The Time is now to make Ireland a Cyber Security Centre of Excellence

Ireland has all of the ingredients to become a global cyber security centre of excellence and can realise this through a co-ordinated approach to connect all elements of the ecosystem. This was the resounding message garnered from a series of cluster initiation workshops which brought together the key stakeholders from across Ireland’s cyber security ecosystem, namely: industry, academia and government.

Following the launch of Cyber Ireland in December 2018, three cluster initiation workshops took place in Cork, Galway and Dublin on the 18^th-20^th of February to drive the initiation of a national Cyber Security Cluster for Ireland. The 250 attendees across the regions, heard from experts who discussed “What is needed to make Ireland a Cyber Security Centre of Excellence?”

Image: The Cork panellists, Cyber Ireland and IDA, posing for a quick photo before the workshop commenced 18/2/2019

Opportunity – Momentum is building

Ireland’s cyber security industry employs over 6,000 people and includes many of the world’s top security software MNCs (McAfee, Trend Micro, Forcepoint, eSentire and MasterCard), as well as a growing SME sector. Globally, the cyber security sector will be valued at $250 billion within five years, rapidly evolving to tackle the $600 billion which high tech crime is costing governments, companies and citizens around the world. Recognising this opportunity, a number of well-placed multi-nationals and academic bodies see the value in collaboration and supported by IDA Ireland, are working to ensure that the country makes the most of the potential for new job creation and innovation.

IDA Ireland, who are supporting the development of Cyber Ireland, was represented by Donal Travers, Head of Technology Group, and Victoria MacKechnie, Vice President of Technology Group. IDA highlighted the strengths of Ireland’s Cyber Security industry and the opportunities, while also acknowledging that cyber security is a cross cutting, key technological area applicable to all industries, including pharma, life sciences, and financial services.

Image: The Galway panellists deep in discussion whilst the audience watches on 19/2/2019

Cluster Development

It has been well documented that companies involved in clusters have greater access to resources, skilled labour, talent, capital, knowledge, and institutions. Business clusters have proven to drive regional economic performance, due to the significantly greater increases in innovation and technology applications, and commercialisation of these applications. Cluster initiatives and activities framed part of the presentations at the workshops, including areas such as; ‘research and networking’, ‘cluster expansion’, ‘policy action’, ‘commercial cooperation’, ‘education and training’ and ‘innovation and technology’. The development of a robust eco-system for cyber security is required and Cyber Ireland was noted as developing at the ‘right place, right time’.

Klaus Bolving, CEO for the ‘Centre for Defence, Space and Security’ (CenSec) and  Cluster Manager of the Danish National Innovation Cluster for Security was keynote speaker at the workshops. He spoke about the importance of the business cluster concept as part of the development of the Danish Security cluster and how this might serve as a benchmark for the development of Cyber Ireland. During his presentation, Klaus expressed the importance of leads and networks, matchmaking, collaborative projects, market intelligence, competence development, and Go-to-Market as creating the critical value chain for the cyber security cluster in Ireland.

Image: The panellists and Cyber Ireland team for the Cyber Ireland Cluster Initiation Dublin Workshop on 20/2/2019

Outcomes – Panel Discussions

To become a “Cyber Security Centre of Excellence,” Ireland needs to focus on its strengths and not try to “boil the ocean”.

• Ireland has a strong digital economy and society that is based on data and highly skilled personnel. These are Ireland’s strengths which must be leveraged to realise the opportunities of the digital transformation that is occurring across business, government and society.
• Some reports state that Ireland hosts a third of European data in the cloud and data centre services and lays a broad claim to being the data capital of Europe. These organisations have, and need, cyber security skills and to reinforce that their customers key services and information assets are in a secure and safe environment.
• Ireland attracts a lot of international business from a wide variety of sectors and is known for its strong MNC sector across a range of industries from finance and banking, med-tech, pharma, engineering, and more. These industries provide an opportunity to collaborate with big consumers of cyber security products and services.
• Ireland has 2^nd mover advantage regarding governmental cyber security, so it can learn from other leading regions, such as the UK, who have developed their National Cyber Security Centre, policy, and governance.
• Ireland has not had a military industrial complex where there is an informal alliance between a nation’s military and the Defense industry that supplies it, seen together as a vested interest which influences public policy. Other leading cyber security industries, such as Israel, have benefitted from this. However, Ireland is a neutral country and there is an opportunity to leverage Ireland’s neutrality and non-aligned status to its advantage. If Ireland is to become the “Swiss of the internet,” it needs to have strong laws and policies.

