Dáil Éireann Debate, Tuesday - 21 November 2023
193. Deputy Louise O'Reilly asked the Minister for Public Expenditure, National Development Plan Delivery and Reform how many staff members in his Department have received training in cyber security in the past three years; what types of cyber security training programmes have been conducted; if he will provide details of these programmes; and of the staff trained in cyber security, how many have obtained accredited cyber security qualifications. [50803/23]
View answer194. Deputy Louise O'Reilly asked the Minister for Public Expenditure, National Development Plan Delivery and Reform the expenditure on cyber security consultants and companies within his Department in the past three years; if his Department engaged in cyber security audits with outside firms in the past three years; if so, the expenditure on same; the amount his Department spent on cyber security consultants and companies in the past three years; and for a breakdown of these expenditures by year and type of service provided. [50821/23]
View answer195. Deputy Louise O'Reilly asked the Minister for Public Expenditure, National Development Plan Delivery and Reform if there are any ongoing contracts or commitments with cyber security firms; and if details can be provided [50839/23]
View answer196. Deputy Louise O'Reilly asked the Minister for Public Expenditure, National Development Plan Delivery and Reform if his Department has a policy and plan in place to address a ransomware attack and restore his Department's IT systems. [50857/23]
View answerI propose to take Questions Nos. 193, 194, 195 and 196 together.
For operational and security reasons, my Department does not disclose specific information relating to cyber security tools, spend, in house expertise and specific strategies employed to counter and combat the threats posed to information security. I am in a position to advise the Deputy that the Department engaged an external consultancy company to perform a cybersecurity audit in 2023 at a cost of €82,656.My Department recognises the importance of maintaining strong cyber security awareness, and ensures staff stay up to date on evolving cyber security threats including malware, phishing attacks and social engineering deception schemes. All staff are provided with training guidance on cyber security at induction and updates on new threats and how to mitigate these. Finally, the Office of the Government Chief Information Officer, which is a Division of my Department, works closely with the National Cyber Security Centre, which is a Division of the Department of Communications, Climate Action and Environment, and encompasses the State's national/governmental Computer Security Incident Response Team. CSIRT-IE is an internationally accredited response team focusing on enhancing both situational awareness and providing incident response for national cyber security incidents (including ransomware attack).
