Navigating a New Age of Risk in 2026 – and What Boards Must Do About It

The Shifting Risk Landscape for Irish Businesses

If it feels like the ground keeps moving under Irish businesses, that’s because it is. Volatility is no longer a phase to be waited out; it is the backdrop. For non executive and executive directors, this isn’t just context, it is the environment in which you approve strategy, make capital calls and assess risk.

Looking towards 2026, four forces dominate that environment: how we trade, the technology we rely on, the weather we can’t control and the workforce we are trying to attract and keep. They don’t exist in silos. A cyber attack in another sector can unnerve your customers. An overseas conflict or heatwave may expose a weakness in your supply chain. This is the world every Irish board now operates in.

Aon’s Global Risk Management Survey shows how quickly this landscape is shifting – and where boards must move from awareness to action. Risks are more interconnected and more immediate than before, but far more manageable when resilience is treated as a core strategic priority rather than a compliance exercise.

Cyber, Economic and Regulatory Pressures

Cyber risk sits firmly at the top. Recent attacks in aviation, retail, healthcare and technology have ended the illusion that any organisation is too small to be targeted. Ransomware is rising, and the average global cost of a data breach reached €3.7 million in 2025. This is in addition to the reputational damage and months of leadership time spent in crisis mode. With AI making attacks faster and more sophisticated, the threat is evolving, not standing still.

For boards, this is no longer a technical detail delegated to IT. Under NIS2 and DORA, responsibility for cyber resilience sits clearly with directors. The questions are straightforward: Do we know which systems and data are truly critical? Are we investing enough in detection, response and recovery, not just prevention? When did we last test our incident response plan under pressure? If the answers are hesitant, that is not an IT gap; it is a board level issue.

Economic slowdown ranks second among the top risks. Growth forecasts for 2026 are softer and global trade more unsettled. For a small, open economy, a change in policy or sentiment elsewhere can land quickly here. Boards need robust stress testing, liquidity planning and scenario analysis. Are we clear on how the business performs under tougher assumptions, and when we would cut costs, pause investment or pivot strategy? Slower growth can sharpen discipline – but only if boards are willing to probe assumptions and back early, sometimes uncomfortable, decisions.

Regulatory and legislative change has climbed to third place for Irish businesses, higher than in Europe overall. With major people related reforms such as pension auto-enrolment and the EU Pay Transparency Directive approaching, “we’ll deal with it when it lands” is no longer credible. Boards need a concise map of upcoming regulation, its likely impact and a realistic plan to deliver it.

Geopolitics, Talent and Climate: Expanding the Board Agenda

Geopolitical volatility has entered the top ten risks for the first time, jumping 21 places since 2023. In an economy reliant on global supply chains and export markets, the distance between “over there” and “right here” has narrowed sharply. Boards should be asking where suppliers, customers and logistics routes are concentrated, and what alternatives exist if something changes overnight.

Alongside these headline issues, talent and climate are reshaping performance. Talent risk is no longer just about vacancies. Directors should look at culture, leadership pipelines and retention data with the same significance as financial metrics. Are we an organisation people want to stay with and grow in? Climate risk is equally unavoidable, as physical impacts, policy change and investor expectations converge. It cannot sit at the margins of the agenda.

A Call for Board-Level Action

This is a demanding list, but not a reason for paralysis. It is a mandate for boards to lean in. Managing these “known unknowns” means being deliberate about agility, foresight and resilience – and reserving real time for strategic risk discussion, not just routine updates. For boards in Ireland, the question is no longer whether these risks exist. It is what you are going to do about them this year.

At Aon Ireland, our team of experts work with decision makers to understand the interconnectedness of their business and people risk. Those who treat risk as a standing item for action, not just discussion, will be best placed to make better decisions that protect and grow their business into the future.

Explore the full findings of Aon’s Global Risk Management Survey.

This article is the view of the author(s) and does not necessarily reflect IoD Ireland’s policy or position.

About the Author

Rachael Ingle is CEO Aon Ireland and Executive Chair UK, Ireland and South Africa Subregion. She joined the business in 1998 and sits on Aon’s EMEA Executive Committee and is a member of Aon’s Global Executive Leadership Team. Rachael is also a Board member of The Aon Ireland Master Trustee DAC in Ireland and the Aon multi-employer European pension plan, United Pensions in Belgium.  An actuary by profession, Rachael has over 30 years' experience in integration and change management, product innovation, shaping policy, risk and governance, client relationship management, business growth and leading teams. Appointed by the Irish government’s Minister for Finance in 2023, Rachael is the Chairperson of the National Treasury Management Agency, where she serves as a NED on the Board and also sits on the Remuneration Committee. 

Rachael is a Fellow of the Society of Actuaries in Ireland and is an experienced pension plan Trustee. She is also a former Chairperson and Council member and of the Irish Association of Pension Funds.  She holds a BSc in Applied Science (Maths and Physics) and an MSc in Mathematical Modelling and Control.