Malcolm Byrne (Wicklow-Wexford, Fianna Fail)
Link to this: Individually | In context | Oireachtas source

186. To ask the Minister for Finance the number of actual and attempted cyberattacks on his Department during each of the years 2022, 2023 and 2024, the countries of origin of those attacks; and if he will make a statement on the matter. [14690/25]

Malcolm Byrne (Wicklow-Wexford, Fianna Fail)
Link to this: Individually | In context | Oireachtas source

187. To ask the Minister for Finance the total sum spent on cybersecurity measures within his Department during each of the years 2022, 2023 and 2024. [14672/25]

Paschal Donohoe (Dublin Central, Fine Gael)
Link to this: Individually | In context | Oireachtas source

I propose to take Questions Nos. 186 and 187 together.

My Department’s IT systems are provided by the Office of the Government Chief Information Officer (OGCIO) who have advised me that they implement a multi layered defence-in-depth security strategy which is achieved through the effective combination of People, Processes, and Technology to support the implementation of appropriate security measures and provisions. This defence-in-depth security strategy includes the implementation of an extensive Information Security Management System (ISMS) comprising of many security policies and controls, which is aligned to and certified to the industry security standard ISO 27001:2022 to address risks from cyber security attacks. These security controls ensure that a consistent and effective approach is adhered to in the management of cyber security threats and incidents.

With the threat landscape constantly evolving, OGCIO continually enhance and strengthen ICT security to mitigate against emerging threats, risks, vulnerabilities and cybersecurity attacks. With this increased sophistication and complexity, the cyber criminals have become very proficient at masking their activity. As a result, it is not possible to determine the country of origin of attacks with any certainty. The OGCIO network is subject to continuous and ongoing cyber-attacks on a continuous basis which are intercepted at different levels of the multi layered defence-in-depth approach, including outside the OGCIO perimeter.

My Department and OGCIO also work closely with the National Cyber Security Centre (NCSC), which monitors, detects and responds to cyber security incidents in the State, and builds resilience in IT systems with particular emphasis on critical infrastructure and Government. Those resilience-building measures include a set of security requirements applied to critical infrastructure; a formal information sharing network, of which my Department is a member; and advisories circulated relating to vulnerabilities and risks across critical infrastructure and Government, which my Department follows.

The NCSC also encompasses the State's national/governmental Computer Security Incident Response Team (CSIRT-IE). The CSIRT-IE’s mission is to support Government departments and core agencies in responding to cyber security incidents. This includes in particular malicious cyber-attacks that could hamper the integrity of Government information system assets and/or harm the interests of the Irish State. CSIRT-IE also acts as a national point of contact for cyber-attacks involving entities within Ireland.

For operational and security reasons, my Department does not disclose details of systems and processes which could in any way compromise the Department's cybersecurity efforts. In particular, it is not considered appropriate to disclose any information which might assist criminals to identify potential vulnerabilities in cybersecurity arrangements in my Department.

It is also not possible to provide the exact number of cyber attacks on my Department or the OGCIO network as a whole, I can however say that these routinely run to tens of thousands of unsuccessful attempts on the network each year.