Mr. Pat Larkin:

On average, to rebuild from a ransomware attack in totality takes weeks and months. Critical systems will be back up quite quickly but our experience is that, for six or nine months, people will still be dealing with the fallout of a significant attack, whether that is ransomware or other types. Expectations should be set around that. The cost associated with it is ongoing.

It is important to take the lessons learned here. As part of any systemic review we should be focusing on the lessons learned and then building those in as improved controls and governance structures to try to prevent such things. We should also be sharing that intelligence. Some of these lessons would apply across healthcare but there are also lessons that would apply across the whole country and globally. I have long advocated that we take an aviation approach to cybersecurity, which means disclosing, investigating, systemically taking the learnings, re-engineering them back into the impacted systems and standardising. That is the approach I would advocate.

As regards building a strategy and defences, this must be looked at collectively and not in a manner specific to the HSE or any other organisation. Collectively, we are trying to move from an immature system to an optimised one and that programme of work will take five to ten years. That is a strategy we need to adopt as well.