Dáil Éireann Debate, Tuesday - 20 February 2018
465. Deputy James Lawless asked the Minister for Communications, Climate Action and Environment the number of staff allocated to the national cyber security centre, NCSC; the job titles, qualifications and specifications for each of these roles; the amount of time each person has worked for the NCSC; the future allocation of additional staff to the centre; the timeframe for these allocations; and if he will make a statement on the matter. [8160/18]
Amharc ar fhreagra466. Deputy James Lawless asked the Minister for Communications, Climate Action and Environment the key objectives of the national cyber security centre; if the NCSC has achieved formal international accreditation; the level of funding provided to the NCSC in each of the years 2015 to 2018; and if he will make a statement on the matter. [8161/18]
Amharc ar fhreagraI propose to take Questions Nos. 465 and 466 together.
The National Cyber Security Centre (NCSC) provides a range of cyber security services to owners of Government IT infrastructure and Critical National Infrastructure (CNI). The NCSC is home to the national Computer Security Incident Response Team (CSIRT-IE) and is responsible for acting as a conduit for information to constituents (including operators of Critical National Infrastructure, Government Departments and Agencies), providing expert advice and analysis on cyber security issues and for coordinating significant incidents. Like similar bodies in other jurisdictions, the NCSC acts as a central contact point in the event of a government or nation-wide cyber security incident affecting the State. The NCSC received International Accreditation in 2017.
While my Department does not release specific details in relation to the staff or precise funding allocated to the NCSC for operational security reasons, the expertise contained within the NCSC covers a broad range of capabilities including computer science, software engineering, malware analysis and information technology forensics. In Budget 2018 additional funding was secured for additional capacity in the NCSC, both in terms of personnel and additional technology, and a significant programme of recruitment will commence shortly.
From 9 May 2018, European Union Directive 2016/1148, concerning measures for a high common level of security of network and information systems will place a number of significant responsibilities on the NCSC in respect of Cyber Security, and will require my Department to establish a list of key critical infrastructure operators, known as Operators of Essential Services (OES) in the energy, transport, banking, financial market infrastructures, health, drinking water supply and digital infrastructure sectors. These OES will be subject to a set of binding security obligations and reporting requirements in relation to cyber security incidents affecting them. In addition, the State will be required to apply a new regulatory regime to Digital Service Providers (DSPs), who include cloud computing providers, search engines providers and providers of online market places.
