Ossian Smyth (Dún Laoghaire, Green Party) | Oireachtas source

The role of the NCSC is to advise critical infrastructure providers on how to protect themselves. It carries out research and training and when an incident occurs, it provides the incident response, which is exactly what it did for the HSE. It does so under the auspices or framework of the NIS directive. That is the overarching, regulatory framework. We are producing new cybercrime legislation to put the NCSC on a statutory footing. At present, CSIRT-IE is on a statutory footing but not the NCSC. With my European partners, we are developing a new NIS directive, the NIS 2 directive, which will go further than the existing one and will probably extend to more critical infrastructure providers. I am happy with the current position but I remind all Deputies it is the responsibility of all critical infrastructure providers to provide their own cybersecurity and to protect their own networks.

See this speech in context