I propose to take Questions Nos. 537, 538, 539 and 540 together.
My Department implements a multi-layered approach to cyber security and to protecting our ICT systems, data and infrastructure.
Comprehensive arrangements are in place to support ICT security through specialised software to mitigate against malicious threats, and to provide early warning notifications of same. Incident response plans are in place and systems are fully monitored, providing for a rapid response to any notified incidents. We also receive regular advice on these matters from the relevant authorities including the National Cyber Security Centre and the Office of the Government Chief Information Officer.
Contracts are in place with external parties to provide preventative controls and expertise. The expertise and qualifications of the staff in our ICT Unit covers a broad range of capabilities including Computer Science, Application Development and Cyber Security. The Deputy will understand that it is not the practice, for sound operational and security reasons, to disclose the detail of these arrangements.
All staff working in my Department are provided with a structured Cyber Security Awareness Training programme. Regular cyber security awareness communications are also issued to all staff.