Tag: #cybersecurity

Building a Zero Trust Architecture: Key Considerations

Cybersecurity has become a major concern for businesses of all sizes. With the rise of sophisticated attacks, you’ve probably heard the term “Zero Trust” being thrown around. It’s not just a trend in the industry. It’s a shift in how we think about protecting our systems and data. The traditional approach, which assumed everything inside the network was safe, is no longer effective. In today’s world, threats can come from anywhere. So, instead of blindly trusting what’s inside, Zero Trust operates on the principle of “never trust, always verify.”

This article explores key considerations when building a Zero Trust architecture and how it can help protect your business in an ever-evolving threat landscape.

1. Understanding the Need for Zero Trust

In today’s threat environment, cyberattacks have become more complex. Organizations can no longer rely on the old method of building a strong perimeter and assuming everything inside is safe. The rise of insider threats and more advanced attack methods demand a more thorough approach.

One reason Zero Trust has gained so much attention is that attackers are increasingly targeting key identity systems. Common attacks on Active Directory (AD), for example, are on the rise. AD holds essential identity information, making it a high-value target for cybercriminals. Attackers often exploit weaknesses in privileged access management to breach systems. Once inside, they move laterally across the network, often gaining full control of the environment. This makes securing Active Directory critical when considering Zero Trust.

By implementing a Zero Trust model, businesses can better protect their identity systems, such as AD, by ensuring that every action, whether it’s a login or access to a resource, is verified continuously.

2. Identity and Access Management (IAM) at the Core

At the heart of any Zero Trust architecture is Identity and Access Management (IAM). IAM ensures that only the right people, devices, and applications can access your systems, and it does so by verifying them continuously, not just once. In the past, a user would log in and, once inside, be trusted until they logged out. Zero Trust changes that by constantly checking if the user should still be granted access.

One critical element of IAM is multi-factor authentication (MFA). MFA requires users to verify their identity through more than one method, such as a password and a mobile app confirmation. Relying on passwords alone is risky, as passwords can be stolen, guessed, or reused across multiple accounts.

Zero Trust takes identity management a step further by ensuring that users only have access to what they need, nothing more. This limits the scope of potential damage in the event of a breach.

3. Microsegmentation: Controlling Access to Network Resources

Microsegmentation is another key principle in a Zero Trust environment. In simple terms, it means breaking your network into smaller, more secure segments. This way, even if an attacker gains access to one part of your network, they can’t easily move to another part. Each segment acts like a locked room that the attacker would need additional verification to enter.

This approach helps limit lateral movement, a common tactic used by cybercriminals once they’ve breached a network. By limiting what users and devices can access, you make it much harder for attackers to navigate and compromise other parts of your environment.

Microsegmentation also works hand-in-hand with the idea of least-privilege access. Users and systems should only be granted access to the resources they absolutely need to do their job and nothing more. By applying this concept, you reduce the chances of attackers gaining access to critical resources even if they breach a less important part of the network.

4. Monitoring and Logging Everything

In a Zero Trust architecture, monitoring and logging play a critical role. Continuous monitoring allows organizations to track every request, transaction, and action happening on the network. This ensures that nothing goes unnoticed, and any suspicious behavior can be caught and responded to quickly.

Logging is equally important. By keeping detailed logs of all network activity, security teams can trace the steps of an attacker and better understand how they gained access and what they did once inside. This information is invaluable for both preventing future attacks and improving your current security measures.

Advanced monitoring tools can also help by sending real-time alerts when something unusual happens. For example, if a user suddenly tries to access a part of the network they’ve never accessed before, a security team can be notified immediately and take action to verify whether it’s legitimate.

5. Enforcing Least Privilege Access

“Least privilege” is a core principle of Zero Trust. This means that users and systems should only have the access they need to perform their tasks and nothing more. If a user needs temporary access to a resource, they should be given it for the time required and then have that access revoked.

By limiting the scope of access, even if an attacker gains control of an account, they can’t use it to access critical systems or sensitive data. Regularly reviewing access permissions is important to ensure that users aren’t sitting on permissions they no longer need.

Admins are especially important to monitor. Admin accounts often have access to sensitive data and system controls, making them prime targets for attackers. Ensuring that admin privileges are tightly controlled helps minimize the risks of a breach.

6. Protecting the Network Edge

In today’s remote work world, the network edge has expanded beyond the physical office. Employees are accessing company resources from home, cafes, and various other locations. With this in mind, Zero Trust needs to protect not just the internal network but also the devices and users accessing the network from the outside.

