 Mae ymddianydd digodeall ar gyfer hynny ddweud hynny'n gwneud hynny yn gweithio'r gweithbwyll yn ddod. Wrth gyd, mae'n ddweud hynny'n ddweud hynny'n gweithbwyll, ond oed ymgweithio sy'n ymddiannod. Ond mae'r gweithbwyll wedi'i cymdeithasion o'r progrwm-gwyrnod, erbyn oedd gallu pobl i weithiau all, i wneud y cyhoedd cyffredinol, a'r cyfwyr yw'r cyffredinol annus-deionul, a'r mae digital hub datblygu yng nghymoedd gweithbwyll, As well as the work in Europe with the Council of Ministers around the digital single market and the review of telecom's regulatory framework and that alone is actually really a critical development in terms of infrastructure. You're also going to start a new strategy for the digital strategy and I think that's a really welcome development and I know you're going to have a public consultation yn y gwaith, ac byddwn i'n bod yn ymdraeth o'r pethau i ni yn eich bod yma yng Nghymru. O'r modd i'n amlwg o'r Minister ac i'n edrych i'r Ysgrifennu Argynfodau o'r dda i gyfnod ar y bethau cyfnodau Cyfrifolion sy'n mynd i ddweud ar yr arlenni ar y Cyfrifolion Cybrifolion Cyfrifolion Cybrifolion Cybrifolion. Ysgrifennu Cyfrifolion Cybrifolion sy'n mynd i ddweud yr ysgrifennu cyfrifolion cyfrifolion Ieithaf yw'r ugyrchwyr yma cyntaf sy'n gweld rwy'r cyffredin iawn i gael gweithio'r bwysig ysgol i ddod i gael ymdweithio. A'r cyfrif fod yn ffwrdd ymddangos yn cyrraedd ymddiadau yma yw'r gweithio'r gweithio'r cyffredin iawn, ond mae'n gweithio'r cyffredin iawn. Cymru, rydyn ni'n gobeithio i'r ddweud o'r hynny o ddim yn gwneud'u cyfrif yn ymddiadau'r cyfrif iawn i gael gyda'r prydau yma ar y dyfodol. The essence of a sovereign state is the ability to facilitate social and economic interaction for the common good in accordance with the rule of law. The state has the ability to facilitate security in the physical sense. If you look at the film Don Kirk was released last week and served as a reminder of national security as well as warfare. Don Kirk was of course a significant military defeat brought about by a physical invasion. By the end of the Second World War, however, technological advances, if one can refer to some inventions as advances, it means that the world would not see a conflict like it again. In the intervening decades, national security has continued to evolve to an extent that conflict is no longer waged on just a physical setting with military invasions and so forth. We are now obviously in the digital age. Our societies and its parts are connected in ways that which only a few years ago or a few decades ago, in some cases, seemed to belong to realms of science fiction. The examples are all around us from financial services and banking to administration of health care, education and social services, and even to a more significant infrastructure that is critical to the functioning of society. Such infrastructure includes the electricity network, the gas network, telecommunications, transport network, and so forth. From the national level to the individual level, there was a great need to have a resilient, safe and secure digital technology for citizens, businesses and the state itself. Moreover, security and resilience, as the basis of trustworthy computing, are key enablers of our digital economy and society. Everything from online shopping to transactional e-government services to small and medium-sized enterprises offering digital services require appropriate security. Also, resilient measures to engender trust and confidence from consumers and the marketplace and to secure the personal data of individuals. Connected technology, the Internet of Things, has become so pervasive and ingrained that is now evident, that is more unlikely of sectors, for example in agriculture. In highlighting how useful and effectiveness such connectedness can be, a colleague of mine told of a farmer who had invested in a brand new tractor, John Deere model. Tractors are of course part of the original critical infrastructure of farms and agri-business and when they break down, costs can mount quickly in terms of getting somebody out to fix them. Unfortunately for this particular farmer, the new tractor broke down in the middle of a field of an isolated part of the farm. Usually there is a headache, you call out a mechanic and you have a time delay and you give order parts or whatever else. But that is so on the connected tractor, in this case the farmer from the field, fund the dealership who in turn contacted the company who in turn contacted the technical support section in the US and for the US I remember the support team was able to diagnose the problem with a tractor located thousands of miles away in a field in Ireland and reset the onboard computer. The entire incident took less than half an hour to resolve. Now my colleague in that case correctly spoke of this example of real intangible progress and how connected devices are transforming businesses and communities on a global level. However not spoken were the potential downsides and the new vulnerabilities. A tractor was a non-board computer that's connected to the internet, has clear advantages for sure but also needs a more vulnerable in a way that tractors have not been before. And you wouldn't like to be plough in the field after the kiss of moher perhaps and suddenly find that your tractor is hijacked. But the potential for cyber attack is unfortunately real and ransomware demand, ransomware demand for example. Another example of connectedness transforming communities is Goway's urban traffic control system and I'm sure in other parts of the country as well. Underpinned by sensors, intelligent traffic lights, cameras across two dozen junctions in the city. The system is overseen from the traffic control room at City Hall and is instrumental in keeping traffic flowing particularly as it enters the city from the M6. However even a small systems failure, one example for example that recently caused chaos, a failure at the Parkmore junction for example impacted on thousands of workers at the largest IDA business park in the west and had knock-on effects across the city and indeed lasted for a period of time. So with the potential to parallelise in that case a small city and a small country to parallelise the transport network and all of the negative effects that this has, I think that reflects the importance of cyber security and how real and apparent it has become. Government is very much aware of the opportunities offered by digital technologies but also inversely the new threats. Vectors to digital technologies leave the state vulnerable. Established in 2011 on foot of a government decision with seconded expertise from the Defence Forces on Garda Shaqona and UCD, the National Cyber Security Centre, or NCSC, is a primary body responsible for dealing with these new threats in this country. The day-to-day role of the NCSC focus on three distinct areas. One, providing support, training and advice for IT units across government. Two, providing an