National Cyber Security Centre (Ireland)

The National Cyber Security Centre (NCSC) is a government computer security organisation in Ireland, an operational arm of the Department of the Environment, Climate and Communications. The NCSC was developed in 2013 and formally established by the Irish government in July 2015. It is responsible for Ireland's cyber security, with a primary focus on securing government networks, protecting critical national infrastructure, and assisting businesses and citizens in protecting their own systems. The NCSC incorporates the Computer Security Incident Response Team (CSIRT-IE).

The NCSC is headquartered at 29/31 Adelaide Road, Dublin 2.

Mandate and organisation
The mandate for the NCSC includes;
 * activities to reduce the vulnerability of critical systems and networks within the state to incidents and cyber-attacks;
 * effective response when such attacks occur;
 * responsibility for the protection of critical information infrastructure;
 * establishing and maintaining cooperative relationships with national and international partners.

Threats identified to Ireland's critical infrastructure and government networks include: lone individuals, activist groups, criminal groups, terrorist groups, and nation states seeking to gather intelligence or to damage or degrade infrastructure. Incidents arising through extreme weather, human error and hardware or software failure also pose significant risks to individuals, businesses and public administration.

Work relating to the National Cyber Security Centre, and any records associated with the security of ICT systems in the state and outside it, are exempt from being disclosed under freedom of information (FOI).

Richard Browne was appointed as the NCSC's director in January 2022, having served as acting director for the previous 18 months.

Computer Security Incident Response Team (CSIRT-IE)
The Computer Security Incident Response Team (CSIRT-IE) was established in late 2011 (prior to the official formation of the NCSC) within the Department of Communications, Energy and Natural Resources, and includes secondees from other government agencies. The main role of CSIRT-IE is to provide a 24/7 expert emergency response to computer security incidents across all public sector bodies, as well as to provide advice to reduce threat exposure. CSIRT-IE engages in emergency planning with government agencies overseen by the Office of Emergency Planning (OEP) within the Department of Defence and the Government Task Force on Emergency Planning, chaired by the Minister for Defence. CSIRT-IE shares information with the European Union Agency for Network and Information Security (ENISA).

Outlining the future core aspects of the work of the NCSC, the government's National Cyber Security Strategy 2015-2017 states that the NCSC is to seek formal international accreditation for a Government CSIRT (g/CSIRT), expected in 2016, and accreditation will be sought for a formal National CSIRT (n/CSIRT), while also developing a capacity in the area of Industrial Control Systems and SCADA, which are used to run vital state networks such as electricity, water and telecommunications.

Inter-departmental cooperation
There is a strong culture of cooperation between the National Cyber Security Centre and the Irish Defence Forces in areas regarding technical skill sets, technical information sharing and exercise participation. Arrangements are due to be formalised by means of a Service Level Agreement with the Department of Defence, including a mechanism for the immediate sharing of technical expertise and information in the event of a major national cyber incident or emergency. The branch of the Irish military with responsibility for cyber defence is the Communications and Information Services Corps (CIS).

The Garda Síochána, the national police service, is involved with the NCSC in a preventative and investigative capacity, with regard to national security and computer crime. Its liaison relationships with international security services are particularly helpful to the NCSC in identifying emerging threats and vulnerabilities, and establishing best practice preventative measures. There is to be a Memorandum of Understanding with the Department of Justice on this matter, and upcoming cyber legislation will support the work of the National Cyber Security Centre.

There is also a Memorandum of Understanding with the Centre for Cybersecurity & Cybercrime Investigation (CCI) at University College Dublin, Europe's leading centre for research and education in cybersecurity, cybercrime and digital forensics.

International cooperation
In 2024 the NCSC took part in Locked Shields jointly with a team from South Korea, run by Cooperative Cyber Defence Centre of Excellence. The Irish team played the part of a cybersecurity team for the fictional state of Berylia, which was attacked by hackers from the fictional state of Crimsonia. Ireland joined CCDCOE in 2023 and took part for the first time in Locked Shields in 2024. Richard Browne said of the simulated attack "It’s like the 2021 incident but with very sophisticated actors at the other end, not just petty criminals like the HSE attack".