This means verifying users and devices every time they connect, no matter where they are. Whether it’s a cloud service, a remote worker, or an external partner, Zero Trust ensures that access is always verified, regardless of the location or device being used.

7. The Role of Automation in Zero Trust

Automation can play a significant role in enforcing a Zero Trust architecture by handling the heavy lifting of continuous verification. In a Zero Trust environment, every action, login attempt, and data access request requires validation. With hundreds or even thousands of users making requests every minute, managing these processes manually is not just inefficient—it’s practically impossible. This is where automation steps in to streamline the workload.

Automation tools can be programmed to enforce security policies consistently, ensuring that no exceptions or mistakes slip through the cracks. For instance, they can instantly revoke access for users exhibiting unusual behavior, preventing potential threats from escalating. Additionally, automated systems can monitor for known attack patterns, like credential stuffing or lateral movement, and block such actions before they cause damage.

Building a Zero Trust architecture may seem like a big task, but it’s one of the best ways to protect your organization in today’s threat landscape. By focusing on identity verification, limiting access, and constantly monitoring activity, you can secure your network without relying on outdated assumptions of trust.

As cyberattacks continue to evolve, so should your approach to security. Zero Trust offers a modern, proactive way to defend against attackers, making it an essential strategy for businesses looking to protect their data and systems effectively.

Grant assistance announced for businesses with Cybersecurity

Enterprise Ireland and the National Cyber Security Centre today launched the Cyber Security Review Grant which will assist SMEs to take steps to review and update their online security measures to mitigate against the risk of cyber-attacks.

The grant will be administered by Enterprise Ireland, in collaboration with the National Cyber Security Centre.  It will provide Enterprise Ireland clients with access to cyber security experts who will conduct an initial independent review of the company’s cyber security status, identify vulnerabilities, and develop a clear roadmap for the business to enhance their security measures.

The Cyber Security Review Grant is being made available from €85 million in funds that have been allocated to the Department of Enterprise Trade and Employment through the European Union’s NextGenerationEU funding instrument for supporting the digital transformation of enterprise as part of Ireland’s National Recovery and Resilience Plan. This funding is being channelled into:

•    The Digital Transition Fund for the establishment of a digital portal and to provide for direct to company supports.

•    Four European Digital Innovation Hubs with the aim of helping companies (notably SMEs) access research infrastructure, technical expertise and experimentation in order that these organisations can ‘test before invest’.

A suite of digital supports for enterprise is already available under the Digital Transition Fund through Enterprise Ireland, IDA and Údarás na Gaeltachta and the Cyber Security Review Grant launched today expands on the digital supports available from Enterprise Ireland to its clients under this Fund.

Businesses that avail of the Cyber Security Review will receive consultancy from a qualified, external cyber security expert who will investigate current company practices and review the technical implementation of both on-site and cloud software. A detailed report in line with National Cyber Security Centre’s best practise will then be delivered, outlining actionable steps to improve the company’s cyber security position.

Speaking at the launch Minister of State for Trade Promotion, Digital and Company Regulation Dara Calleary TD said: “Irish businesses are increasingly using AI and advanced digital tools to achieve success in international markets. Ensuring the security of the data used in these tools is a crucial foundation for this success. This new cyber security grant will ensure that Irish businesses who embrace digitalisation to strengthen and grow their business can do so with total confidence in their online security.”

Minister of State for Business, Employment and Retail Emer Higgins TD said: “Irish businesses are leading the way and setting the standard for digital transformation across all sectors. They understand the value of enhancing their digital security. I am delighted that the Cyber Security Grant will provide support with the essential first steps towards achieving international best practices in cyber security, an increasingly important factor when competing for business on a global stage.”

Minister of State with responsibility for Public Procurement, eGovernment and Circular Economy Ossian Smyth TD said: “DECC’s Statement of Strategy, Le Chéile 25, sets an ambitious objective to realise a vibrant and expert cyber security industry in Ireland. The collaboration of the NCSC with Enterprise Ireland to deliver this first-of-its-kind grant scheme represents a key milestone in Le Chéile 25 and in the National Cyber Security Strategy 2019-2024.”

