Léim ar aghaidh chuig an bpríomhábhar
Gnáthamharc

Cybersecurity Policy

Dáil Éireann Debate, Thursday - 11 April 2019

Thursday, 11 April 2019

Ceisteanna (7)

Jack Chambers

Ceist:

7. Deputy Jack Chambers asked the Taoiseach and Minister for Defence if he will report on the work of the Defence Forces computer incident response team; and if he will make a statement on the matter. [16839/19]

Amharc ar fhreagra

Freagraí ó Béal (11 píosaí cainte)

There are grave concerns among members of the Defence Forces that this team has been seriously compromised and undermined and that this may pose a serious security risk to the State. I hope the Minister of State can update the House.

As outlined in the Government's White Paper on Defence 2015, the issue of cybersecurity has very significant implications for governmental administration, for industry, for economic well-being and for the security and safety of citizens. Cybersecurity is a standing item on the agenda of the Government task force on emergency planning, which I chair.

The response to cyberthreats remains a whole-of-Government challenge, with the Department of Communications, Climate Action and Environment taking the lead role and with inputs in the security domain from An Garda Síochána and the Defence Forces. The Department of Defence and the Defence Forces are committed to participating, under the leadership of the Department of Communications, Climate Action and Environment, in the delivery of measures to improve the cybersecurity of the State.

Ireland’s national cybersecurity centre, NCSC, which is located in the Department of Communications, Climate Action and Environment provides a range of cybersecurity services to owners of Government ICT infrastructure and critical national infrastructure. The NCSC is also home to the national computer security incident response team, CSIRT-IE, which acts as a national point of contact involving entities within Ireland, and as the point of contact for international discussions and collaboration on issues of cybersecurity.  The scope of CSIRT's activities covers prevention, detection, response and mitigation services to Departments and State agencies and critical national infrastructure providers. The Defence Forces provide seconded specialists to assist with the work of CSIRT-IE when resources allow. In addition, as in any emergency situation, once defence systems are supported, the Department of Defence and the Defence Forces will provide support to CSIRT-IE insofar as resources allow.

 While it would be inappropriate for me to comment on the specific cybercapabilities of the Defence Forces, for both security and operational reasons, I can confirm that the priority for the Defence Forces' CSIRT is the protection of the Defence Forces communications network. Other activities undertaken by CSIRT include the monitoring and handling of cyberincidents, the enhancement of Defence Forces cybersituational awareness and the provision of cyberawareness training.

I have been told that a decision was made in September 2018 to stand down the Defence Forces' computer incident response team as there were no trained staff left. The national cyber security centre is robbing Peter to pay Paul. Is that the case? Are the Defence Forces' computers being monitored for attacks? If it is the case that there are no staff members in the Defence Forces' incident response team, this represents a serious security matter for the State. Who is keeping an eye on the security of the Defence Forces' IT network? We do not know who may be attacking the system if the team has no staff. There can be no civilian contract for the computer incident response team because of issues of security and supervision. The Minister of State can tell the Dáil that he cannot comment for operational and security reasons but if it is the case that the computer incidents response team in the Defence Forces has been stood down, this represents a serious security risk for the State.

It means we are not providing a proper response and barrier for potential attacks and it shows how the depletion in numbers in the Defence Forces could compromise security. It is not good enough to quote the Department of Communications, Climate Action and Environment.

The Deputy will have another minute in supplementary questions.

This is a specific team in the Defence Forces, relating to the Minister of State's responsibilities to this House. I want him to provide clarity, apart from the operational and security response that he gave.

May I remind Deputies and the Minister of State that we are now running 30 seconds over on every speaker's time? That is not fair to the people who find themselves disappointed when it comes to 11.55 a.m. We set the rules of this House and I ask the Deputies to please keep the rules of the House.

Some of the Deputy's remarks are very disingenuous. He received a reply to a parliamentary question this week relating to military management that on January 2019 the established figure for technical officers in the communications and information service, CIS, corps of the Defence Forces is 22 personnel, that is, 18 Army and four Air Corps, and all posts are currently filled.

The establishment figure for grade 5 and grade 6 technicians in the CIS corps is 202 personnel, out of which there are 66 vacancies at present. A total of 62 personnel are in training across the Army, Naval Service and Air Corps who will be eligible to grade 5 technician pay on graduation from the CIS trainee technician scheme.

Cybersecurity encompasses all sections of society, whether it is business, critical infrastructure, large industry or the ESB. It not only about military, it has a joined-up approach and the Department of Communications, Climate Action and Environment has overall responsibility for the State's cybersecurity. The Defence Forces assist it and will continue to do so under the service level agreement which is in place.

From the Comptroller and Auditor General, we know that the cyberunit in the Department of Communications, Climate Action and Environment is completely dysfunctional and is not fit for purpose. I am also informed that the Defence Forces cannot fulfil its obligations to that Department due to the depletion of staffing numbers and that there is a security risk. I would like further details on the service level agreement and whether cover is sufficient. Will the Minister of State outline what the service level agreement involves and how he is fulfilling his commitments to that Department? I am told there is a security risk and that there is no robust incident response team in place. According to the Department of Defence's White Paper, the Department and the Defence Forces are supposed to provide a back up to the cyberunit in the Department of Communications, Climate Action and Environment in the event of an attack, as it represents the insurance policy in the case of any significant attack. The Minister of State has given the House no clarity.

The Deputy might take this up with the Minister for Communications, Climate Action and Environment, Deputy Bruton. The first national cybersecurity strategy, agreed by the Government in 2015, set out a series of measures that would be taken to build the capability of the NCSC and to achieve a high level of security for computer networks and critical infrastructure of the State. These measures included steadily increasing the capacity of the national computer security incident response team, which is part of the NCSC, as well as a series of measures to improve the network and information security of public bodies. The strategy also established how the resilience of critical national infrastructure would be improved, in part by the transposition of the EU network of information security directive and how the national incident response process would be developed through ongoing participation in the national emergency management systems.

It is important that officials from my Department and members of the Defence Forces are involved in the development of the revised strategy, which will be published by the Minister, Deputy Bruton, in coming months. The revised strategy, in conjunction with the White Paper on defence, will continue to inform our engagement in this critical area.

Barr
Roinn