incident response capability. And three, acting as a conduit for cyber security information exchange between European, our partners and IT security bodies within Ireland. The work of the NCSC is informed by the National Cyber Security Strategy 2015-2017 which as well as formally establishing the NCSC's statutory body set the agenda for cyber security in this country. The strategy also recognises and anticipates the transposition of a critical piece of EU legislation, the security of network and information systems directive or NIS directive. The directive was approved last July and is required to be transposed into Irish law by May 2018. This directive represents a step change in the manner to which the state engages in cyber security, marking a shift to legally binding quasi-regulatory style system for certain critical infrastructure operators and so-called digital service providers. Launched as part of the first EU cyber security strategy, the directive aims to ensure that all EU citizens have access to robust, secure and high quality infrastructure and services. In brief, it places certain obligations on member states concerning the prevention, handling of and response to cyber attacks and incidents affecting ICT systems across various sectors. It requires member states to increase their level of preparedness and have a minimum set of cyber security capabilities at regulatory and operational levels. It also establishes formal EU cooperation arrangements to improve mutual collaboration in an area which more often than others does not respect national borders. Key firms and utilities are to be designated operators of essential services which require obligations and incident reporting requirements binding on them. This will include firms from a wide range of critical national infrastructure including electricity, gas and oil companies, airlines, shipping firms, ports, airports, water supply networks and hospitals. A key part of the directive involves ensuring that operators of essential services take appropriate and proportionate measures to manage security risks, to report serious incidents and to comply with the requirements of the NCSE. The importance of safeguarding critical national infrastructure is self-evident in the context of the one-a-crise crippling of the NHS network last May or the space of cyber attacks on electricity supplies in Ukraine which have plunged Kiev into darkness on several occasions in recent years. In addition to designating critical utilities as operators of essential services, the NIS directive requires digital service providers meaning online marketplaces, search engines and cloud computing services to take measures to manage security risks, to report particular incidents and comply with the NCSE requirements. Given the relative importance of these services versus operators of essential services, the directive takes a more flexible regulatory approach with regard to these entities. In order to avoid a less effective, more fragmented approach to the regulation, the directive requires digital service providers to be regulated by the member states in which their main office is based. This has understandably generated interest at the EU level in Ireland's approach as in light of a number of digital service providers that are based in this country. The Irish implementation of this aspect of directive will have an important bearing on the digital service provider regulatory regime across the union. The directive will be transposed by legislation over the coming months, but the department has been involved in an ongoing process of consultation with likely operators of essential services and digital service providers since last year and will continue to engage with them through the process of transposition and thereafter. The issue of cyber security has never been too far from the headlines in recent months. From successive ransomware attacks such as WannaCry, to the interference with democratic processes in the United States and France, a climate of uncertainty now exists with respect to the use of technologies which have become integral to the way we do business, socialise and to a larger extent live in the 21st century. The fact that threat actors are constantly evolving does not help matters. No less than any other area of ICT. Successive waves of malware make use of state-of-the-art innovations which have cyber security expertise in both public and private sectors like playing a perpetual game of catch-up with hackers who sometimes have the resources of nation states to prop up their efforts. Contending with these threats have involved a change of culture worldwide level as countries face up to what NATO has recognised now to be the fifth domain of warfare, land, air, sea, space, now being joined to the list by cyber space. Cyber security once treated as a fringe concern has evolved into a critical concern of governments through the European Union and the wider world, and whilst I am necessarily constrained when it comes to speaking about the work of the NCSC from an operational perspective, I can say that Ireland has not been found wanting in this arena. With respect to the WannaCry malware in particular, I understand that preparations have been underway in the NCSC for incidents of this kind for some time, and I note the fact that government ICT would still the attack without serious incident is evidence that good practices are being followed not only within the NCSC but also in the public sector. There are obvious questions underpinning all of this. What about staffing and resources? Historically, this has been an issue, understandably given the constraints imposed over the last number of years with public finances. However, the NCSC has recently completed a programme of recruitment covering two separate grades and new staff members have joined the unit. A further campaign of recruitment is planned for later in the year. This is not a simple area and the skills required are in high demand globally, particularly in Ireland due to the companies based here. We expect recruitment to be a challenge, but the recent campaign has showed that there are skilled, experienced people who want to work for the state. Cybersecurity, however, like the digital world, is ever-changing and evolving. We need to ensure that our policies and actions are underpinned by a national strategy that is comprehensive but flexible. My officials are working on the new national cybersecurity strategy. It is my intention to invite experts from industry and academia to assist in creating a robust strategy that will protect our society and, as we continue to harness the benefits of technology, imply them to all sorts of areas and sectors. Cybersecurity has become central to national security and we in government readily understand this and I'm confident that in the NCSC and in the department we have a strong team to defend our country and society from cyber attacks. So I'd like to thank you for your attention.