Anne Lanigan, Divisional Manager, Technology Services, Enterprise Ireland said: “Leveraging digital tools can significantly enhance your company’s capabilities. However, it is crucial to invest in protecting sensitive information and mitigating the risk of cyber-attacks. This is especially important as recent advancements in AI have made smaller businesses more attractive targets for malicious actors. The Cyber Security Review aims to help business examine any pitfalls which may leave their systems open and vulnerable to compromise and allows them to put the appropriate measures in place. As we enter into International Cyber Awareness month I would encourage EI clients to avail of the support to help them remain one step ahead in an increasingly heightened cyber threat environment.”

Speaking at the launch, the Director of the NCSC, Richard Browne noted: “I’m delighted that we were in a position to partner with Enterprise Ireland in designing the Cyber Security Review Grant. Not only will this enhance the cyber resilience of our Irish businesses, but it supports indigenous Irish enterprises to build up our industrial capacity in cybersecurity.”

The support is available to Enterprise Ireland clients with 80% of the fixed project cost covered to the value of €3,000, encompassing all project expenses, including consultant time and other related costs.

To learn more and apply online visit www.enterprise-ireland.com/cybersecurityreview.

‘The People Hacker’ Jenny Radcliffe to headline Dublin Cybersecurity Lunch and Learn

Renowned social engineer and ‘The People Hacker,’ Jenny Radcliffe, will be the keynote speaker at an upcoming Cybersecurity Lunch and Learn Event, hosted by Viatel Technology Group on October 4th, 2024.

With a background in burglary, con-artistry, and non-verbal communication, Radcliffe has spent her career ethically exploiting the ‘human element’ to help businesses and organisations identify and address security vulnerabilities. The upcoming event, designed for senior IT managers and C-suite executives concerned about their cyber responsibilities, will provide attendees with invaluable insights into the current Irish cyber threat landscape. 

With cyberattacks becoming increasingly sophisticated, understanding the tactics employed by malicious actors is crucial in safeguarding sensitive data and protecting businesses from financial and reputational damage.

Radcliffe’s unique insights and engaging presentations have made her a sought-after speaker at cybersecurity events around the globe, and she expressed her enthusiasm for the event, stating, “I’m excited to be heading to Dublin for Viatel’s Cybersecurity Lunch and Learn Event, and I am looking forward to sharing insights and driving important discussions in the cybersecurity community.”

The Cybersecurity Lunch and Learn Event will be held at the popular FIRE Restaurant, located at the Mansion House, Dublin, from 12pm on Friday, October 4th. Prior registration is absolutely essential with places limited. Senior IT managers and C-suite executives are encouraged to register early to secure their attendance. Registration via www.viatel.com

Belfast cybersecurity firm ANGOKA bound for space

Belfast-based cyber security firm ANGOKA has been accepted to the Airbus Space Accelerator programme. The accelerator is described by Airbus as “an exciting opportunity not only for existing space companies, but for any business with the desire and potential to work in space”.

Speaking at an event at Farnborough International Airshow, ANGOKA director Yuri Andersson said this is a chance for ANGOKA “to deepen its ties with the space industry, helping us to develop the next generation of cybersecurity solutions.”

Airbus says the accelerator is part of the wider Community for Space Prosperity (CUSP) initiative to develop the UK’s space ecosystem, where the 14-week programme will help startups, academics and non-traditional space businesses to advance their technical offering, understand the commercial space landscape and build connections within the wider space industry.

Airbus is running the accelerator with Plexal, the London-based innovation boutique which collaborates on technology with government, startups and industry.

Mr Andersson says there is rapid growing convergence between terrestrial and non-terrestrial communication networks for improved coverage and bandwidth.

“A new space economy is being built where in the near future there will be in-space infrastructure such as in-space assembly and manufacturing, orbital data centres and human habitats,” he added.

“Much of the data will be kept in space and processed in space, and to support the communications needs of the future space economy we need new solutions for cybersecurity and digital infrastructure. With emerging cyber threats from quantum computers and AI, traditional approaches such as those based on PKI [Public Key Infrastructure], or Distributed Ledgers are no longer adequate, and this requires a complete paradigm shift.” says Mr Andersson.

ANGOKA has also been selected to the Mandala Space Ventures and the Venture into Space programmes supported by UK Space Agency.

BELFAST FIRM DEMONSTRATES SAFE AUTOMATED TRANSPORT AT FARNBOROUGH AIRSHOW

Belfast-based ANGOKA, cyber security experts in land and air mobility, has landed at Farnborough Air Show, the world-leading annual aviation industry exhibition. The ANGOKA delegation is demonstrating its latest technologies which protect connected and automated drones and aircraft from cyber intrusions, hack attacks and other unplanned events to an international audience.

