I propose to take Questions Nos. 70, 71 and 72 together. I propose to take Questions Nos 70 to 72, inclusive, and 140 together:
The National Cyber Security Centre (NCSC) which is located within my Department, acts as a central contact point in the event of a government or nation-wide cyber security incident affecting the State, including the provision of advisory notices to its core group of government departments, state agencies, and organisations responsible for critical national infrastructure.
With regard to the cyber attack on the HSE, the NCSC has been intensively engaging with the HSE since early on Friday 14 May and has deployed its resources to fully support the HSE in identifying the affected systems and to bring systems back online, liaising with international partners and third-party contractors. The focus continues to be the restoration of our health services.
The actual detail of security measures employed by each individual organisation to secure that organisation's network and information systems is a matter for each individual organisation. More broadly, it is not considered appropriate to disclose information which might assist criminals to identify potential vulnerabilities in IT security arrangements. Therefore it is not considered appropriate to disclose particular arrangements in place in relation to IT security tools and services, including those in relation to my Department, or agencies under its remit and my Department does not comment on operational security matters.