The Department of Communications, Energy and National Resources has recently published a National Cybersecurity Strategy detailing how the Irish Government plans to defend against the increased risk of cyber threats to the State, its critical infrastructure, businesses and citizens.

As the go-to country for data driven multinational corporations such as Microsoft, Facebook and Google, Ireland arguably faces a more complex set of risks than those faced by other nations. Ensuring the continued reliable functioning of information and communication technologies is a priority for Ireland.

The Strategy introduces the following measures:

  • The establishment of a National Cyber Security Centre (NCSC) which will be tasked with securing government networks, assisting both individuals and organisations with protecting their computer systemsand protecting the country’s critical infrastructure
  • Raising awareness and improving networks for public bodies, including incident reporting and escalation policies
  • Enacting legislation in order to allow Ireland to both ratify the Budapest Convention and transpose the EU Directive on network and information security
  • Co-operation with other nations including knowledge sharing and emphasising the need for secure and resilient infrastructure among policy makers
  • Increasing the role of an Garda Síochána in respect of cybercrime preventative and investigative strategies
  • Co-operation between the NCSC and the defence forces in the area of cybercrime
  • The development of a national emergency management system in order to better protect Ireland’s critical infrastructure
  • Public awareness and education schemes to assist individuals and SMEs in better protecting themselves against cyber threats

The Strategy highlights the importance of having measures to protect all businesses, from SMEs to multi-national corporations. Digital technologies have brought great benefits and offer enormous opportunities but they also bring new challenges. All businesses should ensure that they have the appropriate (i) detection mechanisms; (ii) technical controls; (iii) cyber insurance cover; (iv) policies; and (v) procedures in place in order to minimise the risk of cyber attacks.