Cybersecurity Policy

I propose to take Questions Nos. 69 and 70 together.

The National Cyber Security Centre (NCSC) which is located within my Department is composed of highly skilled, specialist technical staff, with skillsets in areas such as computer science, software engineering, malware analysis, information technology forensics, cryptography, software development, and cyber security compliance, as well as general cyber security skills. The NCSC acts as a conduit for information sharing to its constituents across Government and State Agencies, together with Operators of Essential Services designated under the EU Network and Information Security (NIS) Directive.

The work of the NCSC includes, inter-alia, developing capacity in order to protect Government Information and Communications Networks, and engaging with national and international stakeholders in relation to sharing information, securing systems and responding to incidents. It also provides regular advisory notices to a very broad range of constituents, including public advisories published on its website www.ncsc.gov.ie

The 2019 National Cyber Security Strategy includes a number of measures directed at improving cyber security across government, including deployment of a sensor system to detect advanced cyber threats across government departments, and an ICT Managers' forum to facilitate the sharing of information and best practices. Significant progress has been made in the implementation of these measures. The Department has also engaged independent experts to undertake a capacity review of the NCSC and the outcome of that review will inform future decisions on the structure and resourcing of the NCSC.

While the NCSC maintains detailed reports and statistics surrounding all observed activities and incidents in order to enhance strategic and operational decisions, the NCSC does not release this information publicly for reasons of national security.