Jurisdiction Ireland | ||
 | ||
Formed 2011 as CSIRT-IE
2013 as NCSC
2015 officially Headquarters 29-31 Adelaide Road, Dublin 2, D02 X285 Minister responsible Denis Naughten, TD, Minister for Communications, Climate Action and Environment Parent State Agency of the Department of Communications, Climate Action and Environment Department of Communications, Climate Action and Environment Child State Agency of the Department of Communications, Climate Action and Environment Computer Security Incident Response Team (CSIRT-IE) | ||
The National Cyber Security Centre (NCSC) is a government computer security organisation in Ireland, an operational arm of the Department of Communications, Climate Action and Environment. The NCSC was developed in 2013 and formally established by the Irish government in July 2015. It is responsible for Ireland's cyber security, with primary focus on securing government networks, protecting critical national infrastructure, and assisting businesses and citizens in protecting their own systems. The NCSC incorporates the Computer Security Incident Response Team (CSIRT-IE).
Contents
- Mandate and organisation
- Computer Security Incident Response Team CSIRT IE
- Inter departmental cooperation
- References
The NCSC is headquartered at 29/31 Adelaide Road, Dublin 2.
Mandate and organisation
The mandate for the NCSC includes;
Threats identified to Ireland's critical infrastructure and government networks include: lone individuals, activist groups, criminal groups, terrorist groups, and nation states seeking to gather intelligence or to damage or degrade infrastructure. Incidents arising through extreme weather, human error and hardware or software failure also pose significant risks to individuals, businesses and public administration.
Work relating to the National Cyber Security Centre, and any records associated with the security of ICT systems in the state and outside it, are exempt from being disclosed under freedom of information (FOI).
Computer Security Incident Response Team (CSIRT-IE)
The Computer Security Incident Response Team (CSIRT-IE) was established in late 2011 (prior to the official formation of the NCSC) within the Department of Communications, Energy and Natural Resources, and includes secondees from other government agencies. The main role of CSIRT-IE is to provide a 24/7 expert emergency response to computer security incidents across all public sector bodies, as well as providing advice to reduce threat exposure. CSIRT-IE engages in emergency planning with government agencies overseen by the Office of Emergency Planning (OEP) within the Department of Defence and the Government Task Force on Emergency Planning, chaired by the Minister for Defence. CSIRT-IE shares information with the European Union Agency for Network and Information Security (ENISA).
Outlining the future core aspects of work of the NCSC, the government's National Cyber Security Strategy 2015-2017 states that the NCSC is to seek formal international accreditation for a Government CSIRT (g/CSIRT), expected in 2016, and accreditation will be sought for a formal National CSIRT (n/CSIRT), while also developing a capacity in the area of Industrial Control Systems and SCADA, which are used to run vital state networks such as electricity, water and telecommunications.
Inter-departmental cooperation
There is a strong culture of cooperation between the National Cyber Security Centre and the Irish Defence Forces in areas regarding technical skill sets, technical information sharing and exercise participation. Arrangements are due to be formalised by means of a Service Level Agreement with the Department of Defence, including a mechanism for the immediate sharing of technical expertise and information in the event of a major national cyber incident or emergency. The branch of the Irish military with responsibility for cyber defence is the Communications and Information Services Corps (CIS).
The Garda Síochána, the national police service, is involved with the NCSC in a preventative and investigative capacity, with regards to national security and computer crime. Its liaison relationships with international security services is particularly helpful to the NCSC in identifying emerging threats and vulnerabilities, and establishing best practice preventative measures. There is to be a Memorandum of Understanding with the Department of Justice and Equality on this matter, and upcoming cyber legislation will support the work of the National Cyber Security Centre.
There is also a Memorandum of Understanding with the Centre for Cybersecurity & Cybercrime Investigation (CCI) at University College Dublin, Europe's leading centre for research and education in cybersecurity, cybercrime and digital forensics.