The Irish Minister for Communications, Climate Action and Environment, Richard Bruton T.D. is consulting on a new strategy to protect individuals, businesses and Ireland’s national security from cyber-attacks.
The new strategy will set out how best to ensure the resilient, safe and secure operation of computer networks and associated infrastructure used by the State, Irish citizens and business. It will set out the framework to protect against such threats as hacking, cyber crime, cryptojacking, hacktivism and cyber espionage.
Minister Bruton said on March 19 that the country must ensure its hospitals, schools, personal data and state infrastructure are protected from cyber attack and that Ireland is not vulnerable to such threats. Individuals and businesses also need to have the necessary safeguards in place to protect themselves.
“As a society, we have benefitted hugely from internet based technologies; however this reliance brings with it a number of new vulnerabilities and risks, each posing some challenging questions for government and for society. This is an issue of national importance. Today we are consulting on a new strategy which will see a stepping up of our capacity in this area.”
More than 6,000 people in Ireland are already employed in the Cyber Security sector, and the country has become a home for many data centric industries. Minister Bruton said the development of a new National Cyber Security Strategy will position Ireland to take full advantage of the opportunities to create more high value technology jobs.
The consultation on the Strategy opened March 19 and includes 10 specific questions, seeking responses and ideas. These are:
- Having regard to the developing challenges and risks arising in cyber security, and the progress made as outlined above, what should be the focus and key objectives of this Strategy?
- Are further steps/measures required to protect critical national infrastructure, including those sectors outside of those covered by the EU directive on the security of network and information systems (known as the NIS Directive)?
- In relation to meeting the threats posed to integrity of the electoral process, what are the key cyber security measures that should be taken, and how might these contribute to the national response to hybrid threats?
- Government IT systems are owned and operated by a wide range of operators; what measures should be taken to ensure that public services and data are secured to a uniform and high degree, with reference to governance, staffing, organization and training?
- Are public information campaigns focused on general messages around online fraud and phishing attacks aimed at individuals useful, or should the focus of public information campaigns be on measures designed to assist small and medium businesses in mitigating risks to their businesses and data, or are both issues equally important?
- What are the key challenges initiatives and measures are required to develop the Irish cyber security industry, with particular regard to supporting the research and development agenda?
- What kind of measures could be undertaken by government to improve the availability of skilled workers in this field?
- How might the relationship between academia and industry be facilitated to ensure that third level institutions are providing and developing the skills that industry require?
- What concrete structures can be put in place so that developments in the cyber security community (industry, academia and prospective workers in the area) are clearly understood by government, and vice versa?
- What role should the State play in the international discussion around cyber security, responsible State and non-State behaviour, and the responsibilities of private industry?
Interested parties have 30 working days to make their submission. These representations will be considered before the final version of the Strategy is published and comes into operation.