Dáil Éireann Debate, Tuesday - 1 June 2021
104. Deputy Bernard J. Durkan asked the Minister for the Environment, Climate and Communications the degree to which he is engaged in the protection against cyber-attacks across all Departments and the bodies under their aegis; and if he will make a statement on the matter. [29384/21]
View answerThe National Cyber Security Strategy (NCSC) has a broad remit across the cyber security of Government ICT and critical national infrastructure. The National Cyber Strategy 2019-2024 sets out the role of the NCSC to support Government Departments and other public bodies to improve the resilience and security of their IT systems to better protect services that our people rely upon, and their data. The NCSC works very closely with the Office of the Government Chief Information Officer (OGCIO) in this regard. The NCSC acts as a central contact point in the event of a Government- or nation-wide cyber security incident affecting the State. The NCSC also coordinates and supports the response to significant incidents, with the lead role being taken by the entity affected by the incident. The Computer Security Incident Response Team (CSIRT) is the team within the NCSC that leads in responding to cyber security incidents. The CSIRT has achieved international accreditation and its personnel are highly-regarded internationally. It is this team that engages with the affected body to support it in addressing the threat.
Information sharing is a key component of the work of the NCSC whereby it acts as a source of expert advice and guidance, but also as a "clearing house" for information. That is to say it takes in threat intelligence data, trends and risks data, from national, global and local sources, analyses them, and makes sure that those people who need that data get it, either to protect their own systems, or to assist them in carrying out their statutory roles. The NCSC is in regular and frequent communication with international counterparts and there is an ongoing two-way exchange of information.
The NCSC also supports public bodies, operators of essential services and digital service providers to improve their cyber security posture and fulfil their obligations under the European Network and Information Security Directive. The NCSC takes a very proactive role to supporting these important bodies on their cyber security journey by hosting seminars and workshops for instance.
