Public Accounts committee holds cybersecurity hearing
The House of Representatives Joint Committee of Public Accounts and Audit held a hearing for its inquiry into cybersecurity compliance this morning to learn how three key agencies are improving their cybersecurity resilience.
The hearing follows a review into the cybersecurity practices of the ATO, the Department of Human Services (DHS) and the Department of Immigration and Border Protection (DIBP).
The Auditor General found that while all three agencies had improved their standing since a previous audit in 2014, only the DHS is cyber resilient.
The ATO and the DIBP had not implemented the top four strategies recommended by the Australian Signals Directorate (ASD) since the last time they were audited.
While they had security controls that “provided a reasonable level of protection from breaches and unauthorised disclosures of information from internal sources”, there was “insufficient protection against cyber attacks from external sources”.
According to the ASD, 85% of targeted cyber intrusions could be prevented if these four strategies are fully implemented.
“With an increasing threat of cyber intrusions, it is more important than ever that government agencies are cyber resilient,” committee chair Senator Dean Smith said.
Representatives from the ATO, DIBP, the Department of Prime Minister and Cabinet, the Australian National Audit Office and the Department of Defence presented at the hearing.
ACSC releases new guidance on bulletproof hosting providers
The ACSC has released new guidance on defence against potential cybercriminal activity enabled by...
IT security governance still lacking for many NSW agencies: report
A recent audit report finds there are still significant deficiencies in IT controls and...
Cisco devices still being exploited by BADCANDY since 2023
The ACSC has warned that cyber actors are still installing an implant dubbed 'BADCANDY'...
