Darren O'Rourke (Meath East, Sinn Fein)
Link to this: Individually | In context | Oireachtas source

190. To ask the Minister for Communications, Climate Action and Environment if he will bring forward a cybersecurity Bill. [49992/22]

Eamon Ryan (Dublin Bay South, Green Party)
Link to this: Individually | In context | Oireachtas source

The security and resilience of network and information systems is vital for Ireland’s continued security and prosperity. To maximise the impact of the ongoing green and digital transformations, it is vital that we safeguard a secure, open, stable, and free cyber space from the ever-growing threat of malicious activity. My Department is pursuing a number of strategies to achieve this, including a suite of legislative steps to ensure Ireland’s cyber security. The Government agreed that the General Scheme of a Bill be prepared for Government approval, to establish the National Cyber Security Centre (NCSC) on a statutory basis. Legislation is currently being drafted to provide a mandate and authority for the NCSC, and to set out its role with respect of other agencies engaged in national security functions. My Department is developing a scoping paper to inform the drafting of Heads of Bill, which will follow early in 2023.

In November 2021, the Government agreed a number of measures to enhance the security of electronic communications including 5G networks. The Government has endorsed the 'EU 5G Security Toolbox' as the framework by which Ireland will secure its next generation electronic communications networks. A series of Electronic Security Control Measures have been drafted in consultation with industry, and legislation has been brought before the Oireachtas to establish a legal basis for these controls. The Department will bring forward primary legislation on 5G security to assess the risk profile of providers of electronic communications network equipment and, if required, to designate certain vendors as being high risk. The legislation will also provide for certain parts of electronic communications networks to be designated as being critical and certain powers which would ensure that high risk vendors would not be used in critical electronic communications networks.