Dr. Richard Browne:

Some of this is due to the work we are doing. We are getting people who are really interested in the subject matter. Many applicants have worked in the private sector and elsewhere for a long time. They want to come and work with the NCSC because they know what it is we do. They know the risks and the issues involved. They know, over time, what we are actually doing. We have a certain pull that other organisations do not have. To be frank, we have also been lucky with salaries. We can be, if not entirely, then somewhat competitive with the private sector, which helps as well. Another point is that in real terms we are not looking for vast numbers of staff. From the CSS panel that we are looking to create for this year - we had one last year as well - we will probably take ten or 12 from it. That allows us to be very selective. Those people who are unsuccessful will roll on and will look to apply next year and the year after and that is fine too.

Regarding Beggar's Bush and the SOC, the State owns the property. We were based there for many years in the NCSC. We have come out of there to allow it to be fully refurbished. The refurbishment is nearing completion. We hope to take possession of the building in October. We think it will take us three to four months to build in the security facilities, IT infrastructure, our own fibre connectivity and all the usual things one would expect.

We expect to be fully in place in January or February of next year. We have had a security operations centre, SOC, up and running in the NCSE for six years. We are essentially building a next generation SOC. It will be physically present in February or March next year. The real challenge for us is the legislation to allow us to use it properly. The usual way an organisation like ours is measured is in people, process and things. The people situation is resolving itself with a lot of work. The process is evolving quickly and the mid-term review will help that and make some of it clear. The things piece is the last part of the puzzle as it often is. That is happening now with Beggar's Bush. The issue is that we will run into a legislative barrier, in that we can go no further in terms of accessing information. That involves legislation to be brought through the Houses of the Oireachtas, which will happen shortly. That covers the SOC and Beggar's Bush.

Our budget has doubled in the past year because we can now say we can genuinely spend it properly, effectively and proportionately. We have also spent more so far this year than we did in the whole of last year. We have a much larger budget and we are spending our larger budget. That system is really starting to hum now, which is useful. I will not go into all of the details of what we have been doing on Ukraine. Along with a large number of European colleagues, we have provided numerous different types of assistance to our colleagues. I have met my counterpart from the Ukrainian computer emergency response team on a number of occasions. Like a number of European states we have provided aid - in our case non-lethal - in significant volumes to Ukraine across the full range of governmental functions. We will continue to do that. It is also obviously of great interest to us, leaving aside our moral responsibility, that we learn with great fidelity what is happening in Ukraine. We get the details. We get the indicators of compromise. We get to understand exactly what tactics are being used now with rapidity. If it happens in Ukraine on any given day, we will know on the following day exactly what happened. That is really useful. It is part of a cybersecurity response process, which we are very much a part of. I will rehearse that quickly. We rebuilt our national cyber emergency plan last year, and rehearsed it in the energy sector going back to our colleagues in the Institute of International and European Affairs, IIEA. That rehearsal was a full-scale national exercise starting with information sharing processes that we exercise on a day to day basis, building to a full national meeting in Department of Agriculture and leading to a full political process. Embedded in that was the EU-CyCLONe - the European cybersecurity instant response process. We practised an exercise from the ground level up to the European instant response process as part of what we do. This has been ongoing since the outset of the Ukrainian conflict, and in fact since a couple of weeks beforehand. We are fully plugged into that process. Helping Ukraine helps us better protect the people of Ireland. That is at least part of the reason we do it.

The Hybrid centre of excellence is a huge advance. We have been part of the group across Government that has been pushing for the State to join it for some time. We have heavily used the Hybrid centre's training and material in the production of national strategies. It was in some ways central to our work on the 2019 strategy. However, to my mind the single best and clearest explanation of the hybrid domain is a 2021 report produced by the Hybrid centre on the conceptualisation of hybrid. It is worth reading for anybody with an interest in the area. It is a hugely positive development for the State. Similarly, we have led from the outset on the NATO centre of excellence for cyber. Ms Woods represented us at the flag raising ceremony in Tallinn. I have been on the steering committee of that group for four years at this point. It is a really valuable source of training, not just for the NCSC, but for colleagues across Government - in the Defence Forces, An Garda Siochána, the Department of Foreign Affairs and our parent Department, the Department of Justice. It allows us to upskill not just on the operational aspects of cybersecurity, but on the policy and geopolitical aspects too. These centres of excellence are valuable, especially for small states. I have done a couple of courses myself, and they have been among the best I have ever done. It is not a bad place to start.

On the seats specifically, we have traditionally had one officer and one non-commissioned officer from the Defence Forces, as well as one or two members of An Garda Siochána. Right now, one officer from the Defence Forces is seconded to us and then seconded onwards to Tallinn. The Defence Forces officer in Tallinn is nominally ours. We do not have anybody else from the Defence Forces with us now. That will change in the short term. We had a conversation about this in McKee Barracks recently. We have one member of An Garda Siochána seconded to us - not from cybercrime, but a different part. We are waiting for another secondee. We had one recently, but she was promoted. We know that seat will be filled again in the short term.