Mr. Mark Griffin:

I will step back a bit. When one looks at what happened earlier this year with the HSE attack, an important decision was taken straight away that we would not entertain the payment of a ransom to the group that initiated this criminal act against the HSE. That was recognised as a positive step right across the EU and internationally. Ireland was complimented in setting that out as a red line in dealing with this particular issue. What the Deputy has described is the evolution of cyberpolicy. It is an evolution. We are moving through phases where we are seeing significant activity in this sector. We will take whatever measures are required to ensure that the State, the operators of State infrastructure, private citizens and private businesses are protected to the greatest extent possible in dealing with the issues that we have to contend with, not just in light of the HSE attack but in light of broader issues more generally in cyberspace, such as the types of threats that are emerging.

To revert to the Deputy’s previous question, in 2020 a particular vulnerability arose during the massive shift from office-based and business-based work to the home. A significant degree of disruption was caused to how businesses functioned. We saw a rapid, significant increase in cyber-incidents right across the State. We estimate that in 2020, the computer security incident response team, CSIRT-IE, in the NCSC handled about 3,000 cybersecurity incidents.