Only 28% of Irish organisations have robust cyber resilience, risking future disruptions.

This is according to PwC’s 2025 Digital Trust Insights survey, the longest running and the largest annual survey worldwide on cybersecurity trends.  The study surveyed 4,042 business and tech executives across 71 countries, including Ireland, focusing on how the technology and security landscape is evolving. In particular, the survey focuses on the importance of protecting against cyber threats, while remaining resilient in operations if an incident were to occur. This press release contains the Irish results where the data is available, otherwise we refer to global results.

Leonard McAuliffe, Cybersecurity Partner, PwC Ireland, said: “The survey highlights that despite the high cost of cyber breaches, less than one in three Irish organisations have implemented robust cyber resilience across their businesses. At the same time, they state that they are planning to prioritise cyber risk mitigation in the next 12 months, but their planned investment is behind their global peers. Irish companies need to prioritise cyber risk investment even more to safeguard their organisations from cyber attacks.”

Cybersecurity remains a key priority for Irish organisations

It is evident from the survey that cybersecurity remains at the forefront for Irish organisations with 66% of Irish respondents expecting their cyber budget to increase in the year ahead, however this falls behind global peers (77%). At the same time, the study reveals that 74% of Irish organisations are prioritising cyber risk mitigation in the year ahead, far ahead of their global counterparts (57%) and far ahead of other business risks to be mitigated such as digital and technology risks (48%), inflation (42%), environmental risks (34%) and macroeconomic volatility (18%). 

Notably, there was a gap identified in the implementation of robust cybersecurity for Irish organisations with just 28% of Irish respondents having implemented robust cyber resilience actions across their organisation, well behind global counterparts (33%). This comes as the average cost of a data breach across all respondents globally is €3.06m.

Leonard McAuliffe continued: “Cyber resilience is everyone’s responsibility, from the boardroom to the employee. We must hold each other accountable and ensure that we address emerging risks by leveraging new technology, practising foundational cybersecurity principles and investing in resources that will secure the future of the organisation.” 

Third-party breaches is the top cyber threat concerning Irish businesses  

Third-party breaches remain the number one cyber concern for Irish organisations (48%) as dependency on third parties continues. This follows ransomware (42%) and cloud-related threats (40%). Globally, the top cyber threats are cloud-related threats (42%), hack-and-leak operations (38%) and third-party breaches (35%). 

Investment in emerging technologies such as GenAI increases, however, not without implementation challenges  

As companies contend with cyber security concerns, almost four-fifths (78%) of business leaders surveyed have ramped up their investment in GenAI over the last 12 months. For example, GenAI is being prioritised in cyber defence activities such as threat detection (44%), threat intelligence (39%) and malware and phishing detection (38%). At the same time GenAI (68%) has increased cyber attack vulnerabilities in the last 12 months, ahead of other emerging technologies such as cloud technology. 

While leveraging GenAI remains key to enhancing cyber strategies, organisations face several challenges when incorporating the technology. Notably, 39% of global respondents cited a lack of trust in GenAI by internal stakeholders and difficulties in integrating GenAI with existing systems and processes. Additionally, 38% indicated inadequate internal controls and risk management, while 37% pointed to a lack of standardised internal policies governing the use of GenAI as prominent challenges.

Investment in cybersecurity a market differentiator 

Organisations surveyed cite investment in cybersecurity as a key differentiator for competitive advantage with over half of Irish respondents viewing cybersecurity as crucial for customer trust (57%) and brand integrity and loyalty (50%). This emphasises the importance of strong cybersecurity controls to gain market share.  Over a quarter (26%) of Irish respondents expect cyber budgets to increase by 11% or more in the year ahead (Global: 20%) with areas being prioritised including: data protection/data trust (48%), modernisation of technology (43%) and ongoing security training (34%). 

Regulation driving cybersecurity investment

Fewer Irish respondents compared with global counterparts are either extremely or very confident in their organisation’s ability to be compliant with key new cyber regulations coming down the track: EU Network and Information Security Directive (NIS2) (Ireland: 54%; Global: 64%), the EU AI Act (Ireland: 50%; Global: 56%) and the Digital Operational Resilience Act (DORA) (Ireland: 42%; Global: 55%).  Cyber regulations are also driving investment – with 96% of global respondents reporting such regulations to have increased their cyber investment in the last 12 months. 

Moira Cronin, Digital Risk Partner, PwC Ireland concluded: “It is clear that organisations which invest appropriately in cybersecurity have a competitive advantage compared to those who do not. The survey highlights that GenAI is a useful tool for cyber defence especially for threat detection. And while Irish companies have more to do to be compliant with upcoming cyber regulations, there is overwhelming consensus that cyber regulations are also driving investment.” 

ENDS

Notes to editors:

About PwC 2025 Global Digital Trust Insights 

The 2025 Global Digital Trust Insights is a survey of 4,042 business and technology executives including 50 in Ireland. Now in its 26th year, it’s the longest-running annual survey on cybersecurity trends. It’s also the largest survey in the cybersecurity industry and the only one that draws participation from senior business executives, not just security and technology executives.  

A quarter of the executives are from large companies with US$5 billion or more in revenues. Respondents operate in a range of industries, including industrials and services (21%); tech, media, telecom (20%); financial services (19%); retail and consumer markets (17%); energy, utilities and resources (11%); health (7%) and government and public services (4%). Respondents are based in 77 countries and territories including Ireland. The regional breakdown is Western Europe (30%), North America (25%), Asia Pacific (18%), Latin America (12%), Central and Eastern Europe (6%), Africa (5%) and the Middle East (3%).