Almost two thirds (61%) of organisations have had at least one data breach in the last year, an increase on the previous year, according to a new survey of 200 professionals.

The survey was carried out by the Irish Computer Society (ICS), which also found that more than half of the breaches were caused by staff members misplacing records.

However, successful attacks by external hackers are also on the rise, with the number of breaches by people outside the organisation up to 22% in this year’s survey, compared to 15% in the 2016 edition.

Confidence levels around the handling and managing of day-to-day data protection concerns is down, but those who have experienced a data breach are confident their organisation has learned and adapted from it.

Two fifths of respondents said external attacks are what they are most concerned about, with a third citing employee negligence and user devices as possible vulnerabilities.

The survey also found that more than half of staff responsible for data protection in organisations in Ireland are not prepared for the new EU General Data Protection Regulation (GDPR), which comes into effect next year.

The biggest concerns around the GDPR are heavier financial penalties for non-compliance, requirements around accountability and new consent requirements.

Eight out of ten organisations say they now have an information security policy in place to safeguard their data, and two thirds have data breach policies.

Only a quarter, however, have policies around the transfer of data overseas.

Just half of those responsible for data protection say they have received the correct level of training.

However more than three quarters say there is now a named person in their organisation responsible for data protection, a legal requirement under the GDPR.

The survey results were published ahead of the ICS National Data Protection Conference, which takes place on 25 and 26 January.