Published on 

Seán Kyne, Minister of State for Natural Resources, Community Affairs & Digital Development at Cybersecurity Skills Initiative (CSI) - Inaugural Conference at the Irish Management Institute

Good morning everyone.

I would like to begin by thanking Skillnet Ireland for inviting me to launch the Cybersecurity Skills Initiative today. The initiative has a number of key aims which reflect the reality that cybersecurity is a central part of all businesses in this digital age.

So what is cybersecurity? Cybersecurity refers to the body of technologies, processes, and practices designed to protect networks, devices, programmes, and data from attack, damage, or unauthorized access. It encompasses the full range of measures, procedures and policies designed to protect Network and Information Systems and ensure the “Confidentiality, Integrity, Authenticity and Availability” of Information Systems from malicious attempts to compromise system security that can ultimately disrupt, disable, harm or even destroy an organization’s system resources.

Cybersecurity matters because the extent to which society relies on digital technology is now so all-encompassing that this technology can no longer be viewed as being at a remove from everyday life. Almost all aspects of our lives have a digital dimension, and the ubiquity of connected devices - the “Internet of Things” - has brought truly massive benefits to our society but has also opened up a number of new and unpredictable threat vectors. However, increased interconnectedness also means increased vulnerability to external interference from outside actors, in the same way that a bridge linking two towns is only as strong as its weakest point. The advent of the Internet of Things means that connected devices will provide many millions more access points that threat actors can target to launch cyber-attacks.

The National Cyber Security Centre, or NCSC, is located in my Department. The NCSC works, on an ongoing basis, with utility operators and with similar bodies in other jurisdictions to ensure that risks to infrastructure in Ireland are managed appropriately. The NCSC has focused on developing capacity in order to protect Government Information and Communications Networks protect and also to engage with national and international stakeholders around sharing information, securing systems and responding to incidents. Additional funding has been secured for a substantial enlargement of the NCSC both in terms of personnel and additional technology.

The Cybersecurity Skills Initiative highlights the importance of Cybersecurity issues within organisations and help organisations to improve their ability to defend against cyber-attacks and to develop resilience of companies in relation to Cybersecurity challenges. The initiative will also establish specific standards for the competencies, experience and skills required for employees working in cybersecurity roles within organisations, and will examine how technology and automation can be used by companies to optimise their cybersecurity.

The Cybersecurity Skills Initiative is a recognition of the fact that, for many organisations both large and small, the issue of how to adequately protect their network and information systems and the data that they process and store is the most difficult and challenging problem that they face. In our daily lives, whether it be in work, in school or in the home, awareness of cybersecurity and cyber hygiene should be second nature to all of us, in the same way that awareness of the rules of the road and an understanding of road safety is not something that we consciously think about but is an awareness that is ingrained in us and comes automatically.

The availability of cybersecurity skillsets will remain central to attracting Foreign Direct Investment and developing indigenous businesses capable of developing and growing in our borderless digital economy. The capability of entrepreneurs and SMEs across all sectors of the economy to exploit digital technologies needs to be fully developed and nurtured. In order to equip the current coterie of young people, as well as future generations, for the jobs of the future, it will be necessary to liaise and work closely with the second and third level education sectors with a view to guiding the research agenda within the University sector.

One of the systemic issues at the heart of the cybersecurity skills shortage is generally the lack of young people entering the profession and more specifically the gender imbalance in the sector; it is crucial that a career in cybersecurity should be seen by girls in school and college as a viable and rewarding career choice. The challenge is to get young people to test their cybersecurity skills, participate in cyber competitions or even just meeting and talking to cyber practitioners. Active promotion of STEM subjects in schools and public private partnership schemes to involve the digital industry in the promotion of these subjects at an early stage of the educational process could play a central role in increasing the uptake of these subjects in secondary school.

While the Cyber and Digital jobs market is evolving, there are still basic skill sets that underpin all aspects of this sector and these will be as essential as they always have been. This means that we need Computer Science Graduates, Engineering and Information Technology graduates, and graduates in Science and Mathematics also. However, the focus must remain on creating highly skilled cybersecurity specialists and continuing to work with the education sector to develop and enhance the courses provided at third level so that they deliver a steady supply of work-ready graduates with relevant qualifications and skills. Continuous Professional Development is also critical in the field of cybersecurity due to the rapidly evolving nature of the technology.

While cybersecurity is a specialised job role in its own right, it should also be seen as a discipline within the wider ICT sector and it is important to develop programmes to identify people with ICT skills who are not currently working in cybersecurity roles and provide specialised training. Cybersecurity should no longer be seen only as a technical function but as a core business need. It is true to say that while most organisations understand the importance of cybersecurity, less of them understand how to effectively meet the challenges it presents and also how to cope with the rapid pace of technological change.

The ICT sector is a priority strategic sector for Ireland, and cybersecurity is central to its growth and development. Future productivity and a more general national competitive and economic advantage will develop from areas such as Cloud Technology, the Internet of Things and Artificial Intelligence. The digital economy has the potential to yield positive and competitive economic benefits, and the continuing digitisation of the economy in Ireland will be dependent on the development of new technologies and the availability of relevant cybersecurity skills.

A new National Cyber Security Strategy will be published in early 2019 and will Consultation with all relevant stakeholders will take place in order to inform the Strategy and ensure that awareness and best practice in cybersecurity and cyber hygiene are to the forefront of our thinking, and that the competitive economic advantage that Ireland has in relation to the digital economy can be further developed and defended.