PwC’s Will O’Brien talks to SiliconRepublic.com about how Irish businesses can prepare for a heightened threat landscape during the EU Presidency.
PwC has warned businesses in Ireland to improve their cybersecurity defences ahead of Ireland assuming the EU Presidency from the start of next month.
The professional services company said that cyberthreats are expected to escalate once Ireland assumes the Presidency, during which Ireland will host EU government leaders, heads of state and the European political community for a period of six months (from 1 July to 31 December).
“This positions Ireland as the temporary routing hub for sensitive EU political, economic, sanctions and foreign-policy material, and a priority target for state-aligned threat actors, hacktivists and organised cyber criminals,” said Will O’Brien, director of PwC Ireland’s cybersecurity practice.
The heightened cyber risks of the Presidency were also recently highlighted by Ireland’s National Cyber Security Centre (NCSC).
O’Brien advised Irish businesses work on their cyber defences by prioritising two things: preparedness and resilience.
“Organisations that are resilient, and have completed appropriate cyber risk assessments, will be far better placed to defend against attackers.”
He added that AI is a “decisive factor” – not just for threat actors, but for cybersecurity teams as well.
“Threat actors now treat AI as a core platform, automating reconnaissance, crafting convincing phishing lures, accelerating malware development and scaling social engineering. The gap between an AI capability’s public release and its weaponisation is shrinking sharply, with autonomous AI agents a primary concern,” explained O’Brien.
“The encouraging counterpoint: AI is also defenders’ single greatest opportunity to match that pace, enabling faster detection, automated containment and intelligence-led decision-making.”
Will O’Brien. Image: Gerard McCarthy
With the Presidency fast-approaching, O’Brien listed a number of recommendations for Irish businesses consider – including treating the six-month Presidency window as a “high-threat period”, particularly in how businesses score and prioritise cyber risk.
“Rehearse your crisis response. Run scenario exercises tied to major Presidency events, using ENISA’s Cybersecurity Exercise Methodology,” he said.
“Fix known software vulnerabilities faster. Subscribe to NCSC Alerts & Advisories and follow its Cyber Vitals Checklist throughout the period.”
O’Brien recommended that businesses “pressure test” their IT and OT suppliers, checking they meet NIS2 standards and ensuring that remote-access systems (VPNs) require multi-factor authentication.
He also advised that businesses adopt a zero-trust approach for data and devices; train staff for “AI-driven deception” such as deepfakes and phishing emails; and pre-plan for disinformation – “work with communications now so that any incident has a ready to go public response”.
Lastly, he encouraged businesses to engage with the NCSC early to confirm the organisation’s place in national incident coordination arrangements.
‘Act now’
The heightened cyber risks of hosting the EU Presidency are an expected concern in the backdrop of broader geopolitical tension.
The current Cypriot Presidency experienced its share of cyberthreats, with the country previously reporting a rise in cyberattack frequency during the Presidency window.
And if a significant cyberattack or breach were to successfully occur during Ireland’s EU Presidency, what would that look like?
O’Brien said the fallout would be “significant on multiple fronts”.
“As Ireland is considered one of Europe’s largest data hosting clusters, and home to several transatlantic subsea cable landing points, we sit at a position where disruption carries continent-wide consequences – the impact would not be confined to our borders,” he explained.
“The NCSC has noted that incidents during a Presidency are primarily designed to inflict reputational and political damage on the host State and the EU. A serious breach would therefore carry economic cost and business disruption, alongside potential reputational damage for Ireland on the European stage.
“This is why businesses must be on heightened alert and act now.”
Don’t miss out on the knowledge you need to succeed. Sign up for the Daily Brief, Silicon Republic’s digest of need-to-know sci-tech news.
You must be logged in to post a comment Login