Friday, 6 September 2019

Questions (1199)

Jack Chambers


1199. Deputy Jack Chambers asked the Minister for Health if there are dedicated, professionally trained and certified cybersecurity staff in respect of cybersecurity protocols under the remit of his Department; if such specialists are being recruited; if his Department maintains a risk register of security breaches; if so, if there are staff that analyse, log and maintain such a register; and if he will make a statement on the matter. [36230/19]

View answer

Written answers (Question to Health)

While my Department does not release specific details in relation to staff employed for operational and security reasons, the expertise and qualifications of the staff in our ICT Unit covers a broad range of capabilities including Computer Science, Application Development and Cyber Security.

My Department implements a multi-layered approach to cyber security and to protecting our ICT systems, data and infrastructure. Contracts are in place with several external parties to provide preventative controls like firewalls, anti-virus and endpoint protection alongside an advanced network intrusion detection system.

A register of security breaches is maintained by the Security Officer. This is proactively monitored and measures are implemented to mitigate breaches in the future. ICT risks are recorded in the Departmental Risk Register with contingency plans in place to mitigate these.

My Department continues to engage with the National Cyber Security Centre (NCSC) based in the Department of Communications, Climate Action and Environment and receives regular updates from the State's national/governmental Computer Security Incident Response Team (CSIRT-IE).