Paul McAuliffe (Dublin North West, Fianna Fail)
Link to this: Individually | In context | Oireachtas source

120. To ask the Minister for Communications, Climate Action and Environment his plans to improve cyber security in Departments given the recent cyber-attack; and if he will make a statement on the matter. [29459/21]

Ossian Smyth (Dún Laoghaire, Green Party)
Link to this: Individually | In context | Oireachtas source

The National Cyber Security Centre has a broad remit in relation to the cyber security of Government ICT and critical national infrastructure. It acts as a central contact point in the event of a government or nation-wide cyber security incident affecting the State. The NCSC also coordinates and supports the response to significant incidents, with the lead role being taken by the entity affected by the incident. The NCSC team is made up of highly skilled, specialist technical civilian staff, with skillsets in areas such as computer science, software engineering, malware analysis, information technology forensics, cryptography, software development, and cyber security compliance, as well as general cyber security skills. The Computer Security Incident Response Team (CSIRT) is the team within the NCSC that leads in responding to cyber security incidents. The CSIRT has achieved international accreditation. It is this team that engages with the affected body to support it in addressing a threat.

Information sharing is a key component of the work of the NCSC whereby it acts a source of expert advice and guidance, but also as a ‘clearing house’ for information. That is to say it takes in threat intelligence data, trends and risks data, from national, global and local sources, analyses them, and makes sure that those people who need that data get it, either to protect their own systems, or to assist them in carrying out their statutory roles. The NCSC is in regular and frequent communication with international counterparts and the exchange of information is a two-way street.

The NCSC also supports public bodies, operators of essential services and digital service providers to improve their cyber security posture and fulfil their obligations under the European Network and Information Security Directive. The NCSC takes a very proactive role to supporting these important bodies in continually building their cyber security resilience through a range of initiatives, including by hosting seminars and workshops. In the days following the ransomware attack on the HSE, the NCSC has been providing specific guidance to its constituents, including Government Departments and agencies, together with operators of essential services, on appropriate measures they can take to reduce the risk of further ransomware incidents on their networks. This important element of the work of the NCSC which will continue into the future, will help inform the measures taken by individual organisations, including Government Departments, in securing their network and information systems.

Recognising that the environment in which the NCSC operates is extremely dynamic, a detailed capacity review of the NCSC is being undertaken to inform Government as to how the NCSC needs to evolve going forward. This capacity review is being carried out by an expert international consultancy and is due to report in the coming weeks in line with the timeline for completion of this work of Q2 2021 set out in the 2019 National Cyber Security Strategy.