Cyber-attacks on Irish SMEs doubled since 2012

3rd May 2016 | News

Cyber security remains a critical issue for Irish-based small businesses with a new survey from PricewaterhouseCoopers showing that online attacks against Irish SMEs almost doubled in the last four years.

According to the report, the frequency of such attacks against Irish businesses has risen from 25 per cent in 2012 to 44 per cent today, considerably higher than the global average of 32 per cent.

Additionally, of those firms affected by cybercrime, almost one-fifth of those incurred losses of between €92,000 and €4.6 million.

This PwC survey comes shortly after another warning for Irish firms to take better precautions against the threat of cyber-attacks in the last 18 months.

Det Insp Michael Gubbins, head of the computer crime investigations unit, Garda Bureau of Fraud Investigation, warns that many small business owners simply don’t take the issue seriously enough.

“If someone sets up a shop on Grafton Street they are going to put in CCTV, alarms and other security measures. The same concept has to be brought to bear on a company’s online presence, but this generally isn’t happening at present,” said Gubbins.

There remains a belief among the small business community that serious criminals are only interested in targeting large global firms, yet smaller businesses are actually at greater risk from cybercrime.

Brian Honan, information security consultant, BH consulting, said: “Overall, there isn’t much awareness of cybersecurity risks among SMEs.

“Some of this is due to the fact that many such companies don’t have internal expertise, but a lot of them have also spent the last few years concentrating on staying in business and this has trumped everything else.”

However, many SMEs are increasingly discovering that by not protecting themselves against possible cyber-attacks it is akin to leaving their premises unlocked overnight.

Pat Moran, leader of cybersecurity practice, PwC, said: “It is not a question of if you are attacked by of when. Many organisations just assume that because you’re small and appear irrelevant that attackers won’t be interested.

“But there are multiple examples of why attackers would be interested enough in your business to have a go.”