The UCD Centre for Digital Policy presents our cyber security series
December 2022. We are excited to share with you a new educational series from the UCD Centre for Digital Policy in collaboration with Microsoft.
Led by our Centre’s Newman Fellow Niamh Kirk and created with experts in Ireland, these 5 – 10 minute videos will provide a strong introduction to the subject area – policy, regulation, threats, and future challenges. They are for the generalist who wants to understand the area and develop a deeper understanding in the future.
Participants (L-R): Elizabeth Farries (Director, UCD Centre for Digital Policy), Richard Browne (Director NCSC), Jean Carberry (Assistant Secretary of the EU), Ciaran Conlon (Microsoft), Lina Jalala (Limini)
#1 Critical questions
The UCD Centre for Digital Policy is concerned with developing cyber security policy and regulatory frameworks that are human-centered, future-proofed, and rights-respecting. The Centre has invited a number of experts in Ireland from different perspectives to speak on this topic. We seek to help viewers understand these systems and how to protect online content and sensitive data.
#2 Key issues
Our Centre focuses on how digital technologies impact society, particularly those who are marginalised. In the area of cyber security, we ask how breaches can impact individuals and communities and how they can be protected. Understanding involves collaboration with experts and researching the concepts, processes, and techniques used to protect sensitive data and computer systems. Cyber attacks can vary in sophistication, with attackers targeting the weakest points of entry into systems. Common types of attacks include botnet threats, ransomware, and data theft. Public-facing IP systems are vulnerable to a wide range of threats, including information theft and hijacking for botnets. Nation-state attacks are a particular concern as they can undermine the democratic process. These risks can be tackled by a concerted effort by industry, government, NGO and United Nations actions.
The National Cyber Security Centre in Ireland has three main regulatory roles: broad spectrum cyber security incident response, resilience building, and maintaining international and national relationships towards sharing cyber security best practices. Cyber crime in Ireland is categorised into two categories: cyber-enabled crimes and cyber-dependent crimes. The Data Sharing and Governance Act, 2019 and the Data Governance Board are responsible for ensuring data is used, shared, and stored responsibly within the Irish government. Before government bodies can share data, they must complete a Data Protection Impact Assessment and have it approved by their data protection officers. The NCSC is keen to pay attention to how regulatory frameworks are responsive to emergent technologies.
#4 Public sector threats
Cyber security is crucial for the safe evolution of public technology services and the stakes are high. The 2021 cyber security attack on the Irish Health Services Executive during the Covid-19 pandemic is a strong example. The attack resulted in a ransom demand of 16 million euro. The government’s response included recruiting third-party agencies and using injunctions to prevent the release of personal information. This cost Ireland a hundred million Euros. More broadly, cyber security is a major challenge for Ireland and Europe. The rise of cyber warfare means that cyber tools can be co-opted by criminal groups or used outside of combat. The Ukrainian conflict has highlighted the importance of monitoring and preparing for cyber attacks. Good coordination with industry and public policy is key to achieving a balanced approach to cyber security.
#5 Practical advice and regulatory responses
The development of new technologies in the field of data science has raised concerns over individual rights and investment opportunities. Policy makers must grapple with these challenges as they arise. The primary entity responsible for dealing with cyber crime is the An Garda Síochána, with their Cyber Crime Bureau. One of the main challenges with cyber crime is its international nature. States can ensure systems are resilient and can cooperate globally. Civil society organisations serve as instruments of government accountability in ensuring lawful, rights-respecting and democratic policy formation.