News
Departments
Services
Gaeilge

Search gov.ie

Press release

National Cyber Security Centre Launches 2025 National Cyber Risk Assessment revealing Escalating Threat Landscape

  • Rapidly evolving cyber risks put country’s critical infrastructure at risk

Today the National Cyber Security Centre (NCSC) launched its 2025 National Cyber Risk Assessment. This is a comprehensive review of the cyber threats, systemic risks, and sectoral vulnerabilities facing the State.

Launched at the NCSC’s annual conference, the assessment provides the most detailed national overview to date of Ireland’s cyber risk environment and builds on the foundation laid by the 2022 assessment.

The assessment identifies key developments in the national and global cyber threat landscape, including increasingly sophisticated nation-state activity, the accelerating pace of cybercrime, and the growing likelihood of cascading impacts across interconnected sectors such as energy, transport, healthcare, and financial services.

The Minister for Justice, Home Affairs and Migration, Jim O’Callaghan welcomed the launch of the Risk Assessment:

“Ireland’s digital infrastructure underpins all sectors of our society, delivering essential services that keep our hospitals, public transport, communications, and energy supply functioning. Cybercrime can have severe consequences. Identifying and developing comprehensive responses to risks that threaten these services is essential to protect our security and overall resilience. Opportunistic and motivated by financial gain, cybercriminals persistently seek out weaknesses in cybersecurity, exploiting victims using social engineering, online fraud scams and ransomware to steal money or data."

Speaking at the launch, Richard Browne, Director of the NCSC, said:

“Ireland’s national security resilience increasingly depends on the integrity, availability, and security of its digital infrastructure. This 2025 National Cyber Risk Assessment clearly shows that cyber risks are evolving rapidly and that our critical infrastructure, government systems, and society as a whole face growing exposure. The report provides an essential evidence base for strengthening Ireland’s preparedness, resilience, and strategic response to these threats.”

Key findings of the 2025 National Cyber Risk Assessment include:

As technology has advanced and reliance on digitalisation has intensified, the cyber threat landscape has become more complex with an increased risk of incidents, leading to significant cross sectoral impacts.

Taking an all-hazards approach, the 2025 National Cyber Risk Assessment has identified three key systemic risks:

  • the dynamic geopolitical environment,
  • evolving technology and its implications on security,
  • supply chain security.

If any or all these risks were to be realised, it could undermine Ireland’s delivery of essential services, disrupt its critical sectors, and erode trust in government, institutions, and organisations.

To mitigate Ireland’s identified risks, five recommendations have been identified:

  • Strengthen visibility and detection – investing systems and structures to enhance national visibility will reduce systemic blind spots and allow the State to be better positioned to anticipate and respond to risks before they escalate.
  • Implement proactive cyber defence capabilities – reactive responses alone are not sufficient to protect society and the economy from the potential cascading effects of attacks on critical systems. Ireland must enhance its proactive cyber defence posture, disrupting the cyber-attack lifecycle earlier to prevent incidents at scale.
  • Enhance national resilience –by implementing EU frameworks in full and extending resilience beyond infrastructure to society itself, Ireland will ensure that both services and democratic institutions remain robust in the face of systemic cyber risks.
  • Secure critical supply chains – the State must strengthen our supply chain through strengthening procurement rules in government, embed security-by-design and risk management practices, and increase visibility of vendor ownership.
  • Invest in national cyber resilience – investment in people, innovation and our indigenous industrial base will ensure that Ireland has the capacity not just to respond to today’s threats but to anticipate and shape the next generation of resilience measures.

These recommendations provide a framework for the next National Cyber Security Strategy, ensuring that systemic vulnerabilities are reduced and national resilience strengthened.

The 2025 National Cyber Risk Assessment is available here.

ENDS...///

Contact:

Press Office, Department of Justice, Home Affairs and Migration

Email: pressoffice@justice.ie Phone: (01) 602 8358

About the National Cyber Security Centre (NCSC)

The NCSC is an operational arm of the Department of the Justice, Home Affairs and Migration. It is responsible for leading in the management of major cyber security incidents across government, providing guidance and advice to citizens and businesses on major cyber security incidents, and developing strong international relationships in the global cyber security community for the purposes of information sharing.

This form is only for feedback relating to the current page.

Do not include personal or financial information.

The information you submit will be analysed to improve gov.ie and will not be responded to individually.

How was your experience on the current page? (required)

You have 400 characters remaining