HSE finds recruiting cyber security staff ‘difficult’
On 14 May 2021, cybercriminals, believed to be linked to the Russian hacking group Conti, carried out a ransomware attack on the HSE
Tomorrow will be the first anniversary of a major cyber attack on the HSE which caused months of disruption and could end up costing €100m.
An independent review of the attack carried out by PwC found that the HSE was operating on a frail IT system and did not have proper cyber expertise or resources.
One of the main recommendations of the report was the need to hire more IT staff.
The HSE said a number of appointments have been made and recruitment competitions are underway for other roles.
“The HSE faces similar challenges to other organisations where recruiting the best cyber security talent is an especially difficult task in a tight labour market where demand effortlessly outstrips supply,” the HSE said in a statement.
The PwC review of the cyber attack recommended the appointments of a Chief Technology and Transformation Officer and a Chief Information Security Officer.
The HSE said that the roles are being filled on an interim basis with permanent appointments likely to take a number of months.
Alongside external recruitment campaigns, the HSE said it is also upskilling existing staff, utilising graduate intakes and internships as well entering cyber security partnerships.
Cyber Ireland represents the cyber security sector and is releasing a new report today showing the potential to make Ireland a cyber security hub generating thousands of jobs.
But it also reveals the serious talent shortages that exist right now.
“Our report shows that 83% of businesses are going to grow their cyber security teams over the next 12 months but 60% of them have staff-related issues around the lack of candidates, technical skills and increasing salaries,” Dr Eoin Byrne, Cluster Manager with Cyber Ireland, said.
When it comes to the HSE, it is a case of public sector wages having to compete with the generous packages on offer from the tech giants based here.
“It is something we need to address collaboratively with industry, academia and Government to make sure we have a pipeline of cyber security talent and that we are not dependent on attracting in talent from abroad,” Dr Byrne said.
On 14 May 2021, cyber criminals, believed to be linked to the Russian hacking group Conti, carried out a ransomware attack on the HSE.
They demanded a ransom for non-publication of stolen data and for digital decryption keys to unlock the systems they had disabled.
The Government insisted that no ransom would be paid.
Six days after the attack, the hackers released a decryption key which helped in the recovery process.
The HSE said it has engaged an internationally recognised firm to provide managed cyber defences and security operations.
Other measures that have been introduced include enhanced IT monitoring, email validation systems and additional email scanning.
Stuart Davis is director of incident response services at cyber security firm CrowdStrike.
He believes that similar cyber attacks are likely in the future.
“Unfortunately, institutions in Ireland will always be susceptible to ransomware attacks, we have learned that we need a good crisis management framework in place for all of our government entities,” he said.
Aontú leader Peadar Tóibín said that one year on from the HSE cyber attack, many questions still remain unanswered.
“I’m not confident at all that the Government has really analysed how we are going to prevent these attacks in the future,” he said.
“We have had no proper investigation of what happened and Aontú is calling for a judge-led investigation.”
“It was a disaster and there is no doubt that the human cost has not been fully analysed in terms of the amount of patients who were refused treatment in their hour of need or how many suffered loss of life,” he said.
A new survey has found that 61% of cybersecurity businesses have had personnel-related issues when it comes to recruiting staff.
According to the report from Cyber Ireland and Cyber Skills, the problems encountered include a lack of candidates in the labour market with the appropriate skill level, competition from other cyber security businesses, a lack of non-technical skills and unaffordable salaries.