Public Accounts committee holds cybersecurity hearing

The House of Representatives Joint Committee of Public Accounts and Audit held a hearing for its inquiry into cybersecurity compliance this morning to learn how three key agencies are improving their cybersecurity resilience.

The hearing follows a review into the cybersecurity practices of the ATO, the Department of Human Services (DHS) and the Department of Immigration and Border Protection (DIBP).

The Auditor General found that while all three agencies had improved their standing since a previous audit in 2014, only the DHS is cyber resilient.

The ATO and the DIBP had not implemented the top four strategies recommended by the Australian Signals Directorate (ASD) since the last time they were audited.

While they had security controls that “provided a reasonable level of protection from breaches and unauthorised disclosures of information from internal sources”, there was “insufficient protection against cyber attacks from external sources”.

According to the ASD, 85% of targeted cyber intrusions could be prevented if these four strategies are fully implemented.

“With an increasing threat of cyber intrusions, it is more important than ever that government agencies are cyber resilient,” committee chair Senator Dean Smith said.

Representatives from the ATO, DIBP, the Department of Prime Minister and Cabinet, the Australian National Audit Office and the Department of Defence presented at the hearing.

Image credit: ©stock.adobe.com/au/Lasha Kilasonia