A recruitment campaign for the role of director of the National Cyber Security Centre (NCSC) will begin “in the next few weeks” after a decision was made to seek Government approval for a higher salary.
Minister of State for Communications Ossian Smyth did not reveal the proposed new salary but said he would discuss it with Minister for Public Expenditure and Reform Michael McGrath.
It was initially reported that the salary for the director was set at €89,000 and pegged with the scale of a principal officer in the public service.
But Mr Smyth said “we went looking for a new director of the NCSC at the end of last year” with a salary of between €106,000 and €127,000. A candidate was identified who subsequently withdrew.
The Minister told Sinn Féin’s Darren O’Rourke that “we are going to go out again to recruit”. Answering communications questions in the Dáil he said “myself and Minister (for Communications, Eamon) Ryan will suggest a new salary for that position”.
“I will discuss that with the Minister for Public Expenditure and Reform to seek approval for that and then that will have to be approved by the Government. That will be in the next few weeks.”
The position of director has been vacant for more than a year at the NCSC which is spearheading the response to the cyberattack on the health service.
Last week Mr Smyth told the Oireachtas Communications committee there would be no “penny pinching” in the recruitment drive but he played down a suggestion that the salary would have to be as high as €290,000.
The Minister said the role of the NCSC is to advise critical infrastructure providers on how to protect themselves. The centre also carries out research and training.
“And then, when an incident occurs, they go out and they provide instant response, which is exactly what they did with the HSE,” when it came under cyber attack.
Mr Smyth said the Government is bringing forward new cybercrime legislation to put the NCSC on a statutory footing.
Fianna Fail TD Paul McAuliffe highlighted concerns about Ireland’s ability to prevent another cyberattack given the State’s 26th place ranking on a global cyber security index. It also ranks “a medium to high, 17th, in the EU in a recent cybercrime vulnerability score”.
Mr Smyth said a review of the NCSC is due to be completed “in the coming weeks” and he would consider it very carefully in light of the HSE cyberattack.
The review is looking at whether the NCSC is properly equipped to do its job and whether it needs additional skills and staff while also assessing how it compares with similar agencies in other jurisdictions.
“I will publish as much of it as I reasonably can without endangering national defence while at the same time trying to make sure we’re preserving transparency and democracy,” he said.