Dr. Richard Browne:

I will run through these questions quickly. I am conscious of time.

On the consultative forum on national security in June, I will be centrally involved on the first day in UCC for the cyber element of it and I suspect some of the hybrid piece as well. We are centrally involved in that process.

On AI, I have rehearsed the issue, but bluntly, this is a whole-of-government challenge. Aspects or elements of government that deal with issues relating to electoral security, for example, will very quickly, I suspect, find themselves dealing with AI-related questions. It is just not Photoshop; AI is more than just that. As the Deputy correctly pointed out, it also offers significant opportunities for productivity improvements in government and completely new ways of approaching issues in our world, for example. It is a technology that cuts both ways.

Forgive me if I am skipping over some of these. The Deputy also asked about mobile malware, particularly the use of so-called spyware on mobile devices. Right now, we are limited by legislation in what we can do with that. We have access to a lot of threat intelligence and we, as is public domain information, conduct assessments of official devices and hardware to check for the presence of or otherwise of said malware. Some of the legislative tools we are looking to build in the new legislation will allow us to engage in tracking this type of activity much more coherently nationally. Again, GDPR limits us from handling personal information in many circumstances and rightly so.

We need to have proper legal authority to deal with these kinds of issues.

On educational institutions, we are sweating and have continued to sweat a lot of the assets. Some of the people who work with us came from the staff of the institutions. I am calling out in particular the UCD centre for cybercrime. A great number of our staff have done the master's there. It was the original master's course in the State. Some have lectured in other institutions in Dublin, such as DCU, Trinity and so on. It is very much a core part of our process. The reason the NCSC CSIRT-IE was originally founded in UCD was so it was proximate to the computer science department there.

On the European piece, we have engaged widely across Europe, not just with member states but also third level institutions. In the UK. we have engaged with Queens and the London Office for Rapid Cybersecurity Advancement, LORCA, as well as ENISA, the European Network Information Security Agency. We have two people on the board of ENISA. We are fully engaged on a lot of its processes, in particular on risk assessment. We have another very public announcement coming on risk assessments in the next while.

Deputy Cronin asked about the hybrid centre. The Department of Foreign Affairs leads on that. We have engaged with the centre for three or four years. A lot of the work we have done on the 2019 strategy and other aspects has leveraged heavily on the work of the centre in cyber and other parts of the national security apparatus of the State.