Written answers

Friday, 6 September 2019

Department of Communications, Climate Action and Environment

Cyber Security Protocols

Photo of Jack ChambersJack Chambers (Dublin West, Fianna Fail)
Link to this: Individually | In context | Oireachtas source

1527. To ask the Minister for Communications, Climate Action and Environment if there are dedicated, professionally trained and certified cybersecurity staff in relation to cybersecurity protocols under the remit of his Department; if such specialists are being recruited; if his Department maintains a risk register of security breaches; if so, if there are staff that analyse, log and maintain such a register; and if he will make a statement on the matter. [36223/19]

Photo of Richard BrutonRichard Bruton (Dublin Bay North, Fine Gael)
Link to this: Individually | In context | Oireachtas source

The National Cyber Security Centre is part of my Department and has responsibility for the implementation of the Network and Information Security (NIS) Directive. My Department works closely with the NCSC on the department's own internal network security and implements its recommendations as appropriate. The NCSC encompasses the State’s National/Governmental Computer Security Incident Response Team (CSIRT-IE). CSIRT-IE is an internationally accredited response team.

The Department has recruited and employs appropriately trained and qualified personnel to the NCSC. Currently there is no active recruitment.

My Department applies the relevant cyber security protocols in its network, applications, data, operations, disaster recovery, business continuity and staff awareness through our Shared Service agreement with the Department of Agriculture, Food and the Marine (DAFM). Under the arrangement, my Department relies on the resources of DAFM in relation to any cyber security incident.

Photo of Jack ChambersJack Chambers (Dublin West, Fianna Fail)
Link to this: Individually | In context | Oireachtas source

1528. To ask the Minister for Communications, Climate Action and Environment if there is formal collaboration between agencies, Departments, law enforcement and the military with regard to cybersecurity and guidance on best practice and intelligence sharing in relation to cybersecurity protocols under the remit of his Department; if his Department has a disaster recovery plan, business continuity plan and or disaster recovery sites; and if he will make a statement on the matter. [36239/19]

Photo of Richard BrutonRichard Bruton (Dublin Bay North, Fine Gael)
Link to this: Individually | In context | Oireachtas source

The security of the State and its citizens is a matter of the highest priority for the Government, with cyber security posing a particular challenge due to its dynamic and cross cutting nature. The National Cyber Security Centre (NCSC) was formally established in 2011 and is a part of the Department of Communications, Climate Action and Environment, and is the primary State body with responsibility for Cyber Security matters, including the operation of a Computer Security Incident Response Team (CSIRT). The CSIRT is the national incidence response unit, and deals with a large number of incidents each year, across Government and critical national infrastructure.

The NCSC is composed of highly skilled, specialist technical staff with skillsets across a range of cyber security related disciplines. In addition to the incident response roles, the NCSC also has a role around improving the resilience of critical national infrastructure and also acts as a conduit for information on cyber security matters to its constituent base. This information includes general cyber security information via the NCSC’s Alert & Advisory System, as well as very specific and targeted information, including threat intelligence, which is provided directly to entities. The NCSC also provides expert advice and analysis on cyber security issues and is involved in coordinating the response to significant incidents.

Intelligence sharing between An Garda Síochána, the Defence Forces, the National Cyber Security Centre (NCSC), and Critical National Infrastructure takes place on an ongoing basis, including via the Threat Sharing Group, which is a cross government forum for information exchange on cyber security and related matters. The NCSC also works very closely with international counterparts in identifying and managing any incidents or matters arising that pose a threat to the security of the State or infrastructure here, including by means of the exchange of threat intelligence information.

Comments

No comments

Log in or join to post a public comment.