacks.
According to Egger “the measures taken to ensure business continuity are often not assessed well enough against the associated cybersecurity risks, which is a problem because research has already shown a high correlation between remote working and vulnerability to attacks.’’
In one survey, taken since the start of the pandemic, 20% of respondents said they faced a security breach as a result of a remote worker.
An Irish firm that expertly addresses the issue of remote working is enterprise mobility expert CWSI, which helps organisations cope with the risk from ‘bring your own device’ work practices, ensuring businesses stay secure in a mobile-first world. It has clients across 38 countries. Another remote security specialist is Enterprise Ireland client company TitanHQ, which provides web and email filtering, as well as secure email archiving. It protects over 7,500 businesses from malware, ransomware, phishing, viruses, botnets and other cyber threats.
Coping with compliance
Compliance with new and various cyber-security regulations is a major challenge too, and one which must be faced at a time when many organisations are trying to weather the storm, drive revenue growth and keep costs down, points out Egger.
The regulatory burden can feel like a series of moving targets that are increasingly hard to hit but increasingly expensive to miss.
Here too Enterprise Ireland client companies have solutions to help.
Guardyoo delivers automated cyber-security audit services. Within a week it can determine if a company’s network has been compromised without its knowledge and establish if it is at risk from poor cyber practices or non-compliance.
Of course, the greatest cybersecurity risk to any company comes not from technology but from humans. As well as helping organisations to meet their compliance requirements, it helps them measure and improve employee cybersecurity behaviours and attitudes. It recently launched what it believes is the world’s most comprehensive security behaviour database, a brand-new tool for security professionals.
To find out more about the key cyber-security challenges facing organisations globally, and how Irish companies are helping to combat them, don’t miss Enterprise Ireland Cybersecurity Innovation Series (10 to 13 November).