Site Search Site Search

Menu

Menu

Menu

Menu

Loading Results

Irish insights from PwC’s Global Digital Trust Insights Survey 2026

New world, new rules: How Irish firms are adapting to new cybersecurity threats

PwC’s Digital Trust Insights Survey 2026
  • Survey
  • 10 minute read
  • October 22, 2025
57%

of Irish firms are boosting cyber risk spend amid global tensions.

35%

of organisations are turning to managed services for cyber talent.

42%

cite lack of knowledge as key barrier to using AI for cyber defence.

3

top threats identified: cloud, connected product attacks, third-party breaches.

Cyber threats are evolving, fast

Cyber priorities are shifting as geopolitical tensions rise and technologies like AI and quantum computing reshape risk. Organisations are rethinking their strategies to stay ahead of increasingly complex threats. Cloud vulnerabilities top the list, followed by attacks on connected products and third-party breaches. PwC’s 2026 Global Digital Trust Insights Survey, based on responses from nearly 4,000 leaders across 72 countries, reveals how businesses are adapting to protect what matters most.

Geopolitics is reshaping cyber strategies

Cybersecurity is no longer just a technical issue; it’s a strategic imperative shaped by global events. PwC’s Digital Trust Insights Survey 2026 captures how Irish and global business leaders are responding to a year defined by geopolitical tension, fractured alliances, and shifting trade dynamics. These forces are driving organisations to rethink how they protect their operations, data and people.

In Ireland, 57% of organisations are increasing investment in cyber risk management. That’s in line with Western Europe (59%) and global peers (60%), signalling a shared urgency to strengthen defences as threats grow more frequent and sophisticated. But investment alone isn’t enough.

Irish firms are taking broader action. 38% are re-evaluating and relocating critical infrastructure. 35% are reconsidering where core operations are based. 32% are adapting trade and operating policies to manage risk more effectively. And 41% are updating cyber insurance to improve coverage and resilience.

Supply chains are also under review. A third of Irish organisations (32%) are changing vendors and suppliers to reduce exposure to third-party risk given third-party location. That mirrors trends across Europe (27%) and globally (26%), as businesses seek partners who meet higher security standards.

These shifts reflect a growing recognition: cybersecurity must evolve with the world around it. And that means acting decisively, not just reacting.

Cyber strategy changes in response to current geopolitical landscape
(% that ranked in their top 3 areas)

This graphic shows the percentage of organizations ranking specific cyber strategy changes in their top three responses to the current geopolitical landscape. The categories and their respective percentages are: Increase cyber risk investment at 57%, Change in cyber insurance policies at 41%, Change in critical infrastructure location at 38%, Change where business is conducted at 35%, Change in trade and operating policies at 32%, and Change in vendors at 32%.

Technology adoption is testing cyber resilience  

AI is reshaping cybersecurity, but Irish organisations are still working through the challenges of adoption. Over half (52%) cite an unclear risk appetite as the biggest barrier to using AI for cyber defence. That’s well above the global average (39%) and Western Europe (38%), pointing to a deeper hesitation around risk ownership and governance.

Knowledge gaps are also slowing progress. While 62% of global respondents say AI-powered malware is their top concern, 42% of Irish organisations say they don’t fully understand how to apply AI for cyber defence in practice. Leadership uncertainty is another blocker, with 42% of Irish firms reporting hesitation at the top — again, higher than global (34%) and regional (33%) peers.

Quantum security is another frontier where Ireland is falling behind. Just 8% of Irish organisations are actively implementing quantum-resistant technologies, compared to 22% globally and 21% in Western Europe. That said, 43% are exploring options — a sign that interest is growing, even if action is still limited.

The message is clear: Irish organisations recognise the potential of advanced technologies, but many are still finding their footing. Building clarity, confidence and capability will be key to unlocking their full value.

Quantum-resistant security progress​

A circular donut chart showing organizations' progress on quantum-resistant security measures. 43% are exploring but have not yet taken steps to implement these measures. 24% are piloting and testing, having begun implementation. 8% are currently implementing quantum-resistant security measures. 14% are unable to confirm their status at this time. 11% have not started to consider and have no plans to implement quantum-resistant security measures.

Cyber talent: building capability from the inside out

The shortage of skilled cyber professionals remains one of the most pressing challenges facing Irish organisations. As threats evolve, so does the need for a resilient, well-equipped workforce. Businesses across Ireland are responding by prioritising talent development as a core part of their cybersecurity strategy.

43% of Irish respondents say ongoing security training will shape their cybersecurity spending over the next year. That signals a strong commitment to continuous learning — not just to keep pace with threats, but to embed cyber awareness across the organisation.

Almost half (54%) are investing in upskilling and reskilling their existing teams. It’s a pragmatic move. By building internal capability, organisations can respond faster, adapt more easily and reduce reliance on external recruitment in a competitive talent market.

