New national cyber security strategy due soon as funding rises

The Government’s much-awaited second national cyber security strategy is due to be published in the coming weeks.

New national cyber security strategy due soon as funding rises

The Government’s much-awaited second national cyber security strategy is due to be published in the coming weeks. The document, replacing the first such strategy in 2015, is expected to be a much “broader and more comprehensive” document and followed a public consultation process.

In a statement, the Department of Communications, Climate Action and the Environment said a focus of the new strategy would be on ensuring that the country’s competitive advantage in the digital economy would be “further developed and defended”.

Responding to questions from the Irish Examiner, the department said additional funding had been secured for a “substantial enlargement” of the National Cyber Security Centre both in terms of staffing and additional technology.

It said the NCSC, which operates under the department, had seen its funding increase from €900,000 in 2016 to €4m this year. But despite repeated requests, the department would not provide figures as to its staffing.

A report published by the Comptroller and Auditor General last October said that staff at the centre only rose from five in 2012 to eight in 2016. When its budget rose to €1.95m in 2017, its staff increased to 14.

The department said staff have recently been recruited in areas such as compliance, analytics, data management and critical infrastructure protection as well as general cyber security skills.

The department said it now had an internationally-accredited Computer Security Response Team (CSIRT), with its own purpose-built incident management system and automated incident response tools.

The CSIRT acts as a liaison with operators of critical national infrastructure, government departments and agencies. These operators cover essential services in energy, transport, banking, financial markets, health, drinking water and digital infrastructure.

Up to 70 critical infrastructure operators in Ireland are now subject to binding requirements in how to respond to cyber threats.

Minister of state at the Department of Justice David Stanton has said the presence of global online giants in the country, such as Apple, Facebook, Microsoft and Google, presented “particular challenges”.

He said some of these multinationals, such as Twitter and Linkedin as well as Facebook and Google, have their Europe, Middle East and Africa headquarters in Ireland. Mr Stanton told a recent conference in Kerry that bodies similar to the NCSC abroad “tend to be significantly larger” even though they do not have the responsibilities that Ireland has.

“Accordingly, additional funding has been secured for a substantial enlargement of the NCSC both in terms of personnel and additional technology,” he said.

The minister said the new strategy would be much “broader and more comprehensive”.

The Policing Commission recommended the NCSC should answer to a new national security coordinator.

More in this section