Digital Transformation & Cyber Security
Why AI and regulation are key drivers of cybersecurity for 2025
Cybersecurity is no longer just the responsibility of IT professionals; it is an integral part of a business managing its risk strategy.
The consequences of a single cybersecurity incident, such as a data breach, ransomware attack or an operational disruption can have serious consequences for any business in Ireland, regardless of size. Business leaders must now acknowledge that cybersecurity is not merely a technical challenge — it is a core business imperative.
Power of AI for business, cybercriminals and cyber defenders Artificial intelligence (AI) is reshaping the way businesses operate, providing both extraordinary opportunities but also considerable cybersecurity and privacy risks. Companies integrating AI must recognise its vulnerabilities and ensure that security measures are built into their AI applications from the start. At the same time, cybercriminals are leveraging AI to launch more advanced attacks, including realistic phishing campaigns, deepfake scams and highly targeted intrusions. However, the cybersecurity industry is rapidly innovating, using AI to strengthen identity verification, detect threats and automate security responses.
thousands of companies in Ireland.
Meanwhile, the Cyber Resilience Act will soon introduce stringent security requirements for all digital products sold in the EU. These regulatory shifts demand immediate attention from business leaders, as non-compliance could result in substantial fines, reputational damage and even personal liability for company officers.
Cybersecurity guidance and supports
Keeping up with the rapid pace of cybersecurity threats and regulatory changes can seem overwhelming. However, Irish businesses are not alone in this battle.
The EU AI Act requires companies to manage the various risks posed by their use of AI.
The National Cyber Security Centre provides guidance tailored to small businesses, while certifications like ISO 27001 help regulated entities demonstrate compliance and resilience. To further support cybersecurity adoption, the Irish Government has introduced financial grants to support cybersecurity of exporting Irish businesses. Getting expert advice from cybersecurity companies, IT providers and legal specialists is critical. They can help companies navigate the cybersecurity risks and challenges in 2025.
Cybersecurity regulations will impact critical sectors
In 2025, regulation is set to become a defining force in cybersecurity across Europe. The EU AI Act requires companies to manage the various risks posed by their use of AI. The EU Digital Operational Resilience Act, which took effect in January 2025, extends beyond traditional financial institutions ensuring that their IT service providers meet rigorous security standards. The NIS2 Directive broadens cybersecurity compliance across 18 critical sectors, impacting
Strengthening cyber defences: The power of awareness and resilience against emerging threats
As AI accelerates cyber risks and attack methods evolve, organisations must go beyond compliance to build true cyber resilience. Security awareness training, adaptive learning, and a proactive mindset are key to staying ahead of threats.
Artificial intelligencepowered tools like chatbots and video generators dominate headlines, but AI has long played a role in cybersecurity, helping to outsmart hackers and prevent breaches. However, cybercriminals also exploit these advancements, adapting at a pace that ethical defenders struggle to match.
Adaptive learning ensures cyber resilience
Humans don’t evolve like technology does. Despite using advanced devices, they remain vulnerable to the same social engineering tactics — often worsened by new technology creating fresh attack opportunities.
In cybersecurity, resilience isn’t about static defences but fostering continuous learning. By adapting to threats and learning from attacks,
Proactive cybersecurity benefits all businesses and society Ultimately, prioritising cybersecurity is not just about protecting an individual company; it benefits the entire economy. When businesses invest in robust security measures, they help safeguard their customers, suppliers and partners, making Ireland a more resilient digital economy. The risks are real, but so are the opportunities for those who take cybersecurity seriously. Now is the time to act.
Resilience strengthens cybersecurity defences
individuals and organisations evolve to survive in the digital world.
AI accelerates cyber threats
We live in extraordinary times, with rapidly advancing AI transforming fields from research to medicine. However, these same tools empower cybercriminals, enabling scaled attacks with perfect grammar, tailored messaging and personalised deception, making threats more sophisticated than ever.
The real threat is still ahead. Small, specialised AI programs working together will enable attacks on an unimaginable scale. Just as AI agents can streamline mundane tasks, they can also automate cyberattacks, gathering intelligence, probing vulnerabilities and launching highly personalised assaults with no ethical or legal constraints.
