SoylentNews

Arthur T Knackerbracket [soylentnews.org] writes:

EDITORS: THIS HAS BEEN PRODUCED BY SOFTWARE UNDER DEVELOPMENT - THE CONTENT MAY REQUIRE EXTENSIVE EDITING

https://www.siliconrepublic.com/enterprise/day-to-day-cyber-incidents-driving-losses-smes-report-eir-microsoft-university-limerick [siliconrepublic.com]

The Hidden Cost of Cyber Risk report found that businesses are most impacted by everyday cyber disruption, rather than large-scale one-off breaches.

The Eir Business Hidden Cost of Cyber Risk report [website-files.com], which is supported by Microsoft, has found that on average cyberattacks are costing Irish small and medium-sized enterprises (SMEs) up to €3.4bn annually. 

However, the greatest impact is not from large-scale, one-off breaches, but frequent day-to-day cybersecurity-related disruptions that are driving losses for many Irish companies. 

Reportedly, SMEs lose more than 7.2m working days every year due to cyber incidents, with affected businesses experiencing multiple incidents annually. For individual firms, this equates to nearly three working weeks lost annually. 

Susan Brady, the managing director at Eir Business, said: “This report shows that cyber risk is not just about rare, large-scale attacks. 

"For most SMEs, it is the cumulative impact of everyday incidents, from phishing emails and ransomware attempts to service disruptions, that drives significant loss of time and productivity. These risks affect not just individual businesses, but supply chains, customers and the wider business ecosystem.”

The analysis – which was supported by an economic expert at Kemmy Business School of the University of Limerick – noted that while single events can have significant financial implications, research suggests that the cumulative effect of repeated disruption, downtime, lost productivity and operational interruption creates the greatest economic cost, amounting to approximately €50,000 per SME annually.

The report stated that the companies with more cyber preparedness tend to experience fewer incidents, lower overall losses and significantly less disruption. Moreover, the organisations with higher levels of preparedness can reduce annual downtime from more than 30 days to around five days, while structured data management significantly lowers the likelihood of experiencing an attack.

Commenting on the report, the Minister of State at the Department of Enterprise, Tourism and Employment Alan Dillon, TD said: “Small and medium-sized enterprises are central to the Irish economy and ensuring they are resilient in an increasingly digital environment is critical. 

“This research highlights the real and growing impact that cyber risk is having on businesses across the country, not just in financial terms, but in disrupted operations and lost productivity. However, with the right support, guidance and focus on practical measures, businesses can strengthen their resilience and reduce their exposure.”

Dr Mauricio Perez-Alaniz, an assistant professor in the Department of Economics at the Kemmy Business School welcomed the attention to the issue.

He said: “While SMEs are increasingly being reminded about the potential productivity and sustainability gains that can arise from the adoption of digital technologies, the issue of cyber risk, and the associated costs of cyberattacks, require more attention.

“This report seeks to do just that. It provides an intuitive approach to quantify the costs of cyberattacks in terms of direct economic costs, and more importantly, potential costs associated with downtime. It is important to keep in mind that fully quantifying such costs is difficult. While the estimates presented by the report are necessarily high-level and resting on a set of assumptions, they offer important insights into the scale and nature of the issue.”

In early June, ESET published a similar report, the SMB Cyber Readiness Index 2026 [siliconrepublic.com], which also indicated that some organisations are neglecting to pay attention to everyday threats, amid a sharper focus on large-scale, one-off cyber incidents. The report found that businesses are risking harm and loss of profits by allowing threats perceived to be smaller to pass through.

Original Submission