The Current State of Play
The National Cyber Security Strategy (NCSS) (PDF removed by source), published by the Government of Ireland, states that Ireland is now home to over 30% of all EU data. It is therefore imperative that Ireland be able to keep this vast amount of data secure. The report warns that the Irish economy and confidence in Ireland would be undermined if a major cyberattack were to hit one of the data centers tech giants have built in the country. Therefore, Ireland’s cybersecurity strategy aims to guard against both cyberattacks and economic loss. The report also lists areas requiring attention, such as national capacity development, critical national infrastructure protection, and public sector ICT. It identifies “challenges” being faced in some government departments and agencies, for example, in securing classified information. This extends to sensitive information obtained from other states and international bodies. According to the report, the security of public sector ICT on the other hand, has improved over the last year. This is mainly thanks to the introduction of Europe’s General Data Protection Regulation (GDPR) back in May 2018. However, apparently, issues still exist in ensuring consistently high levels of security across government departments and agencies.
Objectives of the Strategy
According to the NCSS, Ireland has faced several serious cybersecurity incidents over recent years. These have demonstrated the need to improve national cyber defenses. The NCSS, therefore, aims to ensure that Ireland can provide the required level of data security to manage and possibly prevent such incidents in the future. The report also provides a series of new measures to better protect government data and networks from future cyberattacks. Further measures are also provided for the protection of critical national infrastructure against serious cyber threats. The report states: “…the security of every process, service, and piece of infrastructure in Ireland, from the electoral process through to military infrastructure and the security of public sector data has to be approached in a different way, because they are all, to some extent, dependent on connected devices and can now be targeted directly from anywhere on the planet.” Other objectives of the NCSS include:
Improving the State’s ability to respond to and manage cybersecurity incidents, including those with a national security component; Improving the resilience and security of public sector IT systems to better protect data and public services; Raising awareness of the responsibilities of businesses to secure their networks, devices, and information; and Driving research and development in cybersecurity in Ireland, which includes facilitating investment in new technology.