Friday, 6 September 2019

Questions (737)

Jack Chambers


737. Deputy Jack Chambers asked the Minister for Business, Enterprise and Innovation if there are dedicated, professionally trained and certified cybersecurity staff in relation to cybersecurity protocols under the remit of her Department; if such specialists are being recruited; if her Department maintains a risk register of security breaches; if so, if there are staff that analyse, log and maintain such a register; and if she will make a statement on the matter. [36221/19]

View answer

Written answers (Question to Business)

My Department has a dedicated, professionally trained staff member with responsibility for information and cyber security.  This role is supplemented by other staff members who have also had professional training in this area.  While staff members do not hold current certifications, their role is supplemented by fully certified external contractors specialising in cyber security as needed.   My Department is not currently recruiting cyber security specialists.

My Department maintains a register of information security incidents which require investigation and follow up. It has deployed a Security Incident and Event Management (SIEM) solution to collect logs from core Departmental systems and report on any potential anomalies.  Alerts from this system are actively monitored and reviewed and any such alerts are logged and investigated.