Gerard Craughwell (Independent) | Oireachtas source

No, we did not.

With regard to Dr. Scott's presentation, the secrecy around the NCSC is a matter of deep concern to me. It is also a matter of deep concern to me that when we first advertised the post of director of the centre, we offered a salary of €79,000 per year. This was when seeking somebody to head up national cybersecurity. It goes to show what the thinking was concerning cybersecurity at the time. I ask all the delegates to deal with this in their own way.

Dr. Scott said that there was no strategy for cybersecurity up to 2012. Given that the NHS was hammered in the UK and we did not test our systems in this country, I would have believed there was zero strategy up to 2021. We were paying lip service to it.

Let me outline what I want to establish today. Dr. Scott said that if a matter is put under the Department of the Taoiseach, it gives it an air of importance. In our recent encounter with the director of cybersecurity, the latter disputed that. He said that being under the Department of the Taoiseach did not necessarily make it any better than it was. However, in my view, giving responsibility to the Department of the Environment, Climate and Communications rather than the Department of Defence seems a nonsense. We are not analysing matters through a security lens all the time. Everything we do now should be analysed through a security lens, particularly a cybersecurity lens. I would like the witnesses to give their view on this.

I am interested in Mr. Larkin's point that we have been good at looking at land, sea and air, albeit with major restrictions and diminishing capability, but I do not believe we have looked at cybersecurity and taken it seriously. I still do not believe we are doing so, considering that we are talking about a staff of 70. I asked earlier today whether we should have cyberpersonnel reporting directly to the head of cybersecurity in every State and semi-State department. To protect the economy, should we not be proactively hacking organisations ethically to find breaches and telling them they will be removed from the wide-area network if they do not repair the breaches within a limited time that is specified? Mr. Larkin was very clear that this is an economic issue as well as a security issue. A nanosecond of carelessness could cost us our entire economy. It could cripple it.