Increased cyber regulations
Regulators worldwide continue to bring cybersecurity into focus. The European Parliament, in particular, has prioritised cybersecurity and resilience, as evidenced by a wave of recent regulatory changes. EU-wide legislation such as the revised NIS Directive (NIS2) and the Digital Operational Resilience Act (DORA), along with the planned introduction of thematic cyber resilience stress testing for European banks by the ECB, demonstrates commitment at the regional level to mandate consistent cybersecurity standards across Europe. Regulatory compliance must therefore be a key focus area for Irish organisations.
With this increase in regulations, senior executives are expecting a significant rise in compliance costs and, in turn, are positioning regulatory compliance as a headline cost in their organisation’s cyber budgets for 2024. With 80% of senior executives planning to increase their cyber budget in 2024, according to the PwC Digital Trust Insights Survey, 50% of respondents in Ireland plan to prioritise compliance with regulations and directives in their cyber budget versus 31% of respondents globally. The stringent regulatory requirements being placed on European organisations may be a factor in businesses prioritising compliance as the EU aims to harmonise and enhance cybersecurity across the continent.
In the same vein, businesses in Ireland predict greater overheads in managing compliance compared to their peers globally. New regulation implies more business transformation activities and reporting requirements. 56% of Irish senior executives ranked the mandatory reporting of cyber risk management and compliance strategies, and the associated governance, among the top three regulatory principles that will affect future revenue growth for their organisation (global: 35%).