Matt Shanahan (Waterford, Independent)
Link to this: Individually | In context | Oireachtas source

159. To ask the Minister for Communications, Climate Action and Environment the increases in funding that have been given to the National Cyber Security Centre over the past 12 months; his views on whether this has improved Ireland's defence to cyberattack on State infrastructure; and if he will make a statement on the matter. [10481/22]

Ossian Smyth (Dún Laoghaire, Green Party)
Link to this: Individually | In context | Oireachtas source

The programme budget for cyber security in my Department's Vote for 2022 is €5.1 million, broken down between €2.5 million current and €2.6 million capital. While this is the same funding allocation as 2021, it represents a trebling of the budget when compared with 2020. In addition, provision has been made in the Department's Estimate for 2022 for a year-on-year increase in the payroll and administration for the National Cyber Security Centre (NCSC) in the sum of €2.5 million, for a total of €2.1 million in pay and €400,000 in non-pay administration overheads. The increased pay allocation is in recognition of the Government decision last July to expand the capacity of the NCSC with an additional 20 posts to be filled before the end of this year. Recruitment in respect of these posts is well underway, with three separate competitions launched and a fourth to begin this week.

The NCSC plays a leading role in implementing the National Cyber Security Strategy 2019-2024. The Strategy includes a number of measures aimed at enhancing the security and resilience of Government networks and data, as well as critical national infrastructure. Significant progress has been made in implementing these measures since 2019. For instance, the NCSC's Sensor Programme has been deployed across all Government Departments, serving as an additional layer of boundary protection that alerts the NCSC when particular types of activity are observed transiting Government networks. In collaboration with a cross departmental group drawn from across the public service, the NCSC recently published the baseline cyber security standard to be applied by all Government Departments and Agencies. The NCSC has also completed a National Risk Assessment of critical infrastructure, to ensure that NCSC has a thorough understanding of Critical National Infrastructure and has contact channels with operators.

Strengthening the NCSC is a key component of the Strategy, and last year we commissioned a capacity review to benchmark our NCSC against its counterparts in Europe and other States. The consultants noted the knowledge, expertise and motivation of the NCSC’s staff, which was apparent in their exemplary response to the HSE incident last May. The Government has accepted the recommendations in the capacity review and invested in increased capacity in a number of ways, including the appointment of a Director of the NCSC and a number of other new staff, new threat intelligence contracts, and a new contract with the UCD Centre for Cyber Security and Cyber Crime Investigations.