Louise O'Reilly (Dublin Fingal, Sinn Fein)
Link to this: Individually | In context | Oireachtas source

244. To ask the Minister for Education and Skills if her Department has a policy and plan in place to address a ransomware attack and restore her Department's IT systems. [50848/23]

Norma Foley (Kerry, Fianna Fail)
Link to this: Individually | In context | Oireachtas source

I propose to take PQs 50812, 50830 and 50848 together.

My Department's cyber security defences are supported by the work of the National Cyber Security Centre (NCSC) and the national computer security incident response team, CSIRT, which provides early warnings, alerts, announcements and dissemination of information about risks and incidents to my Department.

The NCSC, which is located within the Department of Communications, Climate Action and Environment, is the primary cyber security authority in the State. The NCSC provides a range of cyber security services to operators of critical national infrastructure, Government Departments and agencies. 

My Department has a number of robust measures in place to protect the security of its IT systems and infrastructure.  These measures are reviewed and updated on a regular basis. 

My Department has previously been advised by the NCSC that, for security reasons, not to disclose details of its cyber security operations (including details of commercial relationships, audits/exercises and expenditure) which could in any way compromise the Department’s information security posture.  In particular, it is not considered appropriate to disclose any information, which might assist malicious actors to identify potential vulnerabilities.