Written answers

Wednesday, 23 February 2022

Department of Communications, Climate Action and Environment

Cybersecurity Policy

Photo of Patricia RyanPatricia Ryan (Kildare South, Sinn Fein)
Link to this: Individually | In context | Oireachtas source

74. To ask the Minister for Communications, Climate Action and Environment his plans to improve cyber-security in the public sector; and if he will make a statement on the matter. [10390/22]

Photo of Ossian SmythOssian Smyth (Dún Laoghaire, Green Party)
Link to this: Individually | In context | Oireachtas source

The National Cyber Security Centre (NCSC) works to support Government Departments and other public bodies to improve the resilience and security of their IT systems to better protect services that people rely upon, and their data, and the NCSC works very closely with the Office of the Government Chief Information Officer (OGCIO) in this regard. However, it should be noted that the responsibility for the integrity and security of individual ICT networks lies with each individual Department, or Agency.  The Computer Security Incident Response Team (CSIRT) based within in the NCSC, has developed and deployed technology on the infrastructure of Government Departments to detect and warn of certain types of threat. The Centre also provides expert advice and analysis on cyber security issues and is involved in coordinating the response to significant incidents. My Department has also recently published the baseline cyber security standard to be applied by all Government  Departments and Agencies. The NCSC worked with colleagues across Government to develop the standard which will support public bodies to identify cyber risks, deploy appropriate mitigation measures, and protect personal and other important data.

The publication of Baseline Standards is one of the key measures identified in the National Cyber Security Strategy 2019-2024. The Strategy stated that, under Measure 8, that the NCSC (Nationals Cyber Security Centre), would formulate the Baseline Standards in conjunction with the OGCIO (Office of the Government Chief Information Officer). The main goal of the Cyber Security Baseline Standard, that was developed last year, is to improve the resilience and security of information and communications technology infrastructure and systems (ICT) in Public Service Bodies. The Cyber Security Baseline Standards provide a clearly-communicated set of security policies and procedures, to support good cyber security risk management whilst also reflecting business objectives. They are aligned with international standards and include measures and controls in relation to staff training, identity and access management.

In July 2021 the Government agreed a number of measures to support the continued development of the NCSC over the coming five years. The measures agreed include increasing the overall fulltime staffing complement of the NCSC to at least 70 over the next 5 years. with a first tranche of an additional 20 staff recruited by end 2022 bringing the serving complement to 45. In addition, the General Scheme of a Bill will be prepared for Government approval to establish the NCSC on a statutory basis and provide for related matters including clarity around its mandate.

Comments

No comments

Log in or join to post a public comment.