Organisations need to do more to combat cyber-attacks
Multi-disciplinary cooperation, hiring the right people and budget are the top three challenges in increasing cyber resilience
Digital Services Act is the most relevant legislation to organisations
While a significant percentage of respondents feel that their organisation is ready to deal with a serious cyber incident from a compliance and security viewpoint, a greater number feel there is still work to be done. There is also a lack of knowledge of incoming EU law changes in the area, with a majority saying they have not much, or have gaps in their, knowledge. These are just some of the findings from a poll of attendees at Matheson's 'Cyber Security and Data Protection Conference' today.
L-R: Anne-Marie Bohan, partner and Head of Matheson's Technology and Innovation Group; Detective Inspector Brian Halligan of the Garda National Cyber Crime Bureau; Deirdre Crowley, Technology and Innovation Partner; and Stuart McKenzie, Senior Vice President of Mandiant Consulting EMEA.
Other findings include;
- Almost 35% of respondents have either suffered from or had experienced several failed cyber-attacks over the past 18 months. 43.4% said their organisation had not suffered from a cyber-attack.
- While 40.3% feel that their organisation is ready to deal with a serious cyber incident from a compliance and security viewpoint, more of them (46.2%) think there is still work to do.
- The top three challenges which organisations face when preparing for cyber resilience are; Multi-disciplinary cooperation across teams (66.1%); hiring the right people (49.4%); and budget (32.7%).
- The two most pressing data protection challenges which attendees face are; establishing robust governance processes (42.5%); and dealing with international transfer obligations (28.7%), followed by managing data breaches and notifications (14.9%) and complying with data subject rights requests (13.8%).
- The most relevant recent or incoming pieces of EU legislation are; the Digital Services Act (40.%); the Network and Information Security Directive (NIS 2) / Digital Operational Resilience Act (DORA) (33.3%); AI Regulation (29.8%); and the Digital Markets Act (25%).
- While a sizeable number (25%) are well informed about incoming EU law changes, almost half (47.7%) have some gaps in their knowledge and almost a quarter (23.9%) have not much knowledge at all. Just 3.4% say that they are very well informed.
With over 400 online and in-person attendees, today's hybrid event was one of Matheson's flagship events and is a key annual event for business and technology clients.
Anne-Marie Bohan, partner and Head of Matheson's Technology and Innovation Group delivered the opening address and introduced the first panel session, Cyber Resilience, which explored the latest trends in cyber-crime and our readiness to respond to them. Chaired by Matheson partner, Deirdre Crowley, of Matheson's Technology and Innovation Group, the panellists included; Detective Inspector Brian Halligan of the Garda National Cyber Crime Bureau; Stuart McKenzie, Senior Vice President of Mandiant Consulting EMEA and Sandra Skehan, Deputy Commissioner of the Data Protection Commission.
The conference's second panel discussion – Privacy Litigation - dealt with the regulation of data in the EU and was chaired by Deirdre Crowley, who was joined again by Sandra Skehan and by Karen Reynolds, partner in Matheson's Commercial Litigation and Dispute Resolution Department. Finally, an "In conversation with" session with Matheson partners Susanne McMenamin of Matheson's Corporate M&A Group and Carlo Salizzo from Matheson's Technology and Innovation Group, analysed news and developments in data protection and other upcoming Irish and EU legislation, what Irish businesses and directors need to focus on, and how best to get them on the agenda.