The Western Australia Government is set to further strengthen its cybersecurity capabilities under its Digital Strategy 2021-25, including an expansion “in the coming months” of its whole-of-government cybersecurity unit, WA Government chief information officer Greg Italiano revealed during a recent keynote.
Speaking at the FST Government Western Australia 2022 conference, Italiano noted a substantial increase in cybersecurity threats during the pandemic targeted at state institutions.
There appears to be no respite for cyber teams post-pandemic, determining that “a deterioration of the threat environment” was likely to persist.
“Those of you who are familiar with this area would have known this threat environment has deteriorated and continues to deteriorate,” he said.
“We’ve seen, based on Commonwealth briefings, this territory now emerging where international actors, even state-sponsored actors, are taking an interest in Western Australia [and] in our government organisations. That’s not speculative, that’s actual.”
In an effort to boost overall agency cyber defence and resiliency, the Government earlier this year announced it would expand its whole-of-government Cyber Security Operations Centre (CSOC), outlining its objectives under the state’s Digital Strategy 2021-2025.
The CSOC, first announced back in late 2020 and sitting under the DP&C’s Office of Digital Government, effectively consolidates the Government’s cybersecurity function, providing support to agencies (those that are directly connected to its common platform) targeted by malicious cyber actors and impacted by cyber breaches.
“The new Operations Centre will provide unprecedented visibility of threats against agencies’ networks, as well as improve the State Government’s ability to coordinate and respond to cybersecurity threats against our systems,” the then Innovation and ICT Minister Dave Kelly said during the CSOC’s launch.
In February this year, the WA Government revealed its aim to have 30 agencies connected to the CSOC by Q2 2022.
According to Italiano, the CSOC already has 20 agencies on its common platform, with that number expected to now grow to 38 by the end of the financial year.
This cross-governmental function, he said, is reaping substantial benefits for what are sometimes minimally cyber resourced government agencies.
“The value proposition from a central government point of view is that we’ve now got a very real prospect [for our agencies] – particularly for small and medium-sized agencies who would have never established their own security operations centres and would have never had the budget to do it – to now leverage that service, which is essentially free,” he reiterated.
Italiano said that in the near future his Office would focus on the expansion of this key cybersecurity unit and its uplift program.
In March this year, the Office of Digital Government revealed its intentions to establish a dedicated Cyber Security Uplift Team, tasked with uplifting agencies’ cyber posture.
Another “space to watch”, Italiano noted, is the WA Government’s push to actively grow its central data analytics capability.
Moving forward, he said the Office for Digital Government would continue its focus on building out WA’s Privacy and Responsible Information Sharing legislation, including the addition of a legislative mechanism to better promote data sharing across government.
“In many agencies, people would be [aware] that the only thing harder than sharing data externally with government is trying to share it internally in government, so we are looking at a legislative mechanism to promote data sharing,” he said.
His Office is also pursuing steps to improve privacy protections – something Italiano concedes has been lacking within the state.
“This is something we do not have in Western Australia, and it does impact our ability to do things because we lack those fundamental protections,” he said.
The WA Government, he said, would also move to establish a data repository for records linkage.