Dáil Éireann Debate, Thursday - 26 March 2015
259. Deputy Michael McGrath asked the Minister for Communications, Energy and Natural Resources if he has quantified the potential loss to Irish businesses from cross-border cyber attacks; if he has considered taking action to address this potential serious risk to businesses, should they become a victim of cyber attacks; and if he will make a statement on the matter. [12638/15]
View answerAs with other countries, Ireland's information society increasingly relies upon the Internet and Internet based services to conduct everyday business. The State, critical infrastructure, businesses and citizens depend upon the reliable functioning of information and communication technologies and of the Internet. Any significant disruption to these systems, regardless of the cause, poses a threat to the functioning of the State and the economy, and can have profound effects on the daily life of citizens and on the operation of business. Any threat to the resilience and security of these systems and services therefore requires a robust and coherent response, both nationally and at an EU level.
Cyber attacks can be very diverse in character, origin and seriousness, meaning that preparing for and responding to these threats is far from simple. In 2011, the Government approved the establishment of a Computer Security and Incident Response Team (CSIRT-IE) in my Department and this team has since been working across Government to secure government systems and information. Cyber security experts in my Department participate in regular national, EU and international emergency response exercises, as well as providing expert advise to Government Departments and industry stakeholders on individual cyber attacks. In 2012, my Department, in partnership with industry sponsors, re-launched the “Make-IT-Secure” campaign that aims to inform small and medium sized businesses and the general public on steps they can take to improve their own cyber security.
My Department is presently in the final stages of preparing a new national cyber security strategy. This strategy will include further development of awareness raising measures, highlighting in particular the responsibilities of businesses around securing their networks, devices and information and providing support to them in this by means of information, training and voluntary codes of practice.
My Department also co-operates and engages intensively with EU and international stakeholders on cyber security matters. An EU Network and Information Security Directive is currently being finalised in Brussels and will contain obligations for specific sectors of business considered vital to the economies and societies of Member States. Such obligations will involve taking appropriate steps to manage security risks, to report serious cyber incidents and to comply with specific security requirements. When finalised, my Department will prepare legislation to transpose this Directive into national law at the earliest opportunity.
