Irish organisations are unprepared for cyber attacks, according to EY's annual Global Information Security report.
The report reveals that half of Irish organisations have no real-time insight on cyber risks, lacking the agility, budget and skills to combat rising cybercrime.
It also says 47% of Irish organisations believe it unlikely they would detect a sophisticated cyber attack.
Organisations need to maintain a constant state of readiness to respond to cyber attacks and anticipate where new threats may arise, the authors of the report state.
The survey - "Get Ahead of Cybercrime" - surveyed 1,825 organisations in 60 countries, including Ireland.
82% of Irish companies surveyed said that their security spending will increase somewhat over the next 12 months.
But EY said that "worryingly" half of respondents said that budgets remained the biggest obstacle to their cyber security programme.
The survey also reveals that 71% of Irish companies regard their main internal weakness as carelessness or unaware employees.
It said the two top external threats cited by companies were cyber attacks aimed at stealing financial information and malware threats.
Hugh O'Callaghan EY's financial services advisory director said that organisations now acknowledge that outright prevention of sophisticated cyber attacks is unrealistic and that only half of respondents are confident of detecting attacks.
"Enhancing the monitoring required to detect attacks and enable rapid responses will require significant investment in a security operations centre capability, which is not widely reflected in short term budget expectations. This means that vulnerability to cyber attacks will continue and security functions will struggle in fully meeting the needs of the business," Mr O'Callaghan added.