EY refers to the global organization, and may refer to one or more, of the member firms of Ernst & Young Global Limited, each of which is a separate legal entity. Ernst & Young Global Limited, a UK company limited by guarantee, does not provide services to clients.
Recent Searches
Press release
05 Nov 2025
Irish Leaders Face The Cyber Stress Test, Amid Rising Talent, Training And Tech Supply Chain Disruptions – EY Ireland Cyber Leaders Index
- 83% of Irish organisations have enhanced cybersecurity measures over the past six months, yet cyber leaders struggle to fund cyber awareness training (72%) and hiring and retention (43%)
- Almost half (48%) of cyber leaders rank AI and data security as key priorities for the year ahead, while 68% say protecting against third party and supply chain threats a serious concern
- Burnout emerges as a hidden risk for organisations, with 37% of cyber leaders expressing concern that key threats are being overlooked, with one quarter (26%) reporting negative mental health impacts, and one in five (19%) stating that these are affecting their personal lives
A majority of Irish organisations have enhanced cybersecurity measures in recent months yet under-investment in key areas of training and compliance, ongoing talent shortages and AI-powered cyber threats continue to be areas of concern for Irish cyber leaders. That’s according to EY Ireland’s inaugural Cyber Leaders Index, which surveyed 165 of Ireland’s senior cyber leaders with a particular focus on the corporate, health and life sciences and government sectors.
83% of Irish cyber leaders report enhancing cybersecurity measures over the past six months, with nearly a third (32%) noting an increase in budgets, while two thirds (67%) report investment holding steady. However, more than 70% of cyber leaders report difficulties securing budget for staff cyber awareness training. 43% cited challenges in securing budget for hiring and retaining skilled personnel, which remains a key challenge for cyber leaders.
Nearly half (48%) of cyber leaders identified AI and data security as a top priority for the year ahead, and many organisations are adapting their practices in response to the EU AI Act. Yet 44% say they face challenges securing budget for AI-related security initiatives, suggesting that investment is not keeping pace with strategic intent.
This may reflect internal competition for AI budgets, rather than reluctance to invest in cybersecurity, and embedding cybersecurity into AI efforts positions the function as a driver of growth and advantage. Almost seven in ten (68%) of respondents said that protecting against supply chain and vendor-related threats is a top priority within their cybersecurity programmes, however only 4% identify third-party vendor risk as one of their main concerns.
Compliance with relevant regulations and data privacy laws such as NIS2 was cited as a priority by 39% of respondents, while the EU AI Act is also having an impact with nearly half (47%) of the leaders surveyed stating they have updated their data handling and monitoring practices and four in ten (39%) having updated their data protection impact assessment systems.
In an AI-driven world where algorithms and code are reshaping both attacks and defences, cyber risk is no longer something to eliminate, it must be managed with precision. This shift demands that cyber leaders evolve from engineers and managers to architects of trust, with a seat and a voice at the top table where strategic decisions are made and budgets are shaped. Cyber threats are escalating, with major breaches reported almost every week, and it’s clear that defences are only as strong as their weakest point. Yet investment is not always going where it matters most, with gaps in staff training and talent retention remaining areas of concern.
Puneet Kukreja
EY UK & Ireland Cyber Security Leader
Irish organisations are strengthening their cyber resilience, with most reporting enhanced defences and stable or increased budgets. The challenge now is to direct that investment towards people and partnerships, ensuring teams are trained, supported and equipped to manage the growing demands of compliance and third-party risk. Organisations must prioritise the continuous training and wellbeing of their cyber teams, recognising that resilience depends as much on people as it does on technology.
Carol Murphy
EY Ireland Partner, Head of Markets
Burnout Risk As Cyber Threats Remain A Top Concern
Burnout and fatigue amongst cyber leaders have been identified as growing resilience risks for Irish organisations, with 37% of those surveyed reporting concern about the gaps in their organisation’s cyber risk coverage. More than one in four (26%) of respondents reported negative impacts on their mental health.
Our research shows that stress is fast becoming a hidden cyber risk for organisations. Cyber risk is constant, and that unrelenting pressure is taking a toll on the people who defend against it. Burnout doesn’t just affect performance; it threatens retention at a time when skilled talent is already hard to find. Boards and business leaders must start considering the welfare of their cyber teams as a material business risk. That also means helping teams manage pressure by clearly defining the organisation’s cyber risk appetite and recognising that while not every threat can be eliminated, many can be anticipated and prepared for.
Puneet Kukreja
EY UK & Ireland Cyber Security Leader
To download the EY Ireland Cyber Leaders Index 2025, click here.
ENDS
About the survey: Research for the EY Ireland Cyber Leaders Index 2025 was commissioned by EY and conducted by Empathy Research between July and August 2025. The 165 senior cyber respondents held roles including CTO, CIO, Chief Data Officers, CEO, CFO and Board members / NEDs, and represented a wide range of organisations based in Ireland with a focus on three key sectors, health and life sciences, government, and corporate organisations (encompassed advanced manufacturing and digital infrastructure).
About EY: EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Powered by data, technology and an extensive partner ecosystem, our diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.