Fri, 07 Nov, 2025 - 12:27

Cyberattack impact on employees may be as serious as technical fallout

Companies hit with cyber attacks in the last year are experiencing increased employee burnout and sick days, and a spike in toxic work culture after the attack, according to insurance company Hiscox.
Cyberattack impact on employees may be as serious as technical fallout

Ottoline Spearman

The impact of cyberattacks on employees could be as serious as the technical fallout, new research shows.

Companies hit with cyber attacks in the last year are experiencing increased employee burnout and sick days, and a spike in toxic work culture after the attack, according to insurance company Hiscox.

The company surveyed 500 Irish businesses and found that 40 per cent had suffered a cyber attack in the past 12 months.

As companies scramble to recover data, restore trust and rebuild their reputation, the company described the hidden cost of cyber attacks in the toll on the so-called "human firewall": the employees who serve as the first line of defence against cyber threats.

25 per cent of employees described their workplace as "toxic" in the aftermath of cyberattacks, while 31 per cent reported employee burnout.

33 per cent reported high stress among employees, while 23 per cent cited increased employee sick days as an issue.

Stephen Donaldson of Hiscox Ireland said: “The number of people reporting stress or burnout is deeply concerning, costing organisations not only through sick leave but also in lowered morale and staff retention.

"Employers need to look beyond the figures on the balance sheet and invest in the well-being of their staff, particularly in challenging times.

“When managed well, such situations can actually strengthen team spirit and build resilience. It’s vital to take every potential impact on staff into account in your crisis response planning."

38 per cent did notice increased employee loyalty to the organisation, while 33 per cent said there was increased camaraderie among employees following the attack.

Further, more than a third (36 per cent) of companies attacked experienced a distributed denial of service (DDoS) attack, where criminals overwhelm a company’s servers with traffic, forcing systems offline and halting normal operations.

The consequences can be severe, with 31 per cent of businesses saying there was a material impact on their company’s financial health, while 28 per cent reported greater difficulty attracting new customers.

Businesses also remain heavily targeted by ransomware. Of those who suffered an attack, 70 per cent admitted to paying a ransom in the past 12 months to prevent sensitive data being published. However, the outcomes were often disappointing, with 35 per cent still having to rebuild systems despite receiving a recovery key, and 29 per cent reporting that their data was leaked anyway.

Stephen Donaldson said: "Ransomware in particular remains a costly and disruptive problem in Ireland. Too many businesses pay up in the hope of a quick recovery, but as the data shows, many still face leaks or system rebuilds even after payment.

"This underlines the importance of preparation, resilience, and having a clear incident response plan in place before an attack happens."

Almost two-thirds (62 per cent) of Irish businesses also view vulnerabilities from third-party AI tools as a major emerging risk over the next five years. Moreover, 38 per cent reported that they were targeted between 1-10 times in the last 12 months due to vulnerabilities related to AI.

At the same time, 66 per cent see AI as more of an asset than a vulnerability, highlighting both the opportunities and dangers the technology presents.

However, companies are beginning to take extra precautions when it comes to AI, with 42 per cent expecting that their company will invest against AI-related security risks, and a further 38 per cent ensuring that cyber insurances include AI risks.

Despite the challenges, over half (56 per cent) of businesses believe their cyber resilience has improved in the past 12 months. One in four companies expect to expand cybersecurity and data-protection investments significantly in the year ahead.

Stephen Donaldson said: “Cyber resilience is no longer optional - it’s business critical. From protecting solvency to safeguarding customer trust, companies that invest early and continuously in cyber security will be the ones best placed to weather the next wave of threats.”

More in this section

Teen charged in connection with seizure of guns in Dublin Teen charged in connection with seizure of guns in Dublin
Two men charged in connection with cross-border terrorism related investigation Two men charged in connection with cross-border terrorism related investigation
Case of father-of-two fatally crushed at meat packing plant settled for €700k Case of father-of-two fatally crushed at meat packing plant settled for €700k
Mental HealthtechnologyCybersecuritycyberattack
Paedophile ballet teacher jailed for 'evil' abuse of two young girls

Paedophile ballet teacher jailed for 'evil' abuse of two young girls

READ NOW

Sponsored Content

A Halloween to remember at Douglas Court! A Halloween to remember at Douglas Court!
John Daly Opticians offering free audiology service John Daly Opticians offering free audiology service
Every stone tells a story Every stone tells a story

Latest

EL car logoThe Echo logo
The Echo paper

DELIVERED TO YOUR HOME FOR FREE

FREE HOME DELIVERY SERVICE

The Echo paper
SIGN UP TODAY
Contact Us Cookie Policy Privacy Policy Terms and Conditions

© Examiner Echo Group Limited

Add Echolive.ie to your home screen - easy access to Cork news, views, sport and more