Imelda Munster (Louth, Sinn Fein)
Link to this: Individually | In context | Oireachtas source

8. To ask the Minister for Communications, Climate Action and Environment if his Department’s IT infrastructure is monitored for security breaches on a 24/7 basis; the guidance provided from Government on same; and if he will make a statement on the matter. [45309/21]

Eamon Ryan (Dublin Bay South, Green Party)
Link to this: Individually | In context | Oireachtas source

For operational and security reasons, my department has been advised by the National Cyber Security Centre not to disclose details of the Department's cyber security arrangements.

It is not considered appropriate to disclose particular arrangements in place in relation to IT security tools and services.

Imelda Munster (Louth, Sinn Fein)
Link to this: Individually | In context | Oireachtas source

9. To ask the Minister for Communications, Climate Action and Environment the guidance provided by the National Cyber Security Centre to Departments and agencies as to whether their IT infrastructure should be monitored on a 24/7 basis for security breaches; and if he will make a statement on the matter. [45322/21]

Ossian Smyth (Dún Laoghaire, Green Party)
Link to this: Individually | In context | Oireachtas source

The National Cyber Security Centre (NCSC) has a broad remit across the cyber security of Government ICT and critical national infrastructure. The NCSC has three main roles: national incident response; information sharing; and Building Resilience. The NCSC supports Government Departments and other public bodies to improve the resilience and security of their IT systems to better protect services that our people rely upon, and their data.

The NCSC provides general guidance and notifications of major incidents and vulnerabilities on an ongoing basis to all Departments and agencies. However, it should be noted that the responsibility for the integrity and security of individual ICT networks lies with each individual Department or agency. Accordingly, decisions in relation to monitoring of networks are a matter of each entity to consider independently based on individual requirements and resources available.