Security awareness training has evolved from dull, repetitive modules to focused on knowledgesharing. The next phase is resilience, shifting from compliance to building lasting defences against threats. Awareness is recognising the threat; resilience is resisting it. In phishing, training alone can’t cover every scenario. Resilience blends training, instinct and knowledge of attacker behaviour, empowering employees to spot risks and avoid actions that could lead to breaches, even in fast-moving environments. The key is mastering the cybersecurity basics
Engage users without overwhelming them by personalising training, making it interesting rather than a chore. Assign a campaign owner to manage both systems and outcomes. Measure behaviour, not just completion. Cybersecurity learning should align with business goals and be consistent, relevant and concise. Avoid unnecessary content — keep it current and to the point.
At MetaCompliance, we support thousands of customers, many of whom have no existing solution in place, and leverage our expert teams to protect their employees and their businesses from cyber-attacks.
Eoin Byrne Cluster Manager, Cyber Ireland
Mark Hamill VP of Product, MetaCompliance
Sponsored by MetaCompliance
For any business, their website is their piece of real estate online — something they own and control.
Now and then: how 25 years transformed Ireland’s internet landscape
When the .ie domain registry was established 25 years ago, Ireland’s internet landscape was very different. David Curtin, CEO, considers how the online world has changed.
David Curtin CEO, .ie
WRITTEN BY Tony Greenway
What’s been the biggest challenge in developing Ireland’s internet ecosystem over the last 25 years?
As one of the many guardians, guides and stewards that have helped the internet in Ireland grow and develop, we would say the biggest challenge was the poor availability of broadband and the lack of commitment to helping with internet adoption — and all things internet-related — in the early days. It took mobile internet to come to the rescue and make internet access more available, affordable and usable for small businesses up and down the country. I don’t think history will be kind to the incumbent monopoly at that time. Thankfully, broadband is improving dramatically with the Government’s National Broadband Rollout Plan, which helps to close the urban-rural divide and fill in the black spots around the country.
Which initiatives have you undertaken to educate and support businesses and communities?
We’ve run programmes for small to medium enterprises (SMEs) that want to get online. One I’m particularly proud of was an annual competition called Optimise, where winners received 10 days of face-to-face time with a consultant to improve their online presence and grow their e-commerce sales. Over the last 5 years, around 60 business owners benefitted from that.
More recently, we’ve been running a programme, Digital Town, where we work with the Government to implement its rural digital strategy and empower local communities, governments and businesses to make better use of digital technology and meet their town’s goals.
Why do you think Irish consumers trust .ie domains?
How do you see competition from other domains evolving in the future?
It will intensify. In top-level domain terms, .com is still the dominating force with 140 million .coms around the world. Nevertheless, in terms of market share, we come out very well. In 2024, our market share of hosted domains in Ireland was 54.2%, compared to 29% for .com.
How has the internet landscape in Ireland changed, and where is it heading?
In terms of how people communicate and engage with each other, there’s no doubt that social media has become more prominent and useful than websites. However, where websites come into their own is by allowing businesses to tell their own story and get their message across in a world where fake news is spreading.
For any business, their website is their piece of real estate online — something they own and control. What do I see changing? Many indicators are looking poor, particularly with social media giants saying that they are no longer going to factcheck. That’s not a good trend.
Are there any developments or events that businesses and consumers should be aware of?
Sponsored by .ie
We know that 79% of Irish consumers prefer a .ie website when buying online. First and foremost, that’s because people who register domain names with us have to confirm their identity, which is a level of security that consumers appreciate. Secondly, we employ a monitoring agent to scan existing .ie websites and, if it discovers malware on them, it informs the hosting provider and owner of the domain name.
SMEs can be innocent victims of malware, so this acts as a protective shield for them. Lastly, we have a cost-effective way of dispute resolution that’s very suitable for small businesses.
Our efforts to improve cybersecurity will continue with messages about security hygiene and being careful about the type of links you click. Although controls are improving; education among consumers must increase; we need greater adoption of the tools available to help businesses deal with ransomware and email compromises.
Critical internet infrastructure providers will be asking users to take what might first appear to be unnecessary steps but are actually vital for their security. To thwart the activities of cyber criminals, there needs to be more cooperation between internet guardians, guides and stewards. The bad guys have organised. Now, the good guys must do the same.
Three simple steps for SMEs to ward off cyber-attacks
The threat of cybercrime is alarmingly real for small and medium-sized businesses. Yet, there are three easy things they can do to protect themselves from scammers and hackers.
If you’re a small business owner who doesn’t think cybersecurity is an issue that affects you, Mastercard Cybersecurity Executive Vice President Rigo Van den Broeck has some advice for you: it does.
