Enda Kenny (Mayo, Fine Gael) | Oireachtas source

The Deputy has raised an issue that is probably beyond the competence of most people to deal with, unless they are experienced in electronics, IT and security systems. I take the view that anything that is put into the cloud is retrievable. Most governments and companies, when they put their information on the Internet and the cloud find that the problem is how to protect themselves. The Deputy is correct that governments and many major security elements of governments have been attacked. It happens mostly in democracies. There has been evidence of attacks in certain places in Ireland. Regarding security in the Department of the Taoiseach, information is never released in respect of any attacks, given that it would lead to those who conduct such business. There are only two websites that provide information from the Department of the Taoiseach, namely gov.ieand merrionstreet.ie.

The Minister of State, Deputy Dara Murphy, looks after questions on EU data protection regulations and implications for IT security. In my time at European Council meetings there has never been a discussion about governments being attacked, although officials may be in contact with each other. The new general data protection regulation comes into effect on 25 May 2018, with the aims of strengthening citizens' data protection rights, harmonising data protection legislation across the EU and updating the law in line with advances in digital technologies. It brings obligations on public sector data controllers, including in the area of security. The interdepartmental committee on data issues, which his chaired by the Minister of State, Deputy Dara Murphy, is supported by my Department and the Department of Justice and Equality. It is an important part of Government Departments in preparing for the implementation of the new data general regulation.

The computer security incident response team is the operational role of the Department of Communications, Climate Action and Environment, and it encompasses the State's national governmental computer security incident response team. It seeks international recognition with peers in respect of Government and national CSIRT communities so it can effectively undertake its work on situational awareness and incident response. It focuses initially on the State sector and acts as a national point of contact. The National Cybersecurity Strategy 2015-2017, published in 2015, is a high level policy statement from the Government announcing and acknowledging the challenges with facilitating and enabling the digital economy and strategy.

While I can manage the fundamentals of the iPhone, I could very quickly get lost in many of these fields. There are those who would be able to give so much more information about firewalls and how attacks can be presented. One of those security people told me it is like breaking into a house, in that if a person gets in the front door, the entire house is open. Many companies have to block off each room individually, so if the firewall is breached, there are other security elements in place. This is way beyond my knowledge or understanding. I am a mere citizen with a scope that is appropriate to myself to write and send messages and receive phone calls and so on. I am not an expert in this field, and I admit it.

See this speech in context