Barry Heneghan (Dublin Bay North, Independent)
Link to this: Individually | In context

157. To ask the Taoiseach and Minister for Defence the steps being taken to strengthen our cyberdefence capabilities in light of increasing global threats to digital infrastructure; and if he will make a statement on the matter. [18129/25]

Donnchadh Ó Laoghaire (Cork South-Central, Sinn Fein)
Link to this: Individually | In context

165. To ask the Taoiseach and Minister for Defence the progress his Department has made regarding the establishment of a joint cybersecurity command and other actions related to cybersecurity contained in the Report of the Commission on the Defence Forces. [18071/25]

Barry Heneghan (Dublin Bay North, Independent)
Link to this: Individually | In context

Inniu ba mhaith liom caint faoi rud éigin atá i mbéal an phobail faoi láthair. What steps are being taken to strengthen Irish cyberdefence capabilities, especially in the environment we are in at present? Cyberattacks are no longer hypothetical. They are a real and growing threat to our economy, our national security and our democracy. The Tánaiste has spoken about this before but I want to know what steps have been taken since the formation of the Government to protect the Irish people and to protect our economy and our national security.

Simon Harris (Wicklow, Fine Gael)
Link to this: Individually | In context

I propose to take Questions Nos. 157 and 165 together.

I can advise the Deputies that the Defence Forces have established a new joint cyberdefence command. This new command will be able to conduct full spectrum operations to robustly defend against cyberthreats and support Defence Forces operations at home and overseas, and enhance national cyberdefence resilience and contingent capabilities. Deputy Heneghan is right that this is a real and growing issue. Following the establishment of this unit, the Defence Forces cyberdefence strategy for 2024 to 2027 was published last year. This strategy sets out a road map to ensure our Defence Forces achieve operational capability in this new domain.

I am pleased to say the assignment of 19 specialist posts in the Defence Forces has been approved to kick-start the operation of this unit, which is headed up by an officer of general rank. In addition to this, the Department is engaging with the Public Appointments Service to recruit ten civilian cyber specialists who will be embedded in this new cyber unit, and we want to see these posts filled as soon as possible. They have been sanctioned and we want to get them started. To this end, the Public Appointment Service has launched a campaign to recruit for the role of principal officer, cyber lead. The closing date for applications for this post was 10 April. Additionally, competitions will be launched imminently to fill two additional roles at the level of engineer grade 1. These roles will be focused on cyberthreat intelligence and cyber resilience. I am pleased to say we are significantly expanding the number of people working in this area.

I should also mention that officials from my Department and the Defence Forces work closely with the Department of the Environment, Climate and Communications and the National Cyber Security Centre. That Department is the Department with lead Government responsibility for cybersecurity in Ireland. We work collaboratively to support measures to address cyber challenges. I am satisfied that from a defence perspective we are on a much-needed positive trajectory to ensure the new cyber command unit is well positioned to meet the ambitions we have set out in the cyber strategy.

Barry Heneghan (Dublin Bay North, Independent)
Link to this: Individually | In context

Gabhaim buíochas leis an Tánaiste. Tá sé iontach le cloisteáil go bhfuil an obair sin á déanamh aige. It is great to see the Tánaiste is working collaboratively with the Defence Forces to establish this new unit but we need to see our Defence Forces equipped, trained and empowered to meet these real threats. I ask the Department to meet the universities, one of which, DCU, I just left. They are developing new courses but to develop the talent in our population to work in these new Defence Forces offices we need to introduce new courses which are constantly evolving. As happened when the HSE was hacked, I ask the Minister to look into all Departments across the board to make sure they are running with up-to-date systems that are adequate and working. It is about building long-term resilience at every level of the State. I thank the Tánaiste. I would like to see this being done quickly and effectively, given the emerging threats that are ever-growing in this climate.

Donnchadh Ó Laoghaire (Cork South-Central, Sinn Fein)
Link to this: Individually | In context

This is clearly an ever evolving and growing area that will be of crucial importance to the Defence Forces and our security in the coming time. The Tánaiste instanced the new committee and it is very important that it is given adequate briefings on these issues as they arise and develop. The Tánaiste mentioned the cybersecurity command had been established. The most recent report I saw in The Irish Times was that it was to be established. Perhaps there is more up-to-date information than that. I understood the Department and the Defence Forces had advertised for a cybersecurity lead. Perhaps the Tánaiste can inform me on whether the person has been appointed. I tabled my question to seek an update on the establishment and the Tánaiste is saying it has been established. Perhaps he will give me a timeline on when it was established and whether the lead person has been appointed and when they took office.