SMEs vulnerable to cyber-attacks
WRITTEN BY Tony Greenway
Consider this: Mastercard’s 2025 SME Cybersecurity Landscape Report revealed that 46% of SMEs globally have experienced a cybersecurity attack. That’s a huge number, which demonstrates just how effective cybercriminals can be. Their malign attention can easily fall on you, so it could be time to fundamentally rethink your approach to cybersecurity.
“For example, if you’re a retailer, you should treat your online business in the way that you treat your physical premises,” advises Van den Broeck. “After business hours, you always lock up your shop and switch on
Small and mediumsized firms are the lifeblood of the economy.
the burglar alarm. So, why wouldn’t you invest in, say, antivirus capabilities or an assessment to show where the vulnerabilities may be lurking across your technical infrastructure? That’s where the cybercriminals and fraudsters will be looking. If they find vulnerabilities, they’ll use them to infiltrate your system and either compromise or exfiltrate data.”
Protecting SMEs from cyber-attack consequences
Of course, it can be easier for larger organisations to focus on cybersecurity as they’re likely to have more financial clout and personnel. SMEs, however, may not. Yet, the impact of an attack can be existential to organisations of any size. It can affect their sales and their bottom lines. It can also tarnish their reputations, resulting in significant and perhaps irreversible brand damage.
That’s why Van den Broeck advocates that all SMEs — whatever the nature of their business — take three important security steps. These are possible, he insists, even at a time when budgets are tight. “Small and medium-sized firms are the lifeblood of the economy,” he says. “We’re keenly aware of our responsibility towards SMEs. Our products — such as contactless payments — enable digital commerce, so it’s our duty to help secure it.” According to Mastercard research, nearly one in five SMEs globally that experienced an attack then filed for bankruptcy (18%) or closed the business (17%) — the threat can be existential.
Easy steps to improving your cybersecurity
First, Van den Broeck suggests they visit the Mastercard Trust Centre, which provides easy online access to free education research, resources, tools and learning content which has been specifically designed to help protect SMEs from cybercrime. This is relevant if you’re just setting up in business — or if you’re an established SME owner who wants to take your security know-how to a higher level.
After all, knowledge is power; it must be made affordable, accessible and understandable for small business owners and their staff. “For instance, our resources include information about the real-life tactics that cybercriminals and fraudsters use,” notes Van den Broeck. “We’re not trying to scare people. We want to empower them to make qualified decisions about the type of requests they respond to and the sort of links they click on.”
Why consistent monitoring for vulnerabilities is key Second, Mastercard has developed a suite of products and solutions to help small and medium-sized businesses detect and monitor cyber risk across their digital ecosystems, make easy fixes and practice good IT hygiene. Van den Broeck says: “They’ll also show them how best to use these products and offer them IT support, knowledge and awareness.” In Ireland, Mastercard also partners with Technology Ireland ICT Skillnet to provide free access to the Global Cyber Alliance’s cybersecurity toolkit for small businesses.
The final step concerns consistency. “Cybersecurity can’t be a ‘one-off’ because, as technology evolves, so do the capabilities of the cybercriminal,” explains Van den Broeck. “Your business may be safe today but insecure tomorrow because, without consistent monitoring, your technical estate will always be prone to vulnerabilities.”
The cybersecurity landscape has changed for everyone, and busy SMEs are easily diverted and extra vulnerable. “Cyber risk is now a business risk,” says Van den Broeck. “Cybersecurity tools and solutions should be central to any organisation, whether they’re small, medium or multinational.”
Rigo Van den Broeck
How big businesses can stay cyber-secure in our increasingly digital age
Cybercriminals are taking advantage of the digital economy to exploit weaknesses in IT systems. The threat is real, so organisations must take steps to protect themselves.
The digital economy has revolutionised the way we do business. It’s allowed companies to reduce their costs, become more efficient, expand their market reach and make life more convenient for their customers with innovations such as contactless technology and banking apps.
Cyberattack risks can affect all sectors Unfortunately, the digital economy has also been a boon for cybercriminals and fraudsters that are always ready to exploit holes in a company’s IT security.
The annual cost of cybercrime worldwide is projected to hit $14 trillion by 2028. “If businesses are driven by a ferocious desire to get online and digitise their services, unprotected connections can create vulnerabilities that cybercriminals will use to their advantage,” says Steve Brown, Vice President, Mastercard Cybersecurity. “The increase in Internet of Things (IoT) — which connects all manner of devices and machines online — has only provided them with more attack surfaces and entry points.”
