Cybersecurity Policy

My colleague Minister Ryan, as Minister for Environment, Climate and Communications, has overall responsibility for cyber security at a national level. The National Cyber Security Centre in his Department is the national response authority for cyber security incidents. But, of course, response to cyber threats is a whole-of-Government challenge with inputs in the security domain from An Garda Síochána and the Defence Forces.

The primary responsibility of the Defence Forces relates to the defence and security of their own networks and systems. However, as in any emergency situation, once Defence systems are supported, the Department of Defence and Defence Forces provide support to the National Cyber Security Centre. For example, during the recent cyberattack on the HSE, the Defence Forces supported the response to it including provision of operational support to the HSE and, in particular, logistical and organisational support.

The Department of Defence and the Defence Forces are committed to participating, under the leadership of the Department of Environment, Climate and Communications, in the delivery of measures to improve the Cyber Security of the State. This is being done in line with the Programme for Government commitment to implement the National Cyber Security Strategy, recognizing the potential and important role of the Defence Forces.

To this end, officials from the Department of Defence and members of the Defence Forces are actively involved in implementing the National Cyber Security Strategy such as through secondment of an officer to the Cyber Security Centre of Excellence in Estonia and departmental membership of the Inter-Departmental Committee overseeing implementation of the National Cyber Security Strategy.

This Inter-Departmental Committee has recently been charged with the additional work of overseeing the plan to significantly expand the National Cyber Security Centre so that it can further develop its competence and capacity to help defend and protect IT systems and key services into the future.

For operational security reasons, no public comment will be made regarding Defence Forces Cyber Capability but I would note that the establishment of an independent Commission on the Defence Forces underpins the Government's commitment to ensuring that the Defence Forces are fit for purpose, both in terms of meeting immediate requirements and also in terms of seeking to develop a longer term vision beyond 2030. Amongst the issues that the Commission is examining are Defence Force capabilities, structures and staffing in a number of areas. The Commission is due to submit their report by the end of the year and I look forward to receiving the report in due course. The recommendations will then be fully considered and will inform future decisions regarding the DefenceForces.