NSW agencies must do more on data security
NSW Government agencies need to do more to ensure strong data security to protect the integrity and privacy of data on government activities and citizens, according to the state's Auditor-General.
In a report summarising key findings from the office's audits over the past four years, the NSW Audit Office noted that cybersecurity should be at the centre of public sector engagement with technology.
Past audits have highlighted critical security problems exposing organisations to service disruption, theft of information, cyber attacks and fraud.
The audits found a large variation in the capability of government entities to protect and manage their systems.
In some cases, processes are not in place for service providers to notify government agencies of security and data issues. Many entities also have inadequate data collection systems and processes, such as gaps in the collection of information that reflect the outcomes and benefits of their activities.
Past audit recommendations have included the development of whole-of-government systems to share reported threats and respond rapidly to incidents. Agencies should also adopt a comprehensive security plan including a risk-based approach to identifying current and target risk levels.
In addition, the report highlighted the importance of strong project management and governance capabilities to ensure agencies get the most out of new systems installed during a digital transformation. Staff engagement with the technology is another key consideration, it adds.
Please follow us and share on Twitter and Facebook. You can also subscribe for FREE to our weekly newsletter and quarterly magazine.
The machine identity gap putting public sector data at risk
While there is an increased focus on AI and secure data access, many agencies still lack a...
Access management remains a major problem at many Australian councils
As AI starts to be used more widely in the local government sector, further granularity around...
Australia's next Budget must treat cyber resilience as essential infrastructure
The federal Budget needs to make cyber resilience a core investment priority across AI...
