Datapac survey finds three-quarters of Irish businesses will struggle to meet NIS2 requirements

Datapac, trusted IT partner for leading Irish organisations, has announced the results of a survey which found that the NIS2 Directive on cybersecurity, set to take effect in 2025, has raised significant concerns among Irish businesses regarding their ability to comply. The survey revealed that 76% of IT decision-makers believe Irish organisations will struggle to meet all NIS2 requirements, and an overwhelming majority (99%) call for more financial support from the Government to achieve compliance.

The independent survey, commissioned by Datapac and carried out by Censuswide, gathered insights from 200 IT decision-makers across various industries in the Republic of Ireland and underscores the importance of cybersecurity readiness and preparedness for an evolving regulatory landscape.

The research suggests a broader disconnect in how cybersecurity is prioritised within organisations, with a third (33%) of IT decision-makers reporting that senior management only considers governance a priority when mandated by regulations.

Meanwhile, the survey found that cybersecurity remains a critical concern for IT decision-makers in Ireland in 2025. The top concern among Irish businesses is organised cybercrime (34%), which is closely followed by phishing and social engineering (33%). A further 27% of IT decision-makers believe that the Dark Web poses one of the biggest threats to their business.

The survey also revealed that 86% of organisations experienced a cybersecurity incident in the past 12 months, with 76% of these incidents escalating to a data breach. When it comes to managing cyber threats, businesses are aware of their limitations, with 65% believing they lack adequate internal skills and resources to handle rising cybercrime risks.

This concern is reflected in investment trends, with the same number (65%) increasing their cybersecurity spending in the past year. These factors are pushing organisations to enhance their security measures to protect against potential data breaches and compliance risks.

The findings also highlight the role that external support plays when it comes to regulatory compliance for businesses. Organisations are increasingly turning to Managed Detection and Response (MDR) services, with 64% of IT decision-makers surveyed recommending MDR solutions as an effective strategy to address both compliance and security risks.

Damien Mallon, Senior Systems Engineer, Datapac, said: “Our survey shows that organisations in Ireland are facing increasingly sophisticated cyber threats, and pressure to keep pace with evolving regulatory demands such as NIS2. There is a clear disconnect between IT leaders and senior management when it comes to cybersecurity, and many organisations likely to be impacted by NIS2 may find themselves on the back foot if cybersecurity governance is not made a company-wide priority.

“In an era of ever-intensifying cyber threats, readiness is key, and businesses must assess their current cybersecurity strategies to ensure that they meet evolving needs. We see the importance of pairing robust internal processes and governance with external expertise, which can help organisations to strengthen their defences, achieve compliance, and thrive in an ever-changing digital landscape.”

See more stories here.