Written answers

Tuesday, 21 November 2023

Department of Public Expenditure and Reform

Cybersecurity Policy

All Written Answers on 21 Nov 2023 « Previous answer Next answer »

Photo of Louise O'ReillyLouise O'Reilly (Dublin Fingal, Sinn Fein)
Link to this: Individually | In context | Oireachtas source

193. To ask the Minister for Public Expenditure and Reform how many staff members in his Department have received training in cyber security in the past three years; what types of cyber security training programmes have been conducted; if he will provide details of these programmes; and of the staff trained in cyber security, how many have obtained accredited cyber security qualifications. [50803/23]

Photo of Louise O'ReillyLouise O'Reilly (Dublin Fingal, Sinn Fein)
Link to this: Individually | In context | Oireachtas source

194. To ask the Minister for Public Expenditure and Reform the expenditure on cyber security consultants and companies within his Department in the past three years; if his Department engaged in cyber security audits with outside firms in the past three years; if so, the expenditure on same; the amount his Department spent on cyber security consultants and companies in the past three years; and for a breakdown of these expenditures by year and type of service provided. [50821/23]

Photo of Louise O'ReillyLouise O'Reilly (Dublin Fingal, Sinn Fein)
Link to this: Individually | In context | Oireachtas source

195. To ask the Minister for Public Expenditure and Reform if there are any ongoing contracts or commitments with cyber security firms; and if details can be provided [50839/23]

Photo of Louise O'ReillyLouise O'Reilly (Dublin Fingal, Sinn Fein)
Link to this: Individually | In context | Oireachtas source

196. To ask the Minister for Public Expenditure and Reform if his Department has a policy and plan in place to address a ransomware attack and restore his Department's IT systems. [50857/23]

Photo of Paschal DonohoePaschal Donohoe (Dublin Central, Fine Gael)
Link to this: Individually | In context | Oireachtas source

I propose to take Questions Nos. 193, 194, 195 and 196 together.

For operational and security reasons, my Department does not disclose specific information relating to cyber security tools, spend, in house expertise and specific strategies employed to counter and combat the threats posed to information security. I am in a position to advise the Deputy that the Department engaged an external consultancy company to perform a cybersecurity audit in 2023 at a cost of €82,656.

My Department recognises the importance of maintaining strong cyber security awareness, and ensures staff stay up to date on evolving cyber security threats including malware, phishing attacks and social engineering deception schemes. All staff are provided with training guidance on cyber security at induction and updates on new threats and how to mitigate these.

Finally, the Office of the Government Chief Information Officer, which is a Division of my Department, works closely with the National Cyber Security Centre, which is a Division of the Department of Communications, Climate Action and Environment, and encompasses the State's national/governmental Computer Security Incident Response Team. CSIRT-IE is an internationally accredited response team focusing on enhancing both situational awareness and providing incident response for national cyber security incidents (including ransomware attack).

Does this answer the above question?
Yes! 2 people think so!
No! 1 person thinks not!

Comments

No comments

 

Log in or join to post a public comment.