Yuri Andersson says he is grateful to InvestNI for the opportunity. “We are here to display ANGOKA’s cybersecurity technology for machine-to-machine communication, an essential factor without which the safe operation of future uncrewed aircraft is impossible.”

“Our communication device for drones combines secure terrestrial and non-terrestrial 5G will be demonstrated and we will also show how ANGOKA’s solution can secure remote operation of vehicles, including a live hack,” says Mr Andersson.

ANGOKA is a major player in the UK Government’s Future Flight programme and is pressing for new regulations which will allow faster development of the drone sector.

“We’re constantly working to keep the skies safe through the highest standards of cybersecurity. We are seeing increasing demand for wider adoption of varied drone use across different industries, which requires Beyond Visual Line of Sight operation. It is essential to maintain a secure communication to ensure the safety of that operation.” he says.

ANGOKA is located in Hall 1 Booth 1321.

IT.ie forecasts €1M revenue increase from ethical hacking service

IT.ie, the Irish-owned Managed IT Services company, today announces that it expects to generate an additional €1M in revenue through an automated testing service that imitates the movements of hackers to uncover and exploit cybersecurity weak spots within organisations.

The company’s new penetration testing as-a-service (PTaaS), also known as pen testing or ‘ethical hacking’, is an automated cyber security solution designed to fully replicate a hacker’s attack on an organisation, as it attempts to exploit and gain access to its network. This forewarns the organisation to the potential dangers before cybercriminals have an opportunity to exploit them, potentially preventing an attack.

Pen testing has emerged as a key solution for businesses with the growth and increased sophistication of cyberattacks in the modern business landscape. As threats develop at a previously unforeseen rate, regular, automated testing – which takes into account human oversight – is essential.

The new service provides an in-depth scan of the organisation’s network to identify vulnerabilities. It then exploits any vulnerabilities found by replicating the actions of a hacker via a diverse and sustained attack.

PTaaS is preferable to traditional pen testing, which typically only occurs once per year. It represents a significant upgrade on the previous method, which was less precise, more expensive, and more prone to human error. Monthly assessments, however, allow organisations to constantly evaluate and reinforce their systems, enabling them to protect themselves from emerging threats.

Significantly, regular pen testing also enables a reduction in business’ insurance premiums, representing long-term cost savings. As insurance premiums for businesses continue to rise, PTaaS can reduce the likelihood of needing to pay out a ransomware attack – along with the associated costs of a major cybersecurity incident – making them less of a risk to insurance companies.

The new service is being introduced at a time of significant growth for IT.ie. Earlier this year, the company announced plans to double its headcount to 50 people by the end of 2025 and increase annual revenue to €8M.

Wayne Morgan, CTO at IT.ie, said: “To stay ahead of hackers, we must think like them and view our defences as their points of attack. Manual penetration testing led the way for many years, highlighting vulnerabilities in our networks and systems. Identifying these issues internally gave us time and direction to apply remediation steps before falling victim to malicious intent.

“Although this is effective at the time it is carried out, it fails to account for the dynamic nature of cyber threats. Hackers don’t just knock on your door once; they are constantly there, looking for ways in. Automated monthly pen testing is the next generation approach and is a much more effective means of testing your network to highlight any potential weaknesses, helping you to keep hackers at bay. This new innovative service offers cost-effective, monthly assessments, reducing costs and helping achieve regulatory compliance.”

“At IT.ie, we are determined that we remain at the cutting edge of cybersecurity and provide our customers with the most up-to-date services available as we continue to grow, and this new solution adds to our armoury.”

Datapac’s Managed Threat Ops service analyses over 380 million cybersecurity events in first year

Datapac, Ireland’s leading technology solutions and services provider, is today announcing that its Managed Threat Ops service has analysed over 380 million cybersecurity events since it was first launched 12 months ago.

A cybersecurity event is any activity on an organisation’s network that may be indicative of a security concern, such as a failed login attempt or a login from a different geographical location.

Other events in the past year have included suspicious movement within company networks or otherwise unusual behaviour patterns, lateral movement techniques that may be used by attackers to move within a network after gaining initial access, and anomalous user behaviour that may indicate a compromised account or insider attack.

Managed Threat Ops provides 24/7/365 cyberthreat hunting, response, and neutralisation to stop cybersecurity incidents in their tracks. It leverages a combination of human-led expertise and AI acceleration, enabling organisations to change their cybersecurity approach from reactive to proactive and freeing up internal resources.

