Ireland’s National Cyber Security Centre (NCSC) successfully takes part in Locked Shields 2024 exercise

Ireland is taking part in its first-ever 'Locked Shields' cyber defence exercise which allows experts here to enhance their skills in defending national IT systems and critical infrastructure.

A joint Irish and South Korean team of nearly 200 personnel took part in the week-long event which allowed them to test their ability to protect cyber-physical systems in real time, as well as undertaking strategic exercises in both the legal and communication spheres.

Ireland's involvement is led by the National Cyber Security Centre (NCSC), with support from the Irish Defence Forces as well as private technology companies and academia. This collaborative approach was instrumental in merging public sector oversight with private sector and academic innovation and expertise.

Speaking during a visit to the NCSC to observe Locked Shields, Minister of State at the Department of the Environment, Climate and Communications with special responsibility for Communications Ossian Smyth stated:

"I'm delighted to see the level of talent and dedication on display by the Irish team. The range of expertise available from public, private and academic organisations is a testament to Ireland's strength as a digital economy with vibrant cyber security skills.

"I was particularly pleased to see the collaboration with the Republic of Korea on display following my visit to the country this St Patrick's Day."

The teams taking part took on the role of national cyber rapid reaction teams that are deployed to assist a fictional country in handling a large-scale cyber incident, with all its implications. Annually, the exercise can involve in excess of 5,500 virtualised systems subjected to more than 8,000 attacks.

In addition to securing complex IT systems, the participating teams must also be effective in reporting incidents and solving forensic, legal, media and information warfare challenges, as the exercise not only tests the technical and operational response to cyber-attacks, but also includes elements of strategic communications, senior public policy decision making as well as whole-of-government and society coordination.

Speaking after the exercise, NCSC Director Richard Browne stated:

"This real-time network defence exercise is a unique opportunity for us to practise protection of national IT systems and critical infrastructure under the pressure of a severe cyber-attack. It also provides us with an opportunity to build relationships not just across Europe, but across the globe as seen in our teaming with the Republic of Korea.

"Similarly, we were able to work with partners within the private sector when composing the team, to ensure that the response we were able to provide was as comprehensive as possible."

Director of the Defence Forces Communication and Information Services Corps, Colonel Mark Staunton, stated that:

"The Defence Forces participation in Exercise Locked Shields 2024 - a virtualised environment simulating real-world challenges, represents an excellent opportunity to develop the skills of our Cyber Defence personnel in collaboration with the NCSC and our national and international colleagues. International cyber exercises like this one are key capability builders for the Defence Forces as we progress the implementation of the DF's Joint Cyber Defence Command."

ENDS

Notes to the Editor

Alongside NCSC staff, the Irish contingent included a significant Defence Forces presence as well as staff from a range of private companies including Microsoft, Trellix, BAE Systems, Threatscape, EY, KPMG, Flutter Entertainment, eir evo, Palo Alto Networks, UCD Centre for Cybercrime Investigation and the South East Technological University (SETU).

Locked Shields has been run since 2010. It is the largest and most complex international live-fire cyber defence exercise in the world. The goal of this one-of-a-kind cyber and strategic exercise is to provide a realistic and challenging training experience and to field test cyber resilience, cooperation and chain of command in a stressful environment.

The exercise is run by the Estonia-based NATO Co-operative Cyber Defence Centre of Excellence (CCDCOE). Ireland is one of eight non-NATO members which are contributing participants in the CCDCOE. Locked Shields takes the form of a Red team vs. Blue Team exercise, whereby there are real attackers attacking real computer systems.