While the digital landscape is constantly changing, one thing remains the same: the effects of cybercrime are devastating. “It can take a business offline so that it suffers financial loss,” explains Brown. “Ransomware attacks can cripple systems and leave companies open to blackmail. If it happens to the healthcare sector, it can disrupt people’s care. In the financial sector, it can lead to the theft of account data that can be used to perpetrate fraud.”
Cybersecurity trends and the benefits of collaboration In Ireland, business systems were
the primary focus of attention for cybercriminals, with malware and ransomware attacks being most prevalent, followed by email, phishing and reconnaissance (or data gathering) attacks.
What’s needed, says Brown, is a joined-up approach with private companies and public sector bodies working together to protect businesses from the scourge of cybercrime. “With this in mind, Mastercard launched its European Cyber Resilience Centre in Belgium last year,” he says.
“This is a collaborative space where cybersecurity professionals in the public and private sectors can come together, share best practice, share intelligence and be more proactive in this fight. Cybercriminals and fraudsters are working together and learning from each other, so we have to do the same.”
Improving knowledge and strengthening security standards
Traditionally, Mastercard’s business customers were mainly based in the financial sector; but over the years, the company has diversified and now provides products, services and thought leadership to retailers, manufacturers and others. Whatever business you are in, though, and whatever size you are, Brown warns that you shouldn’t ignore the security of your supply chains. That’s because criminals often recognise vendors, suppliers and other partners as weak points that can be exploited to gain access to the wider system.
Also, large entities shouldn’t think their size is a guarantee of strength.
“That can prove costly,” says Brown. “To counter this, we take an ‘assess’, ‘protect’ and ‘organise’ approach to
cybersecurity with our solutions and services.”
Understand business vulnerabilities and stay ahead
Assess is about using new and emerging technology, such as AI, to help Mastercard business customers gain greater risk visibility, both internally and within their supply chains, to understand where any vulnerabilities may be. Then, services such as unique real-time threat intelligence and multi-layered cloud-based defence technology can be deployed. One of Mastercard’s AI-powered solutions, SafetyNet, has prevented $50 billion in fraud losses over the last three years.
Finally, what Brown calls ‘the collective’ (ie. organisations, businesses, governments and individuals) must organise to continually improve cybersecurity knowledge and strengthen cybersecurity standards. “Apart from our European Cyber Resilience Centre, we work with NGOs such as the Cyber Readiness Institute and Aspen International, plus government policymakers and others, to be a positive voice within the community,” he says.
Ultimately, they understand the security pain points customer face to stay ahead of cybercriminals. “But it is a race,” Brown admits. “Because the advanced persistent threat (APT) groups that work for nation states are operating 24/7, 365 days of the year. It’s why the work we do to protect people and businesses is so relentless.”
Steve Brown Vice President, European lead for Cybersecurity and resilience services, Mastercard
WRITTEN BY Tony Greenway
Dublin event leads Europe in exploring AI innovation and digital strategy
Join Europe’s leading tech event, exploring AI, digital transformation and innovation. Meet global leaders aiming to shape the future.
Ireland is at the heart of digital transformation. With the European Commission ranking Ireland as a leader in digital public services and the country’s AI sector projected to contribute over €48 billion to the economy by 2030, digital transformation is an economic and strategic imperative.
Tech gathering fosters reinvention
At the forefront of this transformation is Dublin Tech Summit (DTS), one of Europe’s most influential tech gatherings. An annual global event for technology leaders, promoting collaboration and innovation across industries. Speakers will explore the evolution of digital transformation, AI-driven decision-making and how large and small enterprises can thrive in an era of constant reinvention.
Businesses are under pressure to adapt, whether through automation, AI or cloud computing. The days of treating digital transformation as a long-term strategy are over; it’s now a prerequisite for survival.
Lineup of influential speakers
DTS 2025 will welcome an extraordinary lineup of speakers, each redefining the future of their respective industries.
Stewart Copeland, legendary drummer of The Police and an accomplished composer, will bring a unique perspective on reinvention and creativity in the digital age. OpenAI’s CFO, Sarah Friar, will offer key insights into AI’s role in reshaping enterprise strategies. Grace Beverley, a trailblazing digital entrepreneur, will explore how brands can harness technology for scalable growth and deeper audience engagement.
Event for global tech giants
DTS takes place within the inaugural Dublin Tech Week, a week-long celebration of tech and innovation, from 23–30 May 2025, which will turn Dublin into a playground for the future. Supported by Dublin City Council, Smart Dublin, LEO, universities, tech companies and tech groups, Dublin Tech Week will encompass a range of events and activities across the city for you to take part in (see dublintechweek. com).
