Paying off cyber criminals no guarantee stolen data won’t be published – study
Almost three-quarters (70%) of Irish business who have experienced a ransomware attack paid a ransom in the past 12 months to prevent sensitive data being published, however, nearly three in 10 (29%) reported that their data was leaked anyway, according to the latest Hiscox Cyber Readiness Report.
The survey of 500 Irish businesses revealed the growing scale of cyber threats facing Irish businesses, with new risks emerging from artificial intelligence, to persistent challenges from ransomware.
In total, 40% of Irish businesses surveyed reported suffering at least one cyber attack in the past year. More than a third (36%) of those suffered a distributed denial of service (DDoS) attack, where criminals overwhelm a company’s servers with traffic, forcing systems offline and halting normal operations.
The consequences can be severe. Some 31% of businesses said a cyber attack had a material impact on their company’s financial health, while 28% reported greater difficulty attracting new customers.
Almost two-thirds (62%) of respondents viewed vulnerabilities from third party AI tools as a major emerging risk over the next five years. Moreover, 38% said they were targeted between 1-10 times in the last 12 months due to vulnerabilities related to AI.
At the same time 66%, saw AI as more of an asset than a vulnerability, though 42% said their company will invest against AI-related security risks by bringing some hardware and software development work in-house. A further 38% said they are ensuring their cyber insurance included AI risks.
Stephen Donaldson, head of underwriting at Hiscox Ireland, said: “The Hiscox Cyber Readiness Report 2025 shows that cyber criminals are evolving just as fast as businesses adopt new technologies like AI. While most companies recognise AI’s potential to boost productivity, there’s real concern about the vulnerabilities it brings, especially through third party tools.
“Ransomware in particular remains a costly and disruptive problem in Ireland. Too many businesses pay up in the hope of a quick recovery, but as the data shows, many still face leaks or system rebuilds even after payment. This underlines the importance of preparation, resilience, and having a clear incident response plan in place before an attack happens.
“Cyber resilience is no longer optional – it’s business critical. From protecting solvency to safeguarding customer trust, companies that invest early and continuously in cyber security will be the ones best placed to weather the next wave of threats.”
TechCentral Reporters
Subscribers 0
Fans 0
Followers 0
Followers