Malcolm Byrne (Wicklow-Wexford, Fianna Fail)
Link to this: Individually | In context | Oireachtas source

198. To ask the Minister for Public Expenditure and Reform the number of actual and attempted cyberattacks on his Department during each of the years 2022, 2023 and 2024, the countries of origin of those attacks; and if he will make a statement on the matter. [14696/25]

Jack Chambers (Dublin West, Fianna Fail)
Link to this: Individually | In context | Oireachtas source

My Department implements a multi layered defence-in-depth security strategy which is achieved through the effective combination of People, Processes, and Technology to support the implementation of appropriate security measures and provisions. This defence-in-depth security strategy includes the implementation of an extensive Information Security Management System (ISMS) comprising of many security policies and controls, which is aligned and certified to the industry security standard ISO 27001:2022 to address risks from cyber security attacks. These security controls ensure that a consistent and effective approach is adhered to in the management of cyber security threats and incidents.

With the threat landscape constantly evolving, a significant effort is expended to continually enhance and strengthen ICT security to mitigate against emerging threats, risks, vulnerabilities and cybersecurity attacks. With this increased sophistication and complexity, the cyber criminals have become very proficient at masking their activity. As a result, it is not possible to determine the country of origin of attacks with any certainty. My Department is subject to continuous and ongoing cyber-attacks on an hourly basis which are intercepted at different levels of our multi layered defence-in-depth approach, including outside our perimeter. Therefore, while it is not possible to provide the exact number of cyber attacks on my Department, I can say that these routinely run to hundreds of thousands each year.

Malcolm Byrne (Wicklow-Wexford, Fianna Fail)
Link to this: Individually | In context | Oireachtas source

199. To ask the Minister for Public Expenditure and Reform the total sum spent on cybersecurity measures within his Department during each of the years 2022, 2023 and 2024. [14678/25]

Jack Chambers (Dublin West, Fianna Fail)
Link to this: Individually | In context | Oireachtas source

My Department implements a multi layered defence-in-depth security strategy which is achieved through the effective combination of People, Processes, and Technology to support the implementation of appropriate security measures and provisions. This defence-in-depth security strategy includes the implementation of an extensive Information Security Management System (ISMS) comprising of many security policies and controls, which is aligned and certified to the industry security standard ISO 27001:2022 to address risks from cyber security attacks. These security controls ensure that a consistent and effective approach is adhered to in the management of cyber security threats and incidents.

For operational and security reasons, my Department has been advised by the National Cyber Security Centre not to disclose details of systems and processes which could in any way compromise the Department's cybersecurity efforts. In particular, it is not considered appropriate to disclose any information which might assist criminals to identify potential vulnerabilities in cybersecurity arrangements in my Department or the bodies under its aegis. Therefore, it is not possible to provide the particular information requested by the Deputy on spend or any information in relation to cyber security tools and services or operational security matters.