Europe’s approach to cyber security is changing rapidly. With the Digital Operational Resilience Act (DORA) in effect and the Cyber Resilience Act (CRA) on the way for 2027, businesses in the UK need to boost their cyber defences quickly to tackle increasing threats.
Ireland is emerging as a key player in this evolving landscape. It boasts a solid cyber security framework, access to top talent, and a strategic location within the EU. For UK businesses looking to secure their operations, Ireland has become an attractive option.
The scale of change is substantial. When Ireland incorporated the Network and Information Systems Directive (NIS2) into its laws in October 2024, the number of regulated entities jumped from 70 to around 4,000. Across Europe, about 180,000 entities will fall under NIS2’s purview, impacting entire supply chains and various sectors.
Looking forward, DORA and the CRA will shape the next wave of regulatory shifts. DORA sets higher operational resilience standards for financial institutions, while CRA will extend its rules across the tech industry. All digital products sold in the EU need to be secure against cyber attacks and come with lifecycle support, similar to the European Conformity (CE) mark for physical goods. This means that software developers and tech hardware firms must achieve cyber security certification before taking their products to market. This regulation will likely drive demand for cyber security services, creating around €10 billion (£8.3 billion) in market growth annually as businesses prioritize digital resilience across Europe.
The urgency to act is palpable. Cyber attacks are now a certainty. In 2024 alone, half of UK businesses faced some sort of attack, and those handling sensitive data are particularly at risk. The rise of generative AI has elevated the sophistication of these threats, making them harder to trace. The fallout from a breach isn’t just about immediate financial damage—it’s also about long-term harm to reputation and customer trust, which can be even tougher to repair.
Meanwhile, the demand for skilled professionals in cyber security is on the rise, but many organizations are struggling to find talent. A staggering 49% of public sector organizations report a shortage, a jump from the previous year. In contrast, Ireland is cultivating a robust workforce, aided by institutions like Munster Technological University. Programs like CyberSkills are designed to tackle specific industry needs, reflecting the effectiveness of partnerships between academic institutions and businesses. Companies like Mastercard are successfully utilizing these initiatives to enhance their teams’ expertise.
Ireland aims to grow its cyber security workforce from 6,700 in 2022 to 17,000 by 2030, which could contribute an impressive €2.5 billion to the economy. This growth will be powered by both multinational corporations and a diverse network of over sixty innovative startups.
While new EU regulations may feel daunting, they offer strategic benefits. They can attract US companies eager to partner with European firms that comply with high standards in areas like cyber security and AI. With Ireland’s political stability and strong government support, it serves as an ideal launchpad for expanding operations in Europe.
UK businesses have a vital opportunity to enhance their cyber security and support future growth. As regulations tighten and threats become more complicated, Ireland stands out as a key ally. By leveraging Ireland’s solid infrastructure and skilled workforce while being part of the EU, UK companies can strengthen their cyber defences and gain a competitive advantage globally. It’s time for action—investing in Ireland’s resources and expertise will not just protect interests but also help set the benchmark for responsible cyber practices in today’s digital world.
Anne-Marie Tierney-Le Roux serves as senior vice president of enterprise technology at IDA Ireland.