I am delighted to be here today to address this the closing forum for the Cybercrime Network Conference 2013.
Shortly after I became Minister for Justice and Defence I had the great pleasure of participating in the official launch of the 2Centre Project here in UCD. It was my first visit to the University to observe the work of the Centre for Cybersecurity and Cybercrime Investigation. It was a wonderful opportunity to gain insight into the collaboration that was already underway at that time across law enforcement, academia and industry, and across the Member States.
It is therefore a great privilege to return to the University today to witness this continued collaboration – and to see it showcased here in the newly built UCD Science Centre – I believe we have the honour of being a part of the first international conference to have been held in these environs.
First and foremost, I would like to take the opportunity to acknowledge the invaluable work that is carried out by you the experts in the field – representing law enforcement, academia, industry and the European Agencies.
Time and again, at both national and international level, when we discuss the challenges that we face in tackling complex and high tech crime, we hear the repeated message that we must work together in partnership - bringing together the necessary expertise and skills and harnessing those resources to better focus our efforts. This type of event, with you the experts, is the reality of what we talk about.
At European level we also speak to the need of supporting Member States’ efforts to build capabilities - so it is wonderful to see European funds being used to do just that in very real and practical terms.
I would also like to acknowledge the work of the dedicated staff of the UCD Centre in leading and managing the 2Centre project and in bringing to fruition this Cybercrime Network Conference. The work that has been undertaken under the auspices of the 2Centre Project is impressive in both its depth and its range – running from research and training to cyber-attack exercises, to the development of forensic tools and Centres of Excellence. It has surely been a challenging if rewarding road, requiring dedication and commitment of which, I think, the Centre has displayed an abundance over the years.
With regard to the aims and objectives of the 2 Centre Project, I recall that the project was to have concrete deliverables that would be of direct benefit to law enforcement and industry stakeholders. The list of key activities which the work of the 2Centre Project has delivered are most certainly that - with research and cyber awareness initiatives, the development of an Incident Management and Reporting System, structured cyber-attack exercises, training delivered to over 150 police officers around Europe, the development of a handbook for senior managers in law enforcement and the further development of Centres of Excellence in 11 countries.
Given my own role as Minister for both the Defence and Justice Ministries in this jurisdiction, and also as Chairperson of the Government’s Task Force on Emergency Planning, which includes an inter-departmental committee on Cyber Security, I am only too well aware of the threats that cyber crime poses to citizens, commercial activities and our children. I am also very conscious of the need to ensure that the cybersecurity and cybercrime issues remain firmly in our sights and on our agendas.
As many of you in this forum will be aware, there are many challenges that we face in our efforts to tackle cyber-crime. Challenges that at times may seem insurmountable in terms of their complexity, their diversity, their cross cutting nature or the simple pace at which cyber events take place.
The challenge of the multi-jurisdictional nature of a typical cyber crime event; the challenge of ever increasing advancements in internet infrastructures, internet based economies and payment systems; the mobility of data and the under-reporting of cyber crime which is an obstacle to appreciating the true scale and nature of cyber crime and the challenge of ensuring that we have effective responses that deal with the many cross cutting issues.
All of these examples help to highlight the important role that cooperation plays – nationally, internationally, between agencies and the cooperation of the relevant public-private stakeholders.
While it is fair to say that we can never lose sight of the challenges that are on the horizon, we should also never lose sight of the significant efforts and investments that we have made, whether at national level or at international level. While there is still work to be done, we are already on the path of development. I think it is fair to say that no international event dealing with crime and security threats is complete without cybercrime featuring high on that agenda.
Given the European nature of this event it is worth recalling that developments at European level have been proceeding at quite a pace.
In June this year the EU Cyber Security Strategy was welcomed by Member States. The Strategy is considered an essential element to the implementation of a comprehensive approach for EU cyberspace policy.
