Mr. Brian Honan:

Deputy Matthews probably saw me smile when he asked that question. This has been one of my campaigns or high horses for many years now. I wrote an article about the issue for a magazine in 2013. There are industry certifications that individuals can achieve. There are institutions such as ISC2 where you can study, do exams and pass to become a certified cybersecurity professional. ISACA is another organisation with which you can do similar. However, in many of these cases, there is no accountability. I often use the analogy that if I have to get wiring done in my house, I have to hire a qualified, certified and registered electrician. Otherwise, I could be in trouble if I want to sell the house in the future. The onus is on me, as a purchaser, to make sure I get a qualified electrician, plumber or whatever to provide these services. However, if I am a business owner and I am looking for a cybersecurity expert, how do I know if a given person is an expert? What accountability is there? In other professions and trades, if you are found to be unprofessional or not to meet the required standards, you can be struck off. We do not have that in the cybersecurity industry. As an individual, rather than as the chair of Cyber Ireland, I have been advocating for some sort of scheme to certify individual professionals and to hold them accountable should they act inappropriately or incorrectly leading to costs for organisations.