The NCSC has 25 staff, No Dedicated Premises, No Director and a Budget a Third of Taoiseach’s Depts PR Budget Last Year - Tóibín
In Leaders’ Questions today in the Dail Aontú Leader Peadar Tóibín accused the government of negligence in their duty of care for patients’ health and their data. He stated;
“The recent Cyber-attack on the HSE and the Department of Health are monstrous crimes. They are attacks on the most vulnerable within Irish society. Patients are already struggling with never-ending waiting lists, worsened by Covid and ongoing restrictions. But shockingly, on top of this, key life and death treatment is again put on hold due this odious criminal action.
“The government has a duty of care with regards to safeguarding and protecting citizens’ health care and their personal data. This responsibility is particularly important as Ireland is a Data island. 30% of the EU’s data is held in Ireland. If there is a location to go to mine data, well Ireland is it”.
“Yet the record of the government to date with regards protection from cyber-attack is shockingly poor. According to an answer to a PQ that I received just last week Tusla had over 362 data breaches last year. One for nearly every day of the year. Incredibly, for a data island, the National Cyber Security Centre , has been rudderless without a Director for a year. The NCSC is also homeless and does not even have a permanent premise from which to operate. So important does the government see the role of director of the NCSC that the government sets the wage of a backbench opposition TD higher”.
The former Chief Executive of the HSE Tony O’Brien stated this week that the HSE’s expenditure on IT security is “about a quarter of what you would expect compared with other health systems. The NCSC was given a budget last year of just €5 million. Compare that to the €16.9 million spent on PR by the just the Dept of the Taoiseach last year.
After the British NHS suffered a similar attack in 2017 it cost the British government £95 million directly but they also had to spend £210 million strengthening their Cyber-Security in the three years subsequent.
When will patient treatment return, How much will this cost in terms of citizen’s life, health and taxpayers funds?
“This is not an new issue. In 2013 I question the Minister for Communications Pat Rabbitte on the adequacy of our cyber defence. The weakness in our defence was clearly flagged by multiple sources since then. Its hard to get your head around the contradictions here. Cyber criminals are operating a generation ahead of an island nation that hosts 50 international cyber security firms employing 6,000 of the worlds best cyber security experts. Taoiseach if the government is found to be negligent in the protection of patients and data has the government worked out what we are exposed here”.