The Department of Education provide direct ICT services to my Department on a shared service basis. This includes managing cyber-security matters, audits, and ICT-related consultancies.
The Department regularly runs cyber security awareness campaigns for all staff, including officials in my Department, to raise awareness of the threats posed by cyber-crime. In addition, all of the staff in my Department have access to cyber security awareness training on the civil service wide OneLearning, Learning Management System. ICT personnel also undertake relevant cyber security training periodically.
My Department's and the Department of Education's cyber security defences are supported by the work of the National Cyber Security Centre (NCSC) and the national computer security incident response team, CSIRT, which provides early warnings, alerts, announcements and dissemination of information about risks and incidents to Government Departments.
The Department has previously been advised by the NCSC, for security reasons, not to disclose details of its cyber security operations which could in any way compromise the Department’s information security posture. In particular, it is not considered appropriate to disclose any information, which might assist malicious actors to identify potential vulnerabilities.