Image: A Dublin workshop participant catching a glimpse of one the speakers on the day 20/2/2019

Given these strengths, amongst others, what do we need to do to make Ireland a cyber security centre of excellence?

• There was a call to set ambitious targets for Ireland’s cyber security industry, to capture 1% of the global jobs market and 1% of the global cyber security industry within 10 years.  The cyber security industry needs to be recognised and promoted from an economic perspective, with the potential to create jobs, higher wages and promote Ireland as a secure place for international business and investment.
• Talent and skills was a key issue discussed across the three workshops. There are a number of areas which need to be addressed including:
  • Greater alignment of third-level courses with the needs of industry
  • Creating jobs and training programmes for all, not just university graduates
  • Increasing the number of women in cyber security, from approximately 14% at present, by supporting and expanding programmes like IWISH and Return to Work for Digital Women
  • Promotion of cyber careers to second level students and including security as part of the Leaving Certificate Computer Science programme.
  • Attracting software and security talent from abroad to fill the skills gaps
  • Not overly focusing on cyber security skills, but build broad capabilities across software and security to respond to the ever changing cyber security threats.
• The role of government to be a leader in cyber security was also recognised. Cyber security needs to made a priority across government:
  • Government needs to increase its spend on cyber security, in-line with other regions such as the UK who has set aside £1.9BN for their National Cyber Security strategy from 2018 to 2022
  • Departments and bodies should become ISO accredited for cyber security
  • There is an opportunity for SMEs to provide cyber security products and services to government.
  • Some government departments are leading the way in adopting cyber security practices; the Revenue Commissioners is a best practice example internationally.
• Research & Innovation – “the time is now for academia and industry to work together” on cyber security. There is no national research centre in cyber security and there has not been a major investment in cyber security research, which is critical to establishing Ireland as a centre of excellence. The research community in cyber security, both industry and academia, should target funding streams to increase the level of research and innovation, including the Disruptive Technologies Innovation Fund, a Science Foundation Ireland Centre or Spoke, an Enterprise Ireland (EI) Technology Centre or Gateway, EI Innovation Partnerships, and EU funding
• Marketing & communication should play an important role in promoting the existing strengths in Ireland’s cyber security ecosystem, from MNCs and indigenous SMEs, the talented workforce and research and innovation in higher education institutes and research centres.
• Other suggestions included:
  • Setting a long-term vision for Ireland’s cyber security ecosystem including all participants from industry, academia and government
  • That Cyber Ireland needs to achieve some quick wins to show the value to its members
  • Mapping Ireland’s cyber security ecosystem to identify current  collaborations, strengths and levels of internationalisation

Next Steps

The next steps in the development of Cyber Ireland is to develop the Cluster Strategy from the workshop feedback, to elect the cluster board and organise the working groups on: Skills & Talent; Research & Innovation; Networking & Promotion, Business Development & Internationalisation. The official launch of the cluster organisation will take place on the week of the 20^th of May.

“Cyber Ireland will act as a catalyst for bringing together the key stakeholders from industry, academia, and Government to make a real impact on the development of the cyber security cluster in Ireland. Industry must be at the pinnacle of what the cluster is trying to achieve with the backing of these three pillars. The worldwide cyber security industry is growing unprecedentedly and now is the right time to make Ireland a cyber security centre of excellence. A cyber security cluster can pioneer Ireland on a global scale to attract further foreign direct investment and develop indigenous SMEs in this sector, but everyone must work together.” –  Dr Eoin Byrne, Cluster Manager Cyber Ireland.