Technology is also playing a bigger role. 41% of Irish organisations are adopting AI and machine learning to strengthen their cyber defence. These tools offer smarter threat detection and faster response, helping teams stay one step ahead of attackers.

At the same time, many are looking outward. 35% of Irish organisations plan to implement managed cybersecurity services in the next 12 months. It’s a strategic shift that reflects growing demand for specialist expertise, scalability and cost efficiency. Globally, managed services are being used to support AI (38%), threat management (28%), data protection (27%) and third-party risk (17%).

Irish organisations are taking a balanced approach, investing in people and technology while tapping into external support where it adds value.


Prioritisation to address cyber talent gaps over the next 12 months (Ireland)


Upskilling and reskilling
%
AI and machine learning tools
%
Security automation tools
%
Cybersecurity tool consolidation
%
Managed services
%

Proactive beats reactive, and the data backs it up

Cybersecurity is about readiness. It’s about building resilience before a crisis hits, not scrambling after one. In fact, according to the survey, 39% of respondents have indicated that a data breach has cost their organsiation over $500,000 in the last 3 years. That means investing in continuous threat monitoring, rigorous testing, risk assessments and comprehensive training. The survey shows that this investment is top of mind for senior executives, with 78% of respondents planning to increase their cyber budget in 2026, with 32% of Irish respondents stating that incident history of cyber breaches is influencing cyber priorities for the next 12 months. It also means planning ahead. European regulations like the Digital Operational Resilience Act (DORA) and the Network and Information Security Directive 2 (NIS 2) are making this shift mandatory, reinforcing the need for forward-thinking strategies that embed resilience into the core of the business.

Yet many organisations still lean heavily on reactive measures like incident response, remediation, recovery, litigation and fines. These are essential, but relying on them alone is costly and unsustainable.

Globally, 67% of organisations say their cybersecurity spend is roughly balanced between proactive and reactive measures. Only 24% report significantly favouring proactive investment — the sweet spot for long-term resilience. In Ireland, the gap is even wider. Just 8% of Irish organisations invest significantly more in proactive strategies, while 83% maintain a roughly even split. That’s well above the global average and suggests a more reactive-heavy approach that could drive up long-term costs, from recovery and rebuilds to reputational damage and regulatory penalties.

The opportunity is clear: shifting the balance towards proactive defence isn’t just smarter, it’s more sustainable. It’s how you stay ready, stay resilient and stay ahead.

Spending on reactive vs proactive measures

This horizontal bar chart displays organizational spending on reactive versus proactive cybersecurity measures. Reactive measures include response, customer care, remediation, recovery, litigation, and fines. Proactive measures cover monitoring, assessments, testing, controls, training, and governance. The distribution shows: 8% of organizations spend significantly more on proactive measures; 43% spend slightly more on proactive measures; 16% spend about the same on reactive and proactive measures; 24% spend slightly more on reactive measures; and 8% spend significantly more on reactive measures. Overall, 83% of organizations have a roughly equal spending ratio between the two. Additionally, 2% of respondents selected 'unsure'.

Key actions businesses can take today

Cyber threats aren’t slowing down, and neither should your response. Irish organisations are already making strategic moves to strengthen their cyber resilience. From investing in talent and technology to rethinking risk strategies, there are practical steps you can take now to stay ahead of disruption and build long-term security into your business.

Consider working with managed service providers to strengthen your defences in areas like third-party risk, threat management and data privacy. It’s a smart way to scale quickly, access specialist expertise and stay resilient.

Make cybersecurity training a core part of your strategy. Upskill and reskill your teams to close talent gaps, build adaptability and embed cyber awareness across your organisation.

Use AI-powered tools to detect threats faster and respond with precision. These technologies can help you stay ahead of sophisticated attacks and reduce the time to containment.

Review your current cyber strategy and increase investment where needed across both first-party and third-party risks. Prioritise proactive measures to avoid the higher costs of reacting after an incident.

We’re here to help

Cybersecurity isn’t just about protection; it’s about enabling progress. At PwC Ireland, we combine deep technical expertise with a clear understanding of your business priorities. Whether you’re planning strategic investments, navigating complex risks or accelerating digital transformation, our team is ready to support you. If you’re thinking about the next step in your cyber strategy, let’s talk so you can move forward with confidence.

Cybersecurity, Privacy and Forensics

Solving the biggest cybersecurity issues, together

Contact us

Leonard McAuliffe

Leonard McAuliffe

Partner, PwC Ireland (Republic of)

Email
Moira Cronin

Moira Cronin

Partner, PwC Ireland (Republic of)

Tel: +353 86 377 1587

Email
Pat Moran

Pat Moran

Partner, PwC Ireland (Republic of)

Email
John Fitzgerald

John Fitzgerald

Senior Manager, PwC Ireland (Republic of)

Email
Follow PwC Ireland

© 2024 - 2025 PwC. All rights reserved. PwC refers to the PwC network or one or more of its member firms or both, each of which is a separate legal entity. Please see pwc.com/structure for further details.