More than 80% of firms have enhanced their cybersecurity over the past six months - according to the latest Cyber Leaders Index from EY Ireland.
Despite that, the majority of cyber managers say they are struggling to get funding for cyber awareness training.
Meanwhile more than 40% say they are being short-changed in the areas of hiring and retention.
Puneet Kukreja, cyber leader at EY Ireland said this highlights an ongoing disconnect between company bosses and their cybersecurity team - and there needs to be a recognition that the area is now critical to the success of the entire business.
"If you just look in the news, M&S, JLR - there's some household names that have had a breach and that have been impacted," said Puneet Kukreja, cyber leader at EY Ireland. "Cyber is now not something that happens in the backroom, it's a board room issue, it impacts you, it impacts me - it impacts Ireland as a whole."
The survey also shows the indirect impact that the underfunding of cyber functions is having - with staff feeling stress and pressure due to their workload.
"37% of our cyber leaders are now anxious, 27% have a heightened anxiety that they cannot perform their jobs just because of the volume and velocity of the attacks," said Mr Kukreja. "Hiring is an issue... but retention is a bigger issue."
In order to better address that, he said companies need to recognise the growing complexity of the area - and be willing to outsource functions in order to better cover gaps in expertise.
We need your consent to load this rte-player contentWe use rte-player to manage extra content that can set cookies on your device and collect data about your activity. Please review their details and accept them to load the content.Manage Preferences
"Cyber has evolved from patching and passwords - that will not protect organisations and companies," he said. "We really need to look at cyber as an end to end ecosystem that needs protection from policies, regulation, patching, technology systems.
"The complexity has grown so much over the past decade and a half that no one organisation can have all of the skills, retain the skills, train the skills and then respond to an incident that happens - it just doesn't happen."
The survey also shows that almost half of respondents see AI and data security as a key focal point in the coming months.
Mr Kukreja said this shows just how many people are still not fully aware of the changed landscape as a result of AI.
"AI is a double-edged sword - it can be used for good and it can be used by hackers to advance attacks," he said, citing the growing use of voice phishing and deep fakes in order to access information and systems. "We've picked up on 44% who actually see [the threat] - I'm more worried about the 56% who haven't even thought about it."
