Article
Cyber Security

Report finds the NCSC is under resourced and over tasked

By Vikki Davies
September 23, 2021
undefined mins
A capacity review into the National Cyber Security Centre (NCSC) Ireland was carried out by consultants between January and March 2021.

The National Cyber Security Centre Ireland is “under-resourced and over-tasked” and does not have the “organisational design or capacity” to meet its goals, a confidential report has found.

According to a report in The Irish Times, a capacity review into the NCSC was carried out by consultants between January and March of this year which compared the centre to other organisations of a similar scope internationally.

The confidential report from the consultants found that a “significant burden” rests on the cyber centre to deliver against the national strategy but “based on our review, it does not currently have the organisational design or capacity to achieve all of the objectives.”

It also anticipated a “considerable strain” being added to the centre in the coming years with forthcoming cyber initiatives planned in the EU.

The report found that in terms of wider engagement with national infrastructure, the NCSC is “under-resourced and over-tasked” when providing advice to around 120 operators of essential services.

The review has made 45 recommendations including to develop a cross-Government taskforce; to develop a strategy for the NCSC; and to ensure legislation allows for the detection and disruption of “sophisticated threat actors” and to enhance the technical monitoring capabilities.

The consultants found the workload in the centre has increased significantly since its inception and they also raised concerns about the fact it acts as an advisor and regulator in some sectors.

The report called for an increased headcount and said the operations team should be augmented “as a priority” to include a dedicated intelligence team.

It also called for the development of a five-year strategy that would outline the role of the NCSC as the clear lead authority in cyber security within the State.

Overall the report found leadership in the centre to have a: “clear understanding of the organisation’s role and purpose, as well as a good understanding of how they would like it to develop".

The report went on to say: "However, legislation that gives ‘statutory legal vires’ to the full operation of cyber security capability required by NCSC is critical for an effective future operational posture.

“Future legislation should provide an explicit mandate for NCSC to properly monitor for cyber threats; establish its status as an independent organisation; define its remit within the national security framework of which cyber security is a critical domain and secure a defined single budget to enable longer term planning and capability development," the report added.

CybersecuritycyberattackCybercrimeCybernews
Share
Share

Featured Articles

Tech & AI LIVE: Key Events that are Vital for Cybersecurity

Connecting the world’s technology and AI leaders, Tech & AI LIVE returns in 2024, find out more on what’s to come in 2024

MWC Barcelona 2024: The Future is Connectivity

Discover the latest in global technology and connectivity at MWC Barcelona 2024, where industry giants converge to discuss 5G, AI and more industry trends

AI-Based Phishing Scams Are On The Rise This Valentine’s Day

Research from Egress Threat Intelligence, Avast, Cequence Security & KnowBe4 outlines how AI is being used in dating app phishing scams on Valentine’s Day

Speaker Lineup Announced for Tech Show London 2024

Technology & AI

Darktrace predicts AI deepfakes and cloud vulnerabilities

Cloud Security

Secure 2024: AI’s impact on cybersecurity with Integrity360

Technology & AI