More than three-quarters of Irish businesses will struggle to meet the requirements of Europe’s new NIS2 cybersecurity regulations.
An overwhelming 76% of IT decision-makers believe Irish organisations will struggle to meet all NIS2 requirements, a new survey commissioned by Datapac reveals.
As well as this, an overwhelming majority (99%) call for more financial support from the Government to achieve compliance.
“Many organisations likely to be impacted by NIS2 may find themselves on the back foot if cybersecurity governance is not made a company-wide priority”
The NIS2 Directive establishes a unified legal framework to uphold cybersecurity in critical sectors across the EU.
Set to take effect in 2025, compliance with NIS2 is mandatory for all medium-sized and large organisations in at least 18 vital sectors in the EU.
Cybersecurity readiness
An independent survey, commissioned by Datapac and carried out by Censuswide, gathered insights from 200 IT decision-makers across various industries in the Republic of Ireland and underscores the importance of cybersecurity readiness and preparedness for an evolving regulatory landscape.
The research suggests a broader disconnect in how cybersecurity is prioritised within organisations, with a third (33%) of IT decision-makers reporting that senior management only considers governance a priority when mandated by regulations.
Meanwhile, the survey found that cybersecurity remains a critical concern for IT decision-makers in Ireland in 2025. The top concern among Irish businesses is organised cybercrime (34%), which is closely followed by phishing and social engineering (33%). A further 27% of IT decision-makers believe that the Dark Web poses one of the biggest threats to their business.
The survey also revealed that 86% of organisations experienced a cybersecurity incident in the past 12 months, with 76% of these incidents escalating to a data breach. When it comes to managing cyber threats, businesses are aware of their limitations, with 65% believing they lack adequate internal skills and resources to handle rising cybercrime risks.
This concern is reflected in investment trends, with the same number (65%) increasing their cybersecurity spending in the past year. These factors are pushing organisations to enhance their security measures to protect against potential data breaches and compliance risks.
The findings also highlight the role that external support plays when it comes to regulatory compliance for businesses. Organisations are increasingly turning to Managed Detection and Response (MDR) services, with 64% of IT decision-makers surveyed recommending MDR solutions as an effective strategy to address both compliance and security risks.
“Our survey shows that organisations in Ireland are facing increasingly sophisticated cyber threats, and pressure to keep pace with evolving regulatory demands such as NIS2,” said Damien Mallon, senior systems engineer, Datapac.
“There is a clear disconnect between IT leaders and senior management when it comes to cybersecurity, and many organisations likely to be impacted by NIS2 may find themselves on the back foot if cybersecurity governance is not made a company-wide priority.
“In an era of ever-intensifying cyber threats, readiness is key, and businesses must assess their current cybersecurity strategies to ensure that they meet evolving needs. We see the importance of pairing robust internal processes and governance with external expertise, which can help organisations to strengthen their defences, achieve compliance, and thrive in an ever-changing digital landscape.”
Main image at top: Damien Mallon, senior systems engineer, Datapac
-
Bank of Ireland is welcoming new customers every day – funding investments, working capital and expansions across multiple sectors. To learn more, click here
-
Listen to the ThinkBusiness Podcast for business insights and inspiration. All episodes are here. You can also listen to the Podcast on:
-
Spotify
-
SoundCloud
-
Apple
