Quarter of large businesses in Ireland reduced cyber security budgets for 2026
Despite continued threats from State actors, cyber criminals and AI, a quarter of large business in Ireland plan on reducing their cyber security budget this year, according to Saros Consulting.
A survey carried out by Censuswide on behalf of the IT consultancy polled 200 IT decision-makers in organisations in Ireland with more than 250 employees. While half of organisations were either decreasing their cyber security budgets or keeping them the same, the other half of IT leaders said that their cyber security budget increased this year.
With increased investment comes new approaches to proactive security, and 30% said they were willing to pay bounties to experts who can expose vulnerabilities. This is already happening in practice, as over a quarter (27%) have already done this.
Despite this growing focus on proactive security measures, confidence in overall preparedness remains mixed. Only half were confident of detecting attackers before any damage was done. This was reflected in preparedness levels, with just over 51% saying they had an incident response plan. Even where plans exist, follow-through is mixed, as only 54% said they tested their incident response plan once or more per year.
Infrastructure is an ongoing challenge among IT leaders. Some 55% said legacy systems were increasing their organisation’s cyber security risk – reflected in spending, as large enterprises in Ireland dedicated 28% of their IT budgets on mandatory system upgrades. At the same time, inefficiencies remain, as 30% of budgets were dedicated to maintaining systems that leadership acknowledges should be replaced.
Ray Armstrong, co-founder and co-CEO of Saros Consulting, said: “Reducing cyber security budgets at a time of increasing threat complexity is a high-risk strategy for large enterprises. Cyber security underpins every aspect of modern IT strategy, from digital transformation to regulatory compliance. Organisations who deprioritise it risk exposing not only their systems, but also their customers, their reputation and their long-term resilience… It is not simply about spend, but about making the right, informed investments that reduce risk and support sustainable growth.”
Justin van der Spuy, co-founder and co-CEO of Saros Consulting, added: “There is a clear disconnect between the scale of today’s cyber threats and the decision by some large organisations to reduce investment in this area. In complex environments, even small gaps in cyber security can have significant consequences. Cyber security can no longer be viewed as a secondary business priority.
“What is needed now is strategic clarity and a long-term approach to resilience. Businesses must ensure they are supported by experienced partners who can help them navigate evolving threats and increasing regulatory complexity. Organisations that recognise the growing scale of cyber risk, and continue to invest accordingly, will be far better positioned to protect their operations and long-term investments.”
TechCentral Reporters
Subscribers 0
Fans 0
Followers 0
Followers