Dáil Éireann Debate, Wednesday - 26 May 2021
63. Deputy Bernard J. Durkan asked the Tánaiste and Minister for Enterprise, Trade and Employment his plans to upgrade the IT system in his Department and bodies under his aegis with a view to maximising the protection against hackers. [28683/21]
View answerMy Department adopts a defence in depth approach to cyber security. This approach uses multiple layers, disparate systems and monitors to deliver security which is not dependent on any single component. Given the heightened level of risk which currently exists, our technical staff has adopted a posture of increased vigilance and oversight of systems.
My Department is taking advice from our own external security advisers, and is also monitoring advice and guidance coming from the National Cyber Security Centre (NCSC) on any additional steps which should be implemented in the light of current risks. My Department has an ongoing process for patching and upgrading systems, and this process has been adjusted and informed in light of current risk levels and advice.
For operational and security reasons, we are advised by the NCSC not to disclose details of systems and processes which could in any way compromise those efforts. In particular, it is not considered appropriate to disclose information which might assist criminals to identify potential vulnerabilities in departmental cybersecurity arrangements, or to allow those criminals to enumerate differences in approach between public bodies which could be used to identify targets.
Therefore, it is not considered appropriate to disclose particular arrangements in place in relation to cyber security tools and services, and my Department does not comment on operational security matters.
