Just over 40% of business leaders say that their organisation has experienced a cyber-attack, according to research carried out by the Institute of Directors (IoD) in Ireland.

Almost half of these attacks occurred over the past year, according to figures from the IoD’s quarterly survey of directors.

The organisation’s chief executive Caroline Spillane described the figure as “concerning”.

The IoD report found that just 44% of respondents had a cyber-security training plan in place for their board.

‘Governance must evolve’

The survey found, however, that 70% of directors were ‘extremely’ or ‘very’ concerned about the potential impact of cyber-security threats on the continuity of business at their organisation.

“It is crucial that the governance of cyber-security must evolve in line with the sophistication of the threat landscape, along with the introduction of necessary cyber-security protection, legislation, and regulation measures,” said Spillane.

She welcomed, however, more positive figures from the survey – including a finding that 36% of directors said that cyber-security was on the agenda at every board meeting . Another 27% said that the issue came up at board level on a quarterly basis.

Just over 80% of directors also said that their organisation had a cyber-security incident-response plan in place.