Article

On December 2, 2025, Ireland's National Cyber Security Center (NCSC) released the 2025 National Cyber Risk Assessment (2025 NCRA), outlining systemic cyber risks to the country's critical national infrastructure (CNI) and supply chains. This assessment precedes the transposition of the NIS 2 Directive expected in early 2026.

It identifies three key risk areas: geopolitical tensions from state-aligned actors like Russia and China, evolving technology threats including AI and quantum computing, and supply chain vulnerabilities. The report recommends expanding monitoring capabilities, implementing proactive cyber defense measures, enhancing resilience through EU regulations, and investing in national cyber capacity.

Additionally, Munster Technological University published a report assessing the cyber resilience of SMEs, highlighting low cybersecurity levels across sectors, with healthcare performing the worst. Findings from the assessment will be available on the NCSC website in early 2026.