Irish organizations face a costly cybersecurity attack if they do not implement robust measures to protect themselves, a new report warns.

PwC’s 2025 Digital Trust Insights survey reveals that only 28% of companies have what they consider to be robust cyber resilience measures in place, which is lower than the global average of 33% of companies.

This is despite 74% of Irish organizations reporting prioritizing cyber risk mitigation, placing risks ahead of other risks such as inflation and macroeconomic volatility. More than half of survey respondents said maintaining consumer trust and brand integrity is crucial.

However, while Irish businesses appear to recognize the importance of investing in cybersecurity, the report says they may not be investing as much as their global counterparts. Only two-thirds of companies said they planned to increase their cyber budget, compared to 77% globally.

Average data breaches cost around €3 million, PwC said, and third-party data breaches remain the top concern for Irish organisations, the second year in a row they have topped the list.

“The survey highlights that despite the high cost of cyberattacks, fewer than one in three Irish organizations have implemented robust cyber resilience measures across their operations,” said Leonard McAuliffe, cybersecurity partner at PwC Ireland. “At the same time, they say they plan to prioritize cyber risk mitigation over the next 12 months, but the planned investment is lower than their global peers. Irish businesses need to prioritize cyber risk investments even more to protect their organizations from cyberattacks.

The PwC survey asked more than 4,000 business and technology leaders across 71 countries, including Ireland, about the evolving technology and security landscape.

This includes generative AI, an area where 78% of global respondents said they have seen their investments increase over the past 12 months as businesses turn to technology to help them detect threats, detect threats, as well as detect malware and phishing. However, it has also increased vulnerabilities to cyberattacks, PwC noted, and nearly 40% of global respondents said they had difficulty integrating generative AI into their existing systems. trust is also an issue, while 38 percent said there was a lack of adequate internal controls and risk management around the technology, which presented a challenge when trying to implement it.

Irish organizations are also less confident about their ability to comply with new cybersecurity regulations, such as the EU Network and Information Security Directive (NIS2), the AI ​​Act (and the Digital Operational Resilience Act (DORA), compared to their Irish global peers.

“It is clear that organizations that invest appropriately in cybersecurity gain a competitive advantage over those that do not,” said Moira Cronin, Digital Risk Partner at PwC Ireland. “The survey highlights that GenAI is a useful tool for cyber defense, particularly for threat detection. And while Irish businesses still have a long way to go to comply with upcoming cybersecurity regulations, there is overwhelming consensus that cybersecurity regulations also drive investment.

• Register at Business today newsletter and get the latest business news and commentary delivered to your inbox every weekday morning
• Register for Professional push alerts and receive the best news, analysis and commentary straight to your phone
• Join The Irish Times on WhatsApp and stay up to date
• Our Inside Business podcast is published weekly – Find the latest episode here