Ireland has long been a powerhouse for global tech giants, but its real strength lies in its ability to evolve. Ireland is not just keeping pace with the digital era; it’s setting the agenda for the future.
Cloud infrastructure: key to unlocking Ireland’s offshore wind potential
Discover how cloud infrastructure can unlock Ireland’s offshore wind potential and help to grow a decarbonised economy.
Ireland has an abundance of natural wind resources and ambitious targets for offshore wind (OSW). It is also a global leader in digital infrastructure. Ireland has an outstanding opportunity to capitalise on the synergies between these two sectors and deliver on its climate, economic and social goals.
Ireland’s offshore wind targets
As part of its decarbonisation commitments, Ireland has set targets to increase offshore wind capacity from just a single 25 MW demonstration project to 5GW by 2030. This is enough to generate more electricity than the whole of Ireland’s current wind and solar capacity, with a further quadrupling to 20 GW OSW targeted by 2040. Ireland also has an ambitious digitalisation strategy to bring benefits across the economy, society and public services. Cloud infrastructure is a key enabler of this digitalisation and could also be a key enabler of OSW.
Tech sector’s role in offshore wind
The tech sector is expected to be key to supporting the delivery of new OSW projects in Irish waters. Large tech companies are uniquely positioned to sign corporate power purchase agreements (CPPAs) that can help ensure such projects get built. These CPPAs — long-term contracts that allow companies to buy the electricity that will be generated from renewable energy projects — will help de-risk the investment underpinning new OSW projects and provide the revenue certainty that their developers require. Tech companies are already world leaders in supporting renewable energy in this way.
Importance of data centres
Michael McCarthy, Director of CII, says: “The role that data centres are poised to play in enabling Ireland’s OSW ambitions has, until now, been little understood. The reality is that there is little point in producing huge amounts of OSW in Ireland unless there is a robust market in place to consume it. Data centres are the ideal such market, given their demand profile and the decarbonisation they, in turn, enable across society.”
The decarbonisation of Ireland’s energy system and the digitalisation of the economy are vital to enhance Ireland’s competitiveness and its capacity to attract more foreign direct investment. That is why the development of offshore wind and the strengthening of Ireland’s cloud infrastructure is so important.
What AI will look like in 2025 with autonomous intelligence
In 2025, artificial intelligence (AI) is shifting rapidly from basic tools to advanced autonomous systems.
Leading the autonomous evolution are AI agents — systems that can reason, plan and execute complex tasks independently. According to Gartner’s forecast, by 2028, these agents will handle 15% of day-to-day organisational decisions autonomously. This transition presents vast opportunities alongside challenges.
Importance of robust cybersecurity
While C-suite executives in Ireland anticipate returns on their AI investments, many organisations still struggle to define success metrics. The key is to move beyond generic applications and develop distinctive solutions that deliver measurable value — all while ensuring robust cybersecurity to protect critical data and systems.
The technological foundations behind this transformation are compelling. Innovations in inference time computation now enable AI models to ‘think’ before responding, dramatically enhancing reasoning capabilities without constant retraining. We are witnessing a divergence in model sizes: some systems are expanding towards an astonishing 50 trillion parameters. Others are being refined and miniaturised for efficient use on personal devices. This demands a parallel evolution in cybersecurity, as more sophisticated systems open new avenues for vulnerabilities.
Customer service emerges as prime testing ground
Modern AI systems now tackle complex problem-solving beyond simple ticket routing, supported by what some describe as ‘near infinite memory.’ This ability to maintain detailed customer histories facilitates personalised service at scale — a development that holds particular promise for Irish businesses seeking a competitive edge.
Use cases and requirements for autonomous AI As founder of AI Ireland, I have observed that the most exciting applications are emerging in healthcare, employee experience and customer service. In healthcare, AI combined with human expertise enhances medical diagnostics, detecting diseases more accurately and supporting clinical decisionmaking to improve patient care.
Organisations must also craft distinctive AI ‘personalities’ that resonate with their brand while addressing employee concerns about automation. Success will depend on meticulous attention to user experience, seamless workflow integration and proactive cybersecurity measures.
As robots with generalist capabilities powered by embedded large language models become more common, decision-making transparency and accountability remain top priorities. I firmly believe the future is co-intelligence, and AI literacy has become the most essential skill for long-term success.
Siobhan Human Head of Programming and Marketing, Dublin Tech Summit
Mark Kelly Founder, AI Ireland
Michael McCarthy Director Cloud Infrastructure Ireland, Ibec