Irish businesses now face a new breed of cyber attack – one so swift and sophisticated that entire operations can be crippled before anyone notices.
Attackers leverage AI to automate deepfakes, breach systems and shorten the time between intrusion and exploitation. These threats are so effective that in a matter of hours, not only can primary systems be disabled, but also the back-ups and databases that were supposed to keep the business running.
According to Accenture’s latest research, 90pc of organisations lack the maturity to defend against these threats and most have seen attacks surge in the past year.
The 2025 National Cyber Risk Assessment report, from Ireland’s National Cyber Security Centre, notes the emergence of AI and how it increases the opportunities for “malicious threat actors of all capabilities to launch at scale, disruptive and destructive attacks”.
As we look ahead, regulatory bodies are expected to introduce new standards for AI transparency and security, requiring organisations to stay vigilant and compliant.
Agentic AI, which refers to artificial intelligence systems that can independently plan, decide and act, is rapidly becoming an indispensable partner for organisations, automating core business tasks and transforming customer interactions. But this technology also poses risks.
Agentic AI is rapidly becoming an indispensable partner for organisations. Stock image: Getty
When used by threat actors, agents can make it easier for less sophisticated attackers to strengthen their attempts to disrupt and target things like critical infrastructure. The technology is powering methods like phishing, identity fraud and malware, bypassing standard controls and using generative AI tools to extract sensitive data and spread spam.
Cyber-threat teams are now seeing generative AI create real, scalable cyber risks including AI?enabled worms, a form of self?spreading malicious software that can automatically move from system to system without human involvement. These worms can manipulate generative AI models into producing harmful prompts, extracting sensitive information from emails, or even sending spam through compromised AI assistants.
Cyber criminals know that recovery tools can thwart their attack, which is why they make it a priority to take them out. When your ability to execute a well?rehearsed business continuity strategy is disrupted, your organisation’s resilience depends on the strength of its governance, preparation and people.
As these threats evolve, organisations need not only robust AI governance frameworks but also comprehensive education at multiple levels. This includes upskilling cyber security teams to understand and manage AI?driven risks but also broadening cyber awareness across the wider workforce and placing a renewed focus on senior leaders.
Leadership teams must understand both the nature of emerging AI?enabled threats and their own governance and compliance obligations. Strengthening capability across the entire organisation, from specialist teams to the C?suite, is now essential.
This lifeboat is ready to launch immediately and contains only the critical functions needed to keep the business running
To survive, businesses must move beyond reactive cyber defences and adopt proactive strategies. The most effective approach is to create a “digital lifeboat” or a secure, isolated environment that can keep essential operations afloat when everything else goes down.
Unlike standard back-ups, this lifeboat is ready to launch immediately and contains only the critical functions needed to keep the business running.
Building a digital lifeboat starts with identifying the minimum viable business – those critical activities and systems that must be restored first. This requires regular audits and simulations to ensure the right priorities are set, as the most vital systems may not be what leadership expects.
Building a digital lifeboat isn’t just a technical exercise, it requires strong governance. Cyber resilience has always been an enterprise?wide risk rather than a standalone security project. That’s even clearer when deciding what goes into the lifeboat — the essential processes, systems and data needed to keep a minimum viable version of the business running after an attack.
Today, it’s not enough to say you can recover from a catastrophic attack. Regulators expect you to demonstrate it. Traditional paper-based testing falls short. A lifeboat approach lets organisations practise recovery, boost resilience and give teams – and customers – confidence in knowing they can withstand the worst.
Cyber security is entering a new era of complexity in 2026, one that requires a failsafe alternative to traditional back-up plans and business continuity strategies. It’s not just time to think outside the box – you have to think outside your organisation and consider what your lifeboat should look like.
Survival depends on more than hope; it demands preparation. Build your digital lifeboat now, before the storm hits.
Donal Óg McCarthy is Cybersecurity Lead for Accenture in Ireland
source