Mr. Ciarán Cuffe:

As a committee charged with the oversight of European Union affairs, it might be worthwhile to look at the process of implementation of directives by member states. It seems clear that the weakest link is the implementation of the directive. I am not familiar with the operation of the computer security incident response team here in Ireland. I do not know how many people are employed in this area. However, as a test case it might be useful to quiz those people on the staffing they have and what exercises they perform. We could even look closer to home to the Houses of the Oireachtas Commission, which has charge of the IT systems in these buildings. We could use it as a test case for what kind of readiness or exercises are in place.

I am mindful that cybersecurity in Ireland also has a non-EU component. Our energy grid is managed by EirGrid, which manages the electricity grid in the North of Ireland as well as in the South. It is important to think about the challenges that emerge from these issues of semi-State agencies having joint jurisdiction over this member state and over part of a foreign state. That might also be worth dwelling on.

In Brussels, we are providing the framework for member states to fill with the staffing, finance and oversight that is required. Perhaps it is a good exercise for the committee to interrogate that in the Irish context to see if we are ready.