Skip to main content
Normal View

Cybersecurity Policy

Dáil Éireann Debate, Tuesday - 14 December 2021

Tuesday, 14 December 2021

Questions (113)

Patricia Ryan


113. Deputy Patricia Ryan asked the Minister for the Environment, Climate and Communications the progress being made with the National Cyber Security Strategy; and if he will make a statement on the matter. [61673/21]

View answer

Written answers (Question to Environment)

The National Cyber Security Strategy 2019-2024 is a whole-of-Government approach to address the growing threat of cyber security incidents and to ensure that Ireland can benefit fully from the digital transformation. The Strategy includes 20 separate measures to safeguard public sector networks and essential services, to facilitate the development of the cybersecurity industry and to promote awareness raising and international cooperation. A number of measures are being led by my Department, and I am pleased to report that good progress is being made on their delivery.

As part of the implementation of the Strategy, earlier this year external consultants were commissioned to conduct a Capacity Review and to benchmark the NCSC with similar agencies in Europe and internationally. The report on the Capacity Review was received in June 2021 and in July the Government agreed a number of measures to support the continued development of the NCSC over the coming five years.The measures agreed include increasing the overall fulltime staffing complement of the NCSC to at least 70 over the next 5 years. with a first tranche of an additional 20 staff recruited by end 2022 bringing the serving complement to 45. A cyber security graduate training programme will also be introduced. In addition, the General Scheme of a Bill will be prepared for Government approval, to establish the NCSC on a statutory basis and provide for related matters including clarity around its mandate.

My Department has also recently published the baseline cyber security standard to be applied by all Government Departments and Agencies. The NCSC has worked with colleagues across Government to develop the standard which will support public bodies to identify cyber risks, deploy appropriate mitigation measures, and protect personal and other important data.

At the time of its publication, a commitment was made to conduct a mid-term review of the Strategy. This was also a recommendation in the recent NCSC Capacity Review. It is intended that this review will be conducted in the second half of 2022 and will take account of the evolving global threat landscape, EU cybersecurity policy developments such as the review of the Network and Information Services Directive, as well as lessons learned from the HSE cyber security incident in May 2021.