In its first year, the service has been adopted by customers across a broad spectrum of organisation sizes and industry verticals such as legal, the public sector, distribution, construction, retail, hospitality, and not-for-profit. Managed Threat Ops provides proactive support to businesses of all sizes, including single-site SMBs as well as national and multinational enterprises.

Since adoption, some key benefits noted by customers are that the service operates in the background with minimal notifications or interruptions to workflows, and delivers speedy remediation in times as low as 15 minutes in the event of an incident.

Driving the demand for the Managed Threat Ops service is the ever-evolving cyber threat landscape. Increasing threat sophistication means that some traditional cybersecurity solutions, such as antivirus, firewalls, and unmanaged endpoint protection, are often not enough to provide sufficient protection for businesses.

In the coming year, Datapac expects a number of key driving factors will contribute to increased uptake of the Managed Threat Ops service. These include new pieces of legislation that are due to come into effect – the NIS2 Directive and the Digital Operational Resilience Act (DORA) – which mandate robust cybersecurity measures to ensure compliance and security management best practices.

In addition, in line with growing cyber threats, cybersecurity insurance is becoming a necessity for more organisations. In order to secure favourable premiums and, in many cases, to secure cybersecurity insurance at all, organisations need to have 24/7 managed threat detection and response in place.

Patrick J Farrell Solicitors in Newbridge, Co. Kildare, adopted the Managed Threat Ops service to protect their highly sensitive organisational and customer data. “In times of increased cybersecurity threat, we felt the need to have a managed threat service and we are very happy with the service we get from Datapac in providing that,” said Niall Farrell, Managing Partner.

Karen O’Connor, General Manager, Datapac: “A key strength of the Managed Threat Ops service is its ability to cut through the cybersecurity noise, as some seemingly benign security events could bypass most traditional cybersecurity systems, posing a risk to data security. More and more organisations of all sizes are realising the benefits that 24/7 managed threat detection and response services can provide in the modern threat landscape. Managed Threat Ops is robust enough to meet the demands of larger enterprises, yet scalable enough to operate within the more moderate budgets of organisations in the SMB space. Going forward, it will also help organisations to remain compliant as new regulations come into force. We’re looking forward to continued success with the service amid increasing demand from customers for proactive and reliable cybersecurity.”

Ireland wins Gold at the WorldSkills Global Skills Challenge 2024 in Cybersecurity in Melbourne

An Irish team of cybersecurity experts has triumphed over Australia, Korea, Hong Kong, Chinese Taipei (Taiwan), and Singapore to take Gold at the WorldSkills Global Skills Challenge 2024, hosted by WorldSkills Australia. Mark Drinan and Luke Woodside, guided by Dr. George O’Mahony of Munster Technological University (MTU), overcame fierce competition from several nations renowned for their cybersecurity expertise.

The victory marks the first time an Irish team has triumphed in an official World Skills Competition in Cybersecurity, with Ireland first entering the cybersecurity skill in 2021. Team Ireland is now setting its sights on the upcoming WorldSkills International Cybersecurity Competition (Skill 54) in Lyon this September as part of WorldSkills Team Ireland.

The Challenge

As part of the Global Skills Challenge, the teams were put into the scenario of a real-world cyber-attack on a fictitious company that was started based on a rogue malicious USB and insider threat. Over three days the teams had to run digital forensics on an infected end-user computer, each team also had to create reports including a technical brief, a timeline of the cyber-attack, a report for the media and a report for the board of directors. This competition was about accurately identifying what happened and providing real-world preventative measures and recommendations.

The Team

 Team Cybersecurity for WorldSkills Ireland consists of Mark Drinan, a recent graduate from the Cybersecurity Masters at MTU and an engineer at IBM, and Luke Woodside, a graduate from TUS (Technological University Shannon) and Managing Director of Woodside Networks. Mark and Luke beat out stiff competition in regional competitions to make the national team. The team was trained and mentored by MTU Cybersecurity Lecturer and WorldSkills Ireland Expert for Cybersecurity Dr George O’Mahony.

The team trained on and competed nationally using MTU’s Cyber Range, a state-of-the-art cybersecurity platform unique to Ireland. The facility enables simulations of cyber-attacks on virtual organisations, providing invaluable training for students, researchers, and industry professionals without risking real-world damage or outages.

Professor Maggie Cusack, President of MTU, said, “MTU’s leadership in cybersecurity education, research and innovation, mentorship and training ensures that our graduates and trainees have the skills, capabilities and confidence to succeed at the highest levels in Ireland and globally. On behalf of everyone at MTU, I am delighted to congratulate our Team Ireland members on their extraordinary achievement of winning gold at the WorldSkills cybersecurity challenge.”

