Almost six in ten Irish businesses (57%) do not regularly update their software, while more than half (51%) fail to run regular automated data backups, indicating a worrying lack of protection against cyber criminals. Furthermore, just four in ten (39%) Irish organisations report having provided cybersecurity training to their staff, one of the most effective methods of preventing cyber incidents.

These findings come from new research conducted by insurance broker and risk management firm Gallagher in Ireland. The company commissioned a survey of 300 business decision-makers across the UK and Ireland, 100 of whom are based in Ireland, to assess what critical cybersecurity tools organisations are using to protect themselves.

Experts at Gallagher warn that, despite these basic gaps in protection, nine in ten (92%) Irish businesses believe they are adequately protected against cyber-attacks highlighting a disconnect between perception and reality.

Commenting on the survey findings, Laura Vickers, Managing Director of Commercial Lines at Gallagher in Ireland said:

"Our research suggests that there is a mismatch between how well protected businesses in Ireland believe they are against cyber attacks - and the steps they have taken to manage such threats. Regularly updating software is a very basic step but it is crucial for cybersecurity, as updates often include security patches that address vulnerabilities and this in turn could potentially prevent cyber attacks and data breaches. Yet our survey shows that only 43% of Irish businesses do this.

"Automatic data backup is another crucial cybersecurity measure, as it helps protect against data loss from various incidents - such as ransomware attacks, hardware failures, and accidental deletions. Automated backups are considered more reliable and less error-prone than manual backups. Yet only half of Irish businesses run regular automated data back-ups."

When asked what steps Irish organisations take to protect themselves against cyberattacks, Gallagher found:

1. 49% conduct regular automated data back-ups

2. 48% use multi-factor authentication for all applications utilising remote access

3. 43% conduct regular updates of software

4. 41% run system vulnerability scans

5. 39% provide training for all staff on cybersecurity

6. 38% use multi-factor authentication for employee email accounts

7. 36% undergo regular data back-ups

Ms Vickers added:

"Cybercrime is no longer a niche or occasional risk - it's a persistent, evolving threat that affects almost every organisation in some shape or form. Training and awareness are crucial when it comes to protecting an organisation against cybercrime - such training will not only equip staff with the skills they need to spot a potential cyberattack, it will also help them protect their business against such an attack. Yet less than four in ten of the businesses in our survey have trained staff in cybersecurity, which is a big oversight."

Other headline findings from the Gallagher research reveal that:

Almost two-thirds (64%) of Irish businesses believe they are "very protected" against a cyber-attack, with a further 28% saying they are "quite protected".

At 92%, the number of Irish businesses that feel adequately protected against cyber attacks is slightly higher than in the UK, where 89% of firms indicated this to be the case.

When it comes to the measures taken by firms to improve cybersecurity, UK businesses are more inclined than their Irish counterparts to run regular software updates (71% of UK businesses did so versus 43% of Irish firms) and to train all staff on cybersecurity (57% versus 39%).

While numbers were still high, the businesses that feel least protected against cyberattacks are those in the professional services (75% of business decision makers said they feel safeguarded against such threats), healthcare (83%), IT/computing (83%) and financial services (89%) sectors.

The businesses that feel most protected against cyber-attacks a...