Oireachtas Joint and Select Committees
Wednesday, 26 May 2021
Joint Oireachtas Committee on Transport, Tourism and Sport
National Cybersecurity: Discussion (Resumed)
Ossian Smyth (Dún Laoghaire, Green Party) | Oireachtas source
We do. It is a normal part of security practice to, for example, send an email to everybody in an organisation and see what proportion of them click on the link in an email that is trying to phish or store information. Typically the results of that, even in software companies that are very advanced, is between 5% and 10% of staff members still click on the link. One’s security team has to accept that this will happen and that once somebody is in the network that they cannot progress all the way through. That is the idea of defence in depth. That advice comes from the NCSC and is available to any organisation that wants it.
No comments