Edgescan and Huawei - Cybersecurity - Irish Times Article and Panel Discussion

The HSE Data Breach and the State of Irish Cyber Security

Many years ago, shortly after I founded the Irish chapter of OWASP ( http://www.owasp.org ) (in 2007??) we were delivering free application and software development classes to anyone who wanted them. It was a local low key affair but every class we delivered was "sold out". We have 60-80 folks mostly developers willing to spend 4-5 hours on learning the fundamentals of secure application development and testing.

I suppose we felt cyber security was an important issue because that's what we did. At the time many folks in business felt cyber security was an overhead or a "tax" and did not give it much time.

A few years later (late 2010) when the the foundation of the NCSC (National Cyber Security Centre) was announced, a few of us (local OWASP Ireland leaders) wrote a number of emails to the Irish government offering free cyber security training. As we were working for a non profit (501.3c) charity (OWASP ) we thought we could to this locally and "move the dial". The result was.....nothing. We got no response.

Since then I've always wanted Ireland to have a "Kite mark" regarding cyber security and secure application development. This is something I've proposed to many "talking heads " in government and industry over the years but everyone likes to talk but few actually do.

This could be free or tax deductible for employers and be of massive benefit.

In 2018 myself, Tony Clarke (CISO Marken) and David Cahill (AIB) had the idea of reigniting this idea...again no response. We also wrote an open letter to the government discussing the partnership model....as follows...

Ireland as a Cybersecurity “Powerhouse”:

 

Local advantage:

Cybersecurity is a large commercial opportunity for “Ireland Inc.” given the indigenous companies established in the republic who have significant intellectual property and export capability.

The start-up community coupled with established exporting cyber security companies e.g. Daon, PixAlert, NetFort, Adaptive Mobile & edgescan but to name a few have been very successful in exporting and delivering solutions in the cyber security space for a number of years. Highlighting Ireland’s commitment to a culture of cyber security similar to Israel, Estonia model.

 FDI Advantage:

Having a  skilled technical community is part of the attraction of foreign direct investment. Having a technical community which is well versed in the issues of cyber security is an additional advantage. Software developers, architects, DevOps staff who are trained and  “Get” security and compliance requirements are a valuable resource in the global tech market and make Ireland a more attractive place in terms of the modern “knowledge economy”.

 

 

Leveraging Local Talent.

Ireland has a number of significant groups and individuals in the cyber security space. Some are globally recognized and respected. Groups such as the IISF, OWASP, ISACA have thriving communities wherein active knowledge sharing and networking activities occur on a regular basis. It is our belief that such community members most of which are volunteers are willing, available and able to work with the government in advancing the cyber security agenda in the republic.

Suggested Ideas for partnership:

 

·         Tax-deductible Security awareness training (free/Non-profit) - technical and executive

·         awareness.

·         National Cyber Security Strategy review and maintenance.

·         National Cyber Security “Quality Mark / Kite-mark”.

·         Liaison with FDI organizations & indigenous companies  in relation to upskilling and support of Cyber Security Strategy.

·         Establishing a Government-Private sector cybersecurity working group.

·         Tax- deductible Vulnerability management services programme for businesses.

·         An Irish “Cyber Essentials” Programme. (https://www.cyberessentials.ncsc.gov.uk/) and setting up a database of “Certified” companies.

Anyways looking back at this, there is still a chance to push this agenda ahead. The writing in on the wall. maybe it can move from an idea to a reality.

What Y'all think?? Is it time.