Yesterday saw the publication of Ireland’s National Cyber Emergency Plan (NCEP), developed following extensive engagement throughout both the public and private sectors and two sector-specific emergency exercises in 2022 and 2023, as well as lessons learned from the HSE ransomware attack in 2021.
The plan outlines the process by which a National Cyber Emergency is declared, managed and co-ordinated. It ensures that everyone understands their roles and responsibilities during a cyber emergency, and that the Government’s approach to serious cyber incidents is clearly explained and communicated to the public.
Cyber security incidents are diverse by their nature and, as such, there are a vast range of potential scenarios where the plan may be initiated. This, in turn, has ensured that a very flexible response process has been in-built during its development.
RELATED: Belfast cyber security firm bound for space
The activities described in the NCEP rely upon three co-operation modes:
Permanent Mode: Relates to the normal course of business, during which situational awareness is maintained and incident preparedness activities are carried out.
Warning Mode: This is activated when evidence indicates that there is a heightened risk of a ‘cyber emergency’ type incident emerging in a specific sector or sectors. It involves communications with stakeholders across government and in the private sector as appropriate.
Full Activation Mode: This is activated if an incident occurs that meets the threshold of a national cyber emergency which requires the activation of the National Emergency Co-ordination Group chaired by the NCSC to ensure an effective, co-ordinated multi agency and cross-government response for containment, mitigation and/or recovery.
RELATED: Integrity360 - Commentary on CrowdStrike outage
Speaking on the publication of the plan, the NCSC Director Richard Browne said:
“Responding to cyber security emergencies effectively at a national level is a complex undertaking due to the very wide range of potential incidents, and the diverse nature, extent and consequences associated with these. This plan establishes an architecture for coordinating the Government response in accordance with Irish and European legislation and policy.”
The primary audiences for the plan are officials from Government Departments/Agencies, who have a role in the response to national cyber emergencies, and potential victim organisations (providers of essential public and private services), including but not limited to senior officials, communications staff and personnel who have responsibilities relating to incident response within their organisation.
RELATED: Version 1 set to hold Careers Open Night - and you can even apply for open roles directly
The publication of the plan ensures seamless co-ordination with the national approach to emergency management, as established in the ‘Strategic Emergency Management (SEM) National Structures and Framework’. This framework is designed to enhance the protection, support, and welfare of the public in times of emergency by ensuring that fit-for-purpose national structures and procedures are in place to deal with a broad spectrum of emergencies, whether of internal or external origin.
As the plan has been developed in alignment with the Strategic Emergency Management National Structure and Framework, it establishes the structures for co-ordinating a ‘whole of Society’ approach to preparing for and responding to a cyber emergency.
The plan is available on the NCSC’s website: National_Cyber_Emergency_Plan.pdf (ncsc.gov.ie).
Subscribe to our Sync NI newsletter for all the latest technology news, jobs and upcoming events in Northern Ireland.
Read Sync NI's latest quarterly magazine online for free here.
Visit Sync NI online for the latest technology news in Northern Ireland.