Written answers
Wednesday, 19 February 2025
Department of Communications, Climate Action and Environment
Cybersecurity Policy
Emer Currie (Dublin West, Fine Gael)
Link to this: Individually | In context | Oireachtas source
16. To ask the Minister for Communications, Climate Action and Environment if he will provide a detailed update on the transposition into Irish law of the EU Network and Information Systems Directive II (NIS2) Directive relating to cybersecurity; the details of the competent authorities in Ireland responsible for implementation and enforcement of the directives; and the level of budget being provided to the relevant competent authorities to support implementation and enforcement. [6589/25]
Darragh O'Brien (Dublin Fingal East, Fianna Fail)
Link to this: Individually | In context | Oireachtas source
The Network and Information Systems (NIS) 2 Directive is a revision of the NIS Directive which is currently in force in the State and will remain in full effect covering the most critical operators within the State while the NIS2 Directive is being transposed into national law. It represents a major step forward for cyber resilience in Ireland and in Europe and will enhance cyber risk management including generating significant improvements in our capacity to respond to major incidents and developing the information-sharing platforms which are proving effective to date.
In June 2023 the Irish Government approved the drafting of a General Scheme as a priority for the transposition of the NIS2 Directive and to incorporate relevant provisions to establish the National Cyber Security Centre (NCSC) on a statutory basis and provide for related matters including clarity around its mandate and role in general and in relation to other actors in the cyber area.
In December 2023, the Irish Government approved my Department's proposals regarding the designation of the Government bodies and agencies as National Competent Authorities (NCAs) under the NIS2 Directive. Nine NCA’s have been designated to carry out enforcement and supervision of the Directive with the possibility of more to be designated via secondary legislation.
| Regulatory Body | Sector |
|---|---|
| Commission for the Regulation of Utilities (CRU) | Energy Drinking Water Waste Water |
| Commission for Communications Regulation (ComReg) | Digital Infrastructure ICT Service Management Space Digital Providers |
| Central Bank of Ireland (CBI) | Banking Financial Market Infrastructures |
| Irish Aviation Authority (IAA) | Transport -Aviation |
| Commission for Rail Regulation (CRR) | Transport - Rail |
| Department of Transport | Transport -Maritime |
| National Transport Authority (NTA) | Transport - Road |
| An Agency or Agencies under the Department of Health | Health |
| Department of the Environment, Climate and Communications – National Cyber Security Centre | All remaining sectors |
My Department has been engaging with all the NCAs and relevant Departments including the Department of Public Expenditure, NDP Delivery and Reform on the issue of funding for the implementation of the NIS2 Directive. The following has been agreed:
- If an NCA uses a funding mechanism such as a levy to fund their existing regulatory functions, they will be able to use the same type of mechanism, to carry out their regulatory functions under the NIS2 Directive.
- All other NCA’s have been advised to seek the level of Exchequer funding they require to carry out these functions, via their existing funding and approval mechanisms.
My Department is currently engaging with the Office of Parliamentary Council (OPC), the Attorney General’s Office, the NCSC and other relevant Government Departments and Agencies on the drafting of the Bill.
My Department was also engaging with the Committee on Transport and Communications on pre-legislative scrutiny of the General Scheme. This process was paused when the general election was called in November 2024. My expectation is pre-legislative scrutiny will resume once the relevant Committee is established under this Government.
No comments