Public Accounts committee holds cybersecurity hearing
The House of Representatives Joint Committee of Public Accounts and Audit held a hearing for its inquiry into cybersecurity compliance this morning to learn how three key agencies are improving their cybersecurity resilience.
The hearing follows a review into the cybersecurity practices of the ATO, the Department of Human Services (DHS) and the Department of Immigration and Border Protection (DIBP).
The Auditor General found that while all three agencies had improved their standing since a previous audit in 2014, only the DHS is cyber resilient.
The ATO and the DIBP had not implemented the top four strategies recommended by the Australian Signals Directorate (ASD) since the last time they were audited.
While they had security controls that “provided a reasonable level of protection from breaches and unauthorised disclosures of information from internal sources”, there was “insufficient protection against cyber attacks from external sources”.
According to the ASD, 85% of targeted cyber intrusions could be prevented if these four strategies are fully implemented.
“With an increasing threat of cyber intrusions, it is more important than ever that government agencies are cyber resilient,” committee chair Senator Dean Smith said.
Representatives from the ATO, DIBP, the Department of Prime Minister and Cabinet, the Australian National Audit Office and the Department of Defence presented at the hearing.
Half of government agencies falling short on email security measures: report
Lack of consistency across Australian Government bodies leaves critical vulnerabilities in the...
CISA and Microsoft warn of “active attacks” on SharePoint
Alerts have been published active attacks exploiting a remote code execution vulnerability in...
NSW Government agencies have ineffective cybersecurity controls: report
The Audit Office of New South Wales has found that NSW Government agencies still have minimal...