Seanad debates

Thursday, 12 May 2022

Nithe i dtosach suíonna - Commencement Matters

Cybersecurity Policy

10:30 am

Photo of Gerard CraughwellGerard Craughwell (Independent) | Oireachtas source

I thank the Acting Chairperson. I am sorry that the Minister of State, Deputy Burke, has been thrown into this issue as it is not his area of responsibility. It is regrettable that the Minister who is responsible for cybersecurity is not here.

Legislation on cybersecurity is scheduled to come before the Oireachtas in the summer of 2022, as the cybercrime Bill is due shortly. I have attended a number of conferences and have engaged with quite a number of cybersecurity companies operating in the State. The first I heard of this legislation was when it was announced at the Joint Committee on Transport and Communications last week. It is simply not good enough that legislation on a matter as important as cybersecurity would arrive without the opportunity for fair engagement right across the industry.

As the Minister of State will be aware, the HSE cybersecurity attack will have cost this country in excess of €100 million and probably a great deal more by the time it is finished. We have also had a cyberattack on the Rehab Group and cyberattacks are part and parcel of every day life now. The ambition set out by the newly appointed director of the National Cyber Security Centre is appallingly weak with respect to the number of people it expects to employ in that centre by 2023.

The industry wants to engage with Government. We want to be the best country, the most cyber-aware country, and the most cyber-protected country in the world. As the Minister of State knows, we are never totally protected because the criminals are always one step ahead of us. I ask, as I have in the committee, that the Minister of State relay this message back to the Government. I have written to the Taoiseach on this issue and have made a number of points.

First, I do not know why cybersecurity is located in the Department of the Environment, Climate and Communications when it should be in either the Department of Defence or the Department of Justice, or, more properly, directly under the Department of the Taoiseach. This makes absolutely no sense to me. This is the primary defence of the nation. A cyberattack could bring this economy down in a nanosecond. The last time cybersecurity was discussed in either House was in June 2021 and that is simply not good enough.It should be discussed on a regular basis. The National Cyber Security Centre, NCSC, should be educating people all the time rather than hiding in the background. The strategy for 2019-2024 is a work of fiction because it has not delivered on its claims.

The bottom line is that we have attracted the greatest companies in the world from an IT perspective. We have Google, Twitter, Facebook, etc. Not only that but we also have very large chemical and pharma industries. We have a massive amount of research and development going on here. All we need is one successful attack on one of these companies and the likelihood is that we will see a flight from this country. Cybersecurity has to become the most important thing in this country because it is a battle we are fighting all day and every day.

It would be better to stall the legislation, although we do not know what is in it, and to engage with the industry. Let us have the experts in here. We are lucky in that because of the organisations we have in this country, we have some of the greatest minds in the world in regard to cybersecurity. We should be tapping into those minds to make sure we have the best possible cyberdefence in the world.

I ask the Minister of State to go back to Government and ask it to stall this legislation and give the Oireachtas Joint Committee on Transport and Communications an opportunity to engage with these people to inform the legislation that will come before both Houses, even if that is in the autumn of this year, rather than rushing it through in the summer.


No comments

Log in or join to post a public comment.