Irish firms are cutting back on cybersecurity spending despite growing risks

Cutting cybersecurity budgets is a ‘very risky strategy’, says Saros Consulting co-founder.

Irish businesses show a mixed approach to security, with only one in five IT leaders surveyed admitting to increasing their cybersecurity budget, and one in four reducing spending by 2026.

This, as cybersecurity threats have grown exponentially in recent years, and bad actors are increasingly using AI tools to strengthen their approach.

This information comes from a new Saros Consulting report by Censuswide, which surveyed 200 IT decision makers in Irish organizations with over 250 employees.

According to the survey, increased investment in cyber security is allowing leaders to explore new ways to strengthen their defenses, and 30 percent of those surveyed are willing to pay for experts who can uncover vulnerabilities.

This is already happening in practice, with around 27pc admitting to having done this.

Despite this, only 50pc are confident they can spot attackers before any damage is done, while only 51pc say they have an incident response plan. Also, only 54pc of those surveyed said they tested their incident response system once or more per year.

Lack of an effective response system often leads to significant financial and reputational damage to businesses at the hands of bad actors, with a separate 2025 survey reporting that almost a third of large businesses in Ireland have paid at least one ransom to cybercriminals during the year.

The average out-of-pocket costs Irish businesses have spent on cyber security is around €700,000.

Meanwhile, businesses need to keep up with the constant changes in the cybersecurity landscape by consolidating their infrastructure.

In a recent interview with SiliconRepublic.com, the National Cyber ​​​​Security Center’s director of security Joseph Stephens shared his concerns about the impact advanced AI models like Anthropic’s Mythos could have on small businesses in the country.

Censuswide, in its new report, finds that 55 percent of IT leaders surveyed say their legacy systems increase their organization’s cybersecurity risk. To address this, large businesses in Ireland are devoting 28pc of their IT budget to mandatory system upgrades.

Although, 30pc of their budget is dedicated to maintaining programs that leaders know need to be changed.

“Cutting cybersecurity budgets at a time of increasing risk severity is a high-risk strategy for large enterprises,” said Ray Armstrong, founder and CEO of Saros Consulting.

“Cybersecurity supports all aspects of a modern IT strategy, from digital transformation to regulatory compliance. Organizations that prioritize it risk not only exposing their systems, but also their customers, their reputation and their long-term sustainability.”

Justin van der Spuy, also co-founder and CEO of Saros Consulting, added: “There is a clear disconnect between the level of today’s cyber threats and the decision of large organizations to reduce investment in this area.

“What is needed now is strategic clarity and a long-term approach to resilience. Businesses must ensure they are supported by experienced partners who can help them deal with emerging threats and increasing regulatory complexity.”

Don’t miss out on the information you need to succeed. Sign up for Daily BriefSilicon Republic’s digest of must-know sci-tech news.