With regard to cybercrime, the Strategy places a particular emphasis on cooperation between EU agencies, Interpol, the CERT community and the private sector supporting the training and the up-skilling of law enforcement – This Cybercrime Network Conference is therefore not only timely but clearly reflects this particular emphasis that has been defined as a priority by the EU.
The European Policy Cycle for the period 2014-2017 has been formulated and includes the priority ‘To combat cybercrimes committed by organised crime groups generating large criminal profits such as on-line and payment card fraud, cybercrimes which cause serious harm to their victims such as online Child Sexual Exploitation, and cyber-attacks which affect critical infrastructure and information systems in the EU.’ The necessary Operational Plans have now been developed to take forward this work at an operational level.
The official launch of the European Cybercrime Centre in January 2013 as part of Europol has provided the EU with a focal point in the fight against cybercrime, supporting Member States and the EU Institutions in building operational and analytical capacity for investigations and cooperation with international partners. I would particularly like to acknowledge – your key note speaker from yesterday – the Head of Operations at the newly established European Cyber Crime Centre in Europol, Mr. Paul Gillen.
Paul was previously head of the Irish Computer Crime Investigation Unit of An Garda Síochána - a specialised unit charged with investigating computer related crime in this jurisdiction. His appointment was a wonderful achievement for himself and for An Garda Síochaná and I once again take this opportunity to congratulate him on his appointment.
Of course the putting in place of the necessary legislative underpinning for tackling cybercrime is also necessary and just this year we also saw agreement reached on the EU proposal for a Directive on attacks against information systems.
These are just some of the EU initiatives that have been undertaken.
Similarly, in this jurisdiction, we continue to take significant steps to build our capabilities in tackling cybercrime.
Among the Bills promised in the Government Legislation Programme is the Criminal Justice (Cybercrime) Bill. The Bill was originally intended to enable ratification of the Council of Europe Convention on Cybercrime (the 'Budapest Convention') and the transposition of the 2005 EU Framework Decision on attacks against Information Systems. Work on the Bill was put on hold pending finalisation of the Directive so that Ireland will have a single comprehensive piece of legislation dealing with cybercrime.
Of course, the Directive has recently been formally adopted and a review of the Bill is being carried out to assess what further provisions, if any, may be necessary to ensure that the Bill gives full effect to the Directive and the Convention.
The Irish police force, An Garda Síochána, have also undertaken a number of initiatives which have sought to strengthen the law enforcement response to cybercrime. The strategy of An Garda Síochána in this regard focuses on a number of key elements including prevention, detection and training.
As you may recall the launch of the 2Centre project took place as part of a wider inaugural Cybercon Conference which explored possible solutions to the challenges posed by criminals to information systems and critical infrastructure. Responsibility for the area of Cyber Security rests, in this jurisdiction, with the Department of Communications, Energy and Natural Resources who have developed a National Cyber Security Centre – meeting the needs of European requirements for the establishment of a network of CERTs across all of the Member States.
The Centre also includes a 24/7 Computer Security Incident Response Team which provides incident response capabilities by preparing and managing cyber incidents in conjunction with all relevant shareholders. Expertise within the CERT has been established with staff from the Defence Forces and An Garda Síochána.
Work is also continuing on the development of a National Cybersecurity Strategy.
As I have already said, whether it is at national or international level, cybercrime will be a feature on all our agendas for the foreseeable future.
In closing I would like to reiterate what I said at the launch of the 2Centre Project – that no one Government, no police force, no industry or organisation can tackle cyber-crime on its own. This conference is a testament to that and has highlighted the importance of bringing together law enforcement, industry academia and relevant stakeholders together to share their ideas and work together to tackle the issue of cybercrime in a coordinated approach.
Finally I would like to wish all involved well in your endeavours. I hope the training, sharing and learning of best practice over the last 2 days has been of benefit and has assisted you in building up a network of contacts and working relationships with the other Centres, which in turn, will allow you, I hope, to identify common projects and opportunities for collaboration into the future.