Dáil Éireann Debate, Thursday - 22 June 2023
165. Deputy Denis Naughten asked the Minister for the Environment, Climate and Communications the timeline for the publication of the general scheme of legislation to establish the national cybersecurity centre on a statutory footing; and if he will make a statement on the matter. [30305/23]
View answerThe National Cyber Security Centre (NCSC), which is a unit within my Department, is the lead Government agency for cyber security including coordination of the national response to major cyber security incidents. The NCSC was established by a Government decision in 2011 and its mandate is set out in the National Cyber Security Strategy published in 2019. The Computer Security Incident Response Team (CSIRT) is the unit within the NCSC tasked with detecting, preventing, and responding to cyber security incidents. Its role and functions are set out in the European Union (Measures for a High Common level of Security of Network and Information Systems) Regulations 2018, S.I. No. 360/2018, which transposed the EU Network and Information Security (NIS) Directive, EU 2016/1148.
As part of a number of measures to develop the NCSC, the Government agreed in 2021 to establish the National Cyber Security Centre (NCSC) on a statutory basis and provide for related matters including clarity around its mandate and role in general and in relation to other actors in the cyber area. Drafting of Heads of a Bill has been advanced by officials in my Department.
In parallel to the drafting of Heads, the EU has revised the NIS Directive to take account of the increased reliance on ICT systems across critical infrastructure and industry, as well as the deterioration in the global cyber threat landscape. The revised Directive - known as NIS2 - was agreed last December and published in the Official Journal of the European Union as Directive (EU) 2022/2555 on 27 December 2022. The NIS 2 Directive is a major step forward for cyber resilience in Europe and will enhance cyber risk management across the Union including generating significant improvements in our capacity to respond to major incidents and developing the information-sharing platforms which are proving effective to date.
In order to implement the provisions NIS2 Directive, the NCSC and CSIRT will require additional powers. Recognising the significant overlap between the draft Heads to establish the NCSC and the transposition of the NIS2 Directive, these will be taken forward as a single legislative instrument. Work has begun on the preparation of a general scheme which will be considered by Government before the end of the year.
