Over 40% of SMEs are unprepared for a cyberattack despite nearly a quarter of Irish businesses having experienced an attack in the last 18 months according to research gathered by accountancy body ACCA and professional services firm Grant Thornton Ireland.

The survey also signaled a lack of cybersecurity policy for remote workers with 41% of SMEs stating that they did not have a policy in place with 42% not providing any cybersecurity training for employees.

Whilst the findings highlighted an unpreparedness amongst SMEs for a cyber-attack, the research did indicate an increased awareness amongst small businesses on the importance of cybersecurity with 71% stating they had undertaken a cyber security risk assessment for their business.

Caitriona Allis, Head of ACCA Ireland said, "As businesses become increasingly more digital, the likelihood of a cyber-attack is heightened and, in particular SMEs, need to develop an appropriate cybersecurity policy with plans in place to mitigate an attack and its potential impact."

She said small businesses are particularly vulnerable due to their lack of resources and as the research has highlighted a significant portion of Irish SMEs have already been targeted.

"With the Government is set to introduce the right to request to work remotely in this term, a hybrid model is here to stay. With this will come additional cybersecurity risks for SMEs as employees work from home networks and there will be a requirement to take action."

Ms Allis urged all SMEs to review their ways of digital working and to implement crisis management plans that will help to mitigate against a cyber-attack, and protect their business and their staff.

Mike Harris, Partner, Grant Thornton Ireland said cyber-attacks against small businesses are becoming increasingly prevalent and the firm is working with clients across a range of sectors to ensure that they are fully prepared to deal with an attack.

"Criminals are becoming increasingly innovative, and it is crucial that policies are updated, and staff are consistently informed of the risks to mitigate a growing threat to businesses."