Globally, the estimated cost of the average data breach is €3.06m
Two thirds (66%) of Irish respondents expect their cyber budget to increase over the coming year (Global: 77%)
At the same time, 74% of Irish organisations are prioritising cyber risk mitigation in the year ahead, far ahead of their global counterparts (57%)
Third party breaches are the number one cybersecurity threat concerning Irish organisations for the second year in a row
Four-fifths (78%) of global respondents have increased their investment in GenAI over the last year whilst 68% of global security executives say that GenAI has increased the potential cyber vulnerabilities to an organisation.
This is according to PwC’s 2025 Digital Trust Insights survey, the longest running and the largest annual survey worldwide on cybersecurity trends. The study surveyed 4,042 business and tech executives across 71 countries, including Ireland, focusing on how the technology and security landscape is evolving. In particular, the survey focuses on the importance of protecting against cyber threats, while remaining resilient in operations if an incident were to occur. This press release contains the Irish results where the data is available, otherwise we refer to global results.
Leonard McAuliffe, Cybersecurity Partner, PwC Ireland, said: “The survey highlights that despite the high cost of cyber breaches, less than one in three Irish organisations have implemented robust cyber resilience across their businesses. At the same time, they state that they are planning to prioritise cyber risk mitigation in the next 12 months, but their planned investment is behind their global peers. Irish companies need to prioritise cyber risk investment even more to safeguard their organisations from cyber attacks.”
It is evident from the survey that cybersecurity remains at the forefront for Irish organisations with 66% of Irish respondents expecting their cyber budget to increase in the year ahead, however this falls behind global peers (77%). At the same time, the study reveals that 74% of Irish organisations are prioritising cyber risk mitigation in the year ahead, far ahead of their global counterparts (57%) and far ahead of other business risks to be mitigated such as digital and technology risks (48%), inflation (42%), environmental risks (34%) and macroeconomic volatility (18%).
Notably, there was a gap identified in the implementation of robust cybersecurity for Irish organisations with just 28% of Irish respondents having implemented robust cyber resilience actions across their organisation, well behind global counterparts (33%). This comes as the average cost of a data breach across all respondents globally is €3.06m.
Leonard McAuliffe continued: “Cyber resilience is everyone’s responsibility, from the boardroom to the employee. We must hold each other accountable and ensure that we address emerging risks by leveraging new technology, practising foundational cybersecurity principles and investing in resources that will secure the future of the organisation.”
Third-party breaches remain the number one cyber concern for Irish organisations (48%) as dependency on third parties continues. This follows ransomware (42%) and cloud-related threats (40%). Globally, the top cyber threats are cloud-related threats (42%), hack-and-leak operations (38%) and third-party breaches (35%).
As companies contend with cyber security concerns, almost four-fifths (78%) of business leaders surveyed have ramped up their investment in GenAI over the last 12 months. For example, GenAI is being prioritised in cyber defence activities such as threat detection (44%), threat intelligence (39%) and malware and phishing detection (38%). At the same time GenAI (68%) has increased cyber attack vulnerabilities in the last 12 months, ahead of other emerging technologies such as cloud technology.
While leveraging GenAI remains key to enhancing cyber strategies, organisations face several challenges when incorporating the technology. Notably, 39% of global respondents cited a lack of trust in GenAI by internal stakeholders and difficulties in integrating GenAI with existing systems and processes. Additionally, 38% indicated inadequate internal controls and risk management, while 37% pointed to a lack of standardised internal policies governing the use of GenAI as prominent challenges.
Organisations surveyed cite investment in cybersecurity as a key differentiator for competitive advantage with over half of Irish respondents viewing cybersecurity as crucial for customer trust (57%) and brand integrity and loyalty (50%). This emphasises the importance of strong cybersecurity controls to gain market share. Over a quarter (26%) of Irish respondents expect cyber budgets to increase by 11% or more in the year ahead (Global: 20%) with areas being prioritised including: data protection/data trust (48%), modernisation of technology (43%) and ongoing security training (34%).
Fewer Irish respondents compared with global counterparts are either extremely or very confident in their organisation’s ability to be compliant with key new cyber regulations coming down the track: EU Network and Information Security Directive (NIS2) (Ireland: 54%; Global: 64%), the EU AI Act (Ireland: 50%; Global: 56%) and the Digital Operational Resilience Act (DORA) (Ireland: 42%; Global: 55%). Cyber regulations are also driving investment – with 96% of global respondents reporting such regulations to have increased their cyber investment in the last 12 months.
Moira Cronin, Digital Risk Partner, PwC Ireland concluded: “It is clear that organisations which invest appropriately in cybersecurity have a competitive advantage compared to those who do not. The survey highlights that GenAI is a useful tool for cyber defence especially for threat detection. And while Irish companies have more to do to be compliant with upcoming cyber regulations, there is overwhelming consensus that cyber regulations are also driving investment.”
ENDS
Notes to editors:
The 2025 Global Digital Trust Insights is a survey of 4,042 business and technology executives including 50 in Ireland. Now in its 26th year, it’s the longest-running annual survey on cybersecurity trends. It’s also the largest survey in the cybersecurity industry and the only one that draws participation from senior business executives, not just security and technology executives.
A quarter of the executives are from large companies with US$5 billion or more in revenues. Respondents operate in a range of industries, including industrials and services (21%); tech, media, telecom (20%); financial services (19%); retail and consumer markets (17%); energy, utilities and resources (11%); health (7%) and government and public services (4%). Respondents are based in 77 countries and territories including Ireland. The regional breakdown is Western Europe (30%), North America (25%), Asia Pacific (18%), Latin America (12%), Central and Eastern Europe (6%), Africa (5%) and the Middle East (3%).
At PwC, our purpose is to build trust in society and solve important problems. We’re a network of firms in 151 countries with over 360,000 people who are committed to delivering quality in assurance, advisory and tax services. Find out more and tell us what matters to you by visiting us at pwc.com.
PwC refers to the PwC network or one or more of its member firms or both, each of which is a separate legal entity. Please see pwc.com/structure for further details.
© 2024 PwC. All rights reserved