Written Answers Nos. 335-339
335. Deputy Louise O'Reilly asked the Minister for Social Protection how many staff members in her Department have received training in cyber security in the past three years; what types of cyber security training programmes have been conducted; if she will provide details of these programmes; and of the staff trained in cyber security, how many have obtained accredited cyber security qualifications. [50805/23]
View answer336. Deputy Louise O'Reilly asked the Minister for Social Protection the expenditure on cyber security consultants and companies within her Department in the past three years; if her Department engaged in cyber security audits with outside firms in the past three years; if so, the expenditure on same; the amount her Department spent on cyber security consultants and companies in the past three years; and for a breakdown of these expenditures by year and type of service provided. [50823/23]
View answer337. Deputy Louise O'Reilly asked the Minister for Social Protection if there are any ongoing contracts or commitments with cyber security firms; and if details can be provided [50841/23]
View answer338. Deputy Louise O'Reilly asked the Minister for Social Protection if her Department has a policy and plan in place to address a ransomware attack and restore her Department's IT systems. [50859/23]
View answerI propose to take Questions Nos. 335, 336, 337 and 338 together.
My Department has a dedicated cyber security function to manage the security of the Department’s network and information assets. My Department takes a risk-based approach to cyber security, is regularly audited, and has achieved the ISO 27001:2013 International Standard for Information Security. This standards-based approach enables teams to proactively identify areas where security can be improved, and these security improvements are funded from my Department’s overall ICT budget.
In common with other Government Departments, my Department has in place comprehensive arrangements to support ICT security and receives regular advice on these matters from the relevant authorities including the Office of the Government Chief Information Officer and the National Cyber Security Centre. The Deputy will understand that it is not the practice, for sound operational and security reasons, to disclose the detail of these arrangements.
Furthermore, Staff working in the Department of Social Protection are provided with regular cyber security awareness communications and all staff are supported in completing the Introduction to Cyber Security Awareness training module run through the Department of Public Expenditure, NDP Delivery and Reform's OneLearning programme.
339. Deputy Catherine Murphy asked the Minister for Social Protection the number of contracts her Department has had with a company (details supplied) in the years of 2021, 2022 and to date in 2023; the services this company has provided to her Department in the years in question; and the amount her Department has paid for such services in each of those years, in tabular form. [50929/23]
View answerThe Department had 3 contracts with the company in question for the years 2021, 2022 and 2023 to date. Details of the contracts are set out in the table below.
|
Date |
Service provided |
Price (Inc. VAT) |
|
16/11/2022 |
Catering for a conference |
€13,669 |
|
03/03/2023 |
Catering for a consultation event |
€440 |
|
31/05/2023 |
Catering for a forum event |
€1,721 |