Dr. George O’Mahony – Cybersecurity Lecturer & Researcher at Cyber Skills at MTU and WorldSkills Ireland Expert Skill 54 – Cybersecurity, said, “This win is a great example of the work Ireland’s cybersecurity academics and experts are doing in preparing young Irish professionals to compete on the world stage. It highlights the calibre of talent being produced and the strong pipeline of skilled cybersecurity professionals available in Ireland. The win is a great boost to the team and a big step along their training and upskilling journey. The work Mark and Luke have put in has been a testament to their drive and determination.”

Mark Drinan, Team Ireland, said, “I am incredibly proud to represent my country and bring home a Gold Medal for Ireland. This medal represents Ireland’s commitment to investing in high-quality, practical cybersecurity education.”

Michael Hourihan (MTU) – WorldSkills Ireland Official Delegate – “This win highlights the positive outcomes that result when skills and technological careers are recognised and promoted at national and international levels. Congratulations to our competitors Luke Woodside and Mark Drinan and to our Cyber Security expert George O’Mahony.”

Ray English (TUD) – WorldSkills Ireland Chair-Technical Delegate – “The Global Skills Challenge held in Melbourne and hosted by WorldSkills Australia was a great platform for the WorldSkills Ireland Team of Luke Woodside, Mark Drinan and Cyber Security expert George O’Mahony to test their preparedness for the Olympics of Skills in Lyon in September 2024. We encourage ICT students to start their Skills Olympics journey by participating in the WorldSkills Ireland National Competitions this September, test your skills against the best nationally and possibly internationally.”

New Cybersecurity Directive holds executives personally liable and up to €10 million in fines for organisations

A new directive set to be launched in Ireland in October 2024, could lead to 4,000 businesses in Ireland and their senior executives being personally liable and their organisations exposed to potential fines of up to €10 Million. The expanded Network and Information Security Directive (NIS2) is being implemented to ensure businesses classified as essential and important entities take appropriate measures to enhance their cyber vigilance and protect sensitive data.

In response to these challenges, OpenSky, the business process automation specialists & Microsoft Solutions Partner for Data & AI who use their expertise to bring AI to the centre of digital transformations, have now launched a new Data Management and Governance service for public and private sector organisations.

This new service by OpenSky, powered by Microsoft Fabric & Purview, applies a ‘Data Fabric’[1] approach as the strategy to connect, protect and make data accessible for organisations, aiming to ensure that they meet robust governance and regulatory compliance requirements. In addition their Data Fabric service allows organisations to build greater AI powered insights from connected data by breaking down internal data silos at scale across departments.

Commenting on the new OpenSky offering which will address organisations concerns, Michael Cronin, managing director, said, “The NIS2 directive is reshaping how we approach data management in Ireland, both in the public and private sectors. It’s an opportunity for us to lead by example, ensuring that our data strategies and AI implementations are secure, transparent, and aligned with the best practices in data governance.

The NIS2 directive is an EU-wide legislation on cybersecurity that provides legal measures to increase the overall level of cybersecurity in the EU, and urgently puts pressure on public and private sector organisations to determine its impact on their current cybersecurity posture.

The expanded NIS2 Directive is estimated to impact about 4,000 businesses in Ireland, which is significant considering less than 100 businesses in Ireland are currently impacted by NIS1. The expanded NIS2 brings new categories where organisations in scope are either directly involved in the provision of essential services or connected to their delivery.

Roseanne Killeen, Acting CEO Ireland East Hospital Group, who has worked with OpenSky on enriching the access and integration of HR & Finance data in the hospital group said, Healthcare faces major hurdles in making data accessible across various departments, and this is due to numerous disconnected data silos. Navigating the challenges around governance and prevention of data breaches can seem like an arduous task but it doesn’t have to be the case when you have access to all your data. We’re not only in a position to govern our data but we’re also now better equipped to provide accountability and transparency to the HSE.”

Based in Naas in Co Kildare, OpenSky has a rich heritage as an Irish digital transformation specialist providing AI powered IT solutions and consultancy services to both public sector and private organisations. OpenSky employs more than 110 people, and this year the company celebrates its 20th anniversary, positioning them as one of Ireland’s most established IT services businesses.

To assess your organisations’ eligibility for a funded Data Governance proof of concept, follow the link here: www openskydata.com