Peadar Tóibín (Meath West, Aontú)
Link to this: Individually | In context | Oireachtas source

65. To ask the Minister for Enterprise, Trade and Employment the investment made by his Department and State agencies under its remit in each year in cyber security for the past ten years. [28844/21]

Leo Varadkar (Dublin West, Fine Gael)
Link to this: Individually | In context | Oireachtas source

My Department adopts a defence in depth approach to cyber security. This approach uses multiple layers and disparate systems to deliver security which is not dependent on any single component. Given the heightened level of risk which currently exists, our technical staff has adopted a posture of increased vigilance and oversight of systems.

My Department is taking advice from our own external security advisers, and is also monitoring advice and guidance coming from the National Cyber Security Centre (NCSC) on any additional steps which should be implemented in the light of current risks. This advice is also being shared with the State agencies under the remit of my Department, who are evaluating this advice in the context of their own cyber security arrangements.

For operational and security reasons, we are advised by the NCSC not to disclose details of systems and processes which could in any way compromise those efforts. In particular, it is not considered appropriate to disclose information which might assist criminals to identify potential vulnerabilities in departmental cybersecurity arrangements, or to allow those criminals to enumerate differences in approach between public bodies which could be used to identify targets.

Therefore, it is not considered appropriate to disclose particular arrangements in place in relation to cyber security tools and services, or financial details which could be used to rank the cyber defences of public bodies, and my Department does not comment on operational security matters.