Reports
NCSC - NIS2 Directive Resources
Learn more
Over 68% of senior leaders do not have a board-approved AI-policy in place to oversee and guide staff on how to use artificial intelligence across their organisation, while over 41% of directors are not aware of their own personal liability for severe organisational non-compliance with new cybersecurity rules via NIS2 to be implemented imminently, a new survey by the Institute of Directors (IoD) Ireland has found.
The findings were revealed ahead of the IoD’s ‘Leading in Governance’ conference, which is taking place later today in the Aviva Stadium, and will feature addresses from Richard Browne, Director of the National Cyber Security Centre and Patricia Scanlon, Chair of Ireland’s AI Advisory Council. They will discuss the growing cyber security and digital disruption challenges, as well as opportunities and risks of AI, faced by businesses and organisations across Ireland.
The event’s over 400 delegates will also hear from experts covering other key governance issues, including responsible directorship, ESG and integrity in the boardroom.
Other key AI findings from the survey include over one third (36%) now citing artificial intelligence (AI) as a key tool for improving operational efficiency and driving business competitiveness, with 26% in the process of experimenting with the use of Generative AI. From a cyber security perspective, IoD members are most concerned about (28%) data leakage when it comes to AI.
With the National Cyber Security Centre estimating that NIS2 is to extend to over 3,000 Irish organisations with expanded cyber compliance requirements, nearly 84%* of Irish senior leaders do not fully understand these new EU rules, which are to be implemented by the Government as soon as possible, the survey found.
87% of directors also said they were concerned about the impact of a third-party supplier or member of its supply chain on the cyber security resilience of their organisation.
“In today's rapidly evolving digital landscape, the board plays a crucial role in governance by providing strategic oversight, ensuring accountability, and guiding the organisation's direction in alignment with regulatory obligations such as NIS2. The cyber resilience of an organisation is ultimately down to its staff, but also can be impacted by its supply chain and/or third-party suppliers. The mitigation of this through effective oversight in cyber security and AI policies and procedures is essential, with our research finding that nearly one in three members have experienced a cyber security attack within the last year.”
Spillane added:
‘It is the responsibility of all directors to ensure they have the necessary skills and knowledge to deal with risks to their organisation and ensure compliance with all necessary cyber security regulations. IoD will continue to support our members on these compliance needs through our online content and live workshops and events, as well as through our partnership with the NCSC and other key Government bodies.”
The topic of how directors and business leaders manage their tech governance from risk, such as cyber security to opportunity, like AI, will be discussed at the IoD Ireland ‘Leading in Governance Conference’ at the Aviva Stadium on 24th October to an audience of nearly 500 IoD members and stakeholders, comprised of directors and senior business leaders at C-suite level. Other topics which will be included are Integrity in the Boardroom, with Sarah Keane, President of Olympic Federation of Ireland on the panel; and Responsible Directorship and ESG with Dr Tony Holohan as one of the panel members.