Navigating the Cybersecurity Landscape in Ireland: Microsoft Insights and Actions

In the fast-evolving cyber landscape in Ireland, organisations are susceptible and vulnerable to attack, as highlighted by Microsoft Ireland’s ‘Cybersecurity Trends in Ireland’ report. This exploration of the experiences of c-suite executives operating in Ireland delves into cybersecurity trends, shedding light on prevalent challenges, emerging technologies, and the imperative need for proactive measures.

Cybersecurity vulnerabilities persist across Irish industries, exacerbated by the absence of comprehensive defence strategies. While there’s a good adoption of cybersecurity training, the true resilience demanded by the evolving threat landscape necessitates ongoing investments in technological solutions. Our report reveals that 46% of respondents have faced cyber incidents in the last three years, with 30% experiencing data breaches. Strikingly, only 14% reported incidents to regulatory bodies.

Despite these challenges, 74% of organisations haven’t reduced their cybersecurity spend and 57% conduct regular cybersecurity training. However, a significant gap exists in strategic processes with just 44% performing risk assessments and 38% employing a multi-layered defence strategy. The study also points to a potential complacency with 26% of organisations indicating a lack of IT security infrastructure investment planned for the coming year.

Artificial Intelligence as a Cybersecurity Enabler

While the adoption of Artificial Intelligence (AI) technologies to support defensive strategies is slow – just 14% of executives say they are using AI as part of their cybersecurity strategy while a further 30% say they are unsure if they are in fact using AI technologies – ‘Cybersecurity Trends in Ireland’ underscores the rising significance of AI in cybersecurity.

AI technologies offer a potent defence against cyber threats by swiftly analysing vast data sets. Notably, the successful use of AI in Ukraine against cyberattacks sets a precedent for the role of innovation in cybersecurity.

However, the integration of AI comes with its own set of challenges. Security teams grapple with managing disparate tools and a scarcity of skilled talent. Microsoft’s recent strides in unifying incident experiences through Microsoft Sentinel and Microsoft Defender XDR mark a significant leap toward cohesive and efficient cybersecurity strategies.

Meanwhile, from 1 st of April, Microsoft Copilot for Security will be available in Ireland. The industry’s first generative AI solution will help security and IT professionals catch what others miss, move faster, and strengthen team expertise. Copilot is informed by large-scale data and threat intelligence, including more than 78 trillion security signals processed by Microsoft each day, and coupled with Large Language Models to deliver tailored insights and guide next steps. With Copilot, users can protect their environments at the speed and scale of AI and transform their security operations.

Regulation and Compliance

A concerning revelation from our Cybersecurity Trends in Ireland study is the lack of awareness among Irish executives regarding upcoming legislation; specifically, the Network and Information Security 2 Directive (NIS2). Scheduled for implementation in October 2024, NIS2 will impact 18 sectors and over 180,000 companies across the EU. Despite its potential to strengthen cybersecurity postures, more than 70% of leaders are either unaware or unprepared for compliance. Of those who are aware of NIS2, 20% feel they are currently compliant with the legislation and 20% believe they are not compliant. 60% of all respondents are unsure if they are or not. Positively, 31% of organisations are planning to invest in their strategy to achieve compliance with NIS2 and 29% have a roadmap in place to achieve this.

That said, this lack of awareness extends to the majority being unsure about their organisations having investment or a roadmap for NIS2 compliance. The Directive mandates a baseline of minimum-security measures for digital service providers and operators of essential services, highlighting the urgency for organisations in Ireland to prepare for its implications.

The research also revealed that while organisations may have experienced a cyber incident (46%), not all (14%) felt they had to report it. However, under NIS2 organisations will have to report earlier and more often. It is imperative that Irish organisations are aware of, and planning for, this new legislation that will have a significant impact on their organisations’, and potentially their customers’, cybersecurity policies and defences.

Building Cyber Resilience Through Collective Defence

As cyber threats become more sophisticated globally, organisations must accelerate their shift to the cloud, where security innovations can have the most impact. Public-private collaboration is emphasised as a key focus in our report, urging organisations to forge deeper alliances within the private sector and establish stronger partnerships with the public sector.

In Ireland, collaborative efforts with the National Cyber Security Centre (NCSC), industry, and academia create a robust ecosystem. However, the study underscores the need for strategic methods in cyber defence, integrating new technologies like AI for intelligent threat prediction and prevention.

The cybersecurity landscape in Ireland is marked by both progress and challenges. While organisations demonstrate commitment through continued investments and training, a crucial need exists for comprehensive strategies, AI integration, and proactive compliance with impending regulations. As cyber threats evolve, the call for collective defence and innovative resilience measures becomes more urgent than ever. Irish organisations need to stay vigilant and adaptable in the face of an ever-changing digital frontier. For details see: Microsoft Ireland’s‘Cybersecurity Trends in Ireland’ report.