This time it’s around the explosion in data and as much about policy as technology, with wide-ranging skills requirements that we need to put in place to maximise the opportunity it presents.
Get it right and we will be at the centre of the global data ecosystem that is going to grow even more significantly over the next decade.
Ireland is prepared
The signs are good. Ireland is already seen as a global data hub and initiatives like the newly adopted National Cyber Security Strategy only enhance our reputation. It focuses on building national network capacity and ensuring critical national infrastructure (CNI) like utilities and transport are secure and stable. This gives data centres on our shores the resilience, performance and protection they need.
All of this builds on the good work of the IDA, which is rightly appreciated for successfully attracting technology companies to Ireland. Even more remarkable is how each new arrival – Dec in the Seventies, Microsoft in the Eighties, Dell in the Nineties, Google in the noughties, Twitter in 2011 – has kept our country at the leading edge.
This continued with the first wave of data centre investment at the turn of this century and accelerated with the rise of cloud computing up to the present day. Thanks to some of the world’s largest cloud providers running their operations out of Ireland, we are now Europe’s largest data hosting cluster.
Global events and regulatory changes have conspired to create this position; our focus now should be to build on it. Some long-standing selling points still work for us – we are an English-speaking nation with a highly skilled workforce that is very attractive to tech companies – but new capabilities are going to be just as important.
Protecting and securing that data
It’s important that we continue to create an environment that builds on the things that persuaded global tech companies to select Ireland to host their data here in the first place. We can support this in the way we manage data from a regulatory and security perspective.
Protection of data and security of data are two different things. Firstly, protection of data falls under the Data Protection Act, whereas the security of that data falls under other legislation such as the Criminal Justice Act. The former is designed to protect the rights of an individual in relation to the collection and processing of personal data and is managed by the Data Protection Commissioner.
The latter laws are in place to deal with the criminal misuse of data and are policed by An Garda Síochána’s National Cyber Crime Bureau, which co-ordinates a range of initiatives at a national and international level.
The challenge of prosecutions and attribution of cybercrime is often complicated by cyberattacks launched from one country into another, which makes the jurisdiction of the crime and location of the perpetrators hard to determine.
Ireland must continue to rise to the challenge of making sure that the data that resides in Ireland is safe, and that the right mechanisms are in place to protect organisations from cyberattacks.
Along with the National Cyber Security Strategy, positive steps like An Garda Síochána ramping up the National Cyber Crime Bureau and appointing a chief superintendent to run it, reflect well on how seriously we take our responsibilities.
Building a cyber talent pipeline
We also need to be cognisant that the demands of being a successful data hub call for wide-ranging skills. One of the things that made us a successful host to the world’s largest tech and pharmaceutical firms is the way we aligned third-level education courses to their needs, which led to clusters of pharma and biotech companies growing up around Cork and Galway educational institutions.
What’s interesting about data is that it demands a broader spectrum of skills, regulatory as well as technical, from the legal and policy side to engineers and data scientists with expertise in how data is stored and analysed.
We need to develop skills pathways across the full spectrum of education, from apprenticeships and technology institutes to university degrees and PhDs.
A consequence of becoming a data hub for Europe is that the office of the Irish Data Protection Commissioner has a disproportionate role in comparison to other EU jurisdictions. The spotlight is often on us and it’s another good reason why we should cultivate a pipeline of legal and regulatory expertise.
Challenges around data often hit Ireland first due to the amount of data residing here, but the reality is that the same issues would exist no matter where the data resided across Europe.
When the recent EU court ruling declared that Privacy Shield, set up to facilitate the transfer of personal data from Europe to the US, was invalid, it challenged the relationship between US tech firms in every EU country, not just Ireland. Nonetheless, we need to be seen to be exemplary in the area of data protection.
The author, Jacky Fox is managing director of Accenture Security.
Original article: https://www.thejournal.ie/readme/data-security-misinformation-5304795-Dec2020/