Irish companies are believed to be reporting less than 5% of cyber attacks to police, according to disparities between figure from the Garda cyber crime unit and reports from private cyber security companies. Detective Superintendent and Head of the Garda Nation Cyber Crime Bureau, Michael Gubbins, has said that brand damage and embarrassment are among reasons given by companies for the under-reporting of cyber crime to the Gardai.
Gardai believe that companies are afraid of brand damage, leading to a vast under-reporting of cyber crime to authorities.
“The amount of cyber-dependent crime that is reported to An Garda Síochána is relatively low in comparison to that which is dealt with by private cybersecurity companies” according to Gubbins, who added that this was an issue faced by police worldwide.
“From an investigative point of view, by reporting these matters it allows the Garda National Cyber Crime Bureau (GNCCB) the opportunity to work with our international colleagues thereby increasing the opportunity to disrupt and identify the actors engaged in this crime type,” he added.
He also allayed fears that companies didn’t believe that the Garda could help. “GNCCB, through various international law enforcement agencies including Europol, European Cyber Crime Centre (EC3), Interpol, the National Crime Agency (NCA) in the UK and the PSNI, has access to a network of colleagues who work in the cybercrime area and can assist with our investigation.”
In a recent survey by PwC, it was found that 49% of Irish companies have experienced cyber crime in the last two years, up from 34% in 2016 and 26% in 2010. Reported incidents of cyber crime in Irish organisations is twice that of their global counterparts, according to the survey. PwC Ireland cyber leader, Pat Moran said, “Actual crime could well be higher than reported crime which makes the findings from this survey even more concerning.”
Adrian Weckler, Technology Editor of Independent News and Media said that companies must increase their focus on cyber security to survive in today’s environment. “With GDPR now in place, IT security is the most important tech consideration that most companies face. Every week I see examples of organisations, both in the private and public sectors, that are hit with serious data breaches or attacks. In many cases, it’s because they haven’t put in place modern practices and systems for their security hygiene.”
Irish businesses who wish to take steps to protect themselves from cyber crime are advised that there are no ‘silver bullets’ in cyber security, and that they must take a holistic and proactive approach. The holy trinity of cyber security is to ensure your antivirus and firewalls are next-generation, your servers and critical workstations are all regularly backing up, with a robust and regularly tested disaster recovery in place, and that all staff members are trained in basic cyber security.
After that, there are many simple organisational measures that are easy to implement yet can be fiercely effective – such as careful control of user accounts with privileged access, enforced password policies, regular patching, email filtering and more – speak to Tech Guard today if you are looking to improve your organisation’s security and reduce your risk