Simon Harris (Wicklow, Fine Gael)
Link to this: Individually | In context

I am checking the tenses in my answer, and my answer tells me the Defence Forces have established a new joint cyberdefence command. The truth is in what I said. We have seen the assignment of 19 Defence Forces specialist posts to kick-start the unit and it is headed up by someone of general rank. Deputy Ó Laoghaire is also correct that we are filling the principal officer role for cyber lead, which will supplement the ten civilian cyber specialists. The closing date for that post was 10 April. This post has not yet been filled. Additionally, a competition is about to be launched for two additional roles at the level of engineer grade 1. I will write to the Deputy specifically on when I intend to have those people in place.

I will come back to the point Deputy Heneghan made on skills. He is right on this. I am a former Minister for higher education. We have to work with our universities. We have great universities. It is about making sure our universities have a clear understanding of the pipeline of skills our country needs and that we have a clear understanding of what the universities are doing. There generally is good collaboration but I might look specifically at having Defence Forces third level engagement with the Minister, Deputy Lawless, and the relevant universities on this.

Deputy Heneghan asked more broadly, beyond the Defence Forces, how we make sure all Departments and agencies are secure. I remember the HSE hack and the hack of a number of universities, including MTU. The National Cyber Security Centre is responsible for advising and informing Government IT critical national infrastructure providers overall. It has the overarching role and it sits in the Department of the environment. It is headed by Richard Browne and we all feed into it through relevant Departments.

Barry Heneghan (Dublin Bay North, Independent)
Link to this: Individually | In context

I welcome the fact the Tánaiste will engage with the universities. As I have seen growing up and going through the education system, mol an óige agus tiocfaidh sí. If we do not invest in education and universities and give them the option, they will go. As the Tánaiste mentioned, cyberdefence depends on highly skilled personnel. I welcome the fact the Tánaiste has mentioned this. I have many friends in the Defence Forces and from speaking to them I know they would like to go down this route. An Garda Síochána also plays a key role in this. It is not only international risks as we also face internal risks from crime gangs learning how to send fake texts and emails. A great deal of investment needs to go into this to protect our vulnerable, including the elderly who fall victim to these hacks. I welcome that the Tánaiste has already mentioned this. I would like to see it being done as quickly as possible.

Donnchadh Ó Laoghaire (Cork South-Central, Sinn Fein)
Link to this: Individually | In context

This comes back to my earlier question a little bit. We will continue to have a significant challenge in recruiting and retaining key staff for an area such as this unless something significant changes. If we get things right, the Defence Forces can offer a very rewarding and interesting career for people who have the skills and capabilities in this area but I do not think we are in the right position at present. I did not take a note of the number of staff the Tánaiste mentioned but we are speaking about a number of staff being recruited or seconded for the cybersecurity command. The long-term ambition is 100 additional staff under level of ambition two and up to 300 or another 200 additional staff under level of ambition three. Where are we at with regard to specialist staff?

I would also make the point, not strongly but as something that needs to be considered, that I would be somewhat of the view that we need to consider carefully the ecosystem around cybersecurity. We need to be careful about having too many cooks in all the different agencies that could potentially have a role. I am not saying they do not all have a role but that needs some consideration and thought over the next while.

Simon Harris (Wicklow, Fine Gael)
Link to this: Individually | In context

The Deputy is absolutely correct. One of the issues the Government is giving consider to is that ecosystem. The Deputy will be aware that we have established for the first time a Cabinet committee on national security, chaired by the Taoiseach, in which I and the Minister for Justice participate. We are developing a national security strategy.

I agree cyber affects us. Deputy Heneghan asked me to look into all Departments and every agency, but where the buck stops and where there are clear lines of responsibility is important. We are clear in terms of the lead function being the National Cyber Security Centre but Government will give consideration to that overall national security architecture.

Coming back to the Deputy's point about the new Oireachtas Committee on Defence and National Security, which the Deputy's party colleague will chair, it will provide an important opportunity to try to make sure we can have, within the respective parameters of the importance of sensitive information, a good flow of information and briefings. I am willing and eager to co-operate with that new committee. We do not discuss national security issues and threats and cybersecurity nearly enough in the Oireachtas and I welcome the creation of the new committee.

The Deputy's numbers are correct. So far, we have 19 from the Defence Forces plus ten civilians. That brings us to 29 when fully populated, which is not yet. Obviously, that is to start the unit. We will obviously be seeking to grow that in the time ahead.