Government departments fail cyber resilience test

The Australian National Audit Office (ANAO) has assessed the cybersecurity credentials of several Federal Government agencies, with all but one department failing its review.
 

As part of the government agency’s fourth report on cyber resilience, the audit office assessed four federal departments, including the Department of the Treasury, the National Archives of Australia and Geoscience Australia, rating each agency’s compliance with Australian Signal Directorate’s (ASD) ‘Essential Eight’ cybersecurity guidelines.

These guidelines include mitigation strategies aimed at improving systems cyber resilience, including restricting administrative privileges, utilising multi-factor authentication, and patching operating systems.

ANAO’s ‘Top Four’ mandatory cyber mitigation strategies for government departments and agencies include application whitelisting, applying application and operating system patches, and effectively managing access provisions for privileged user accounts.

Of the three departments assessed by ANAO, only Treasury was compliant with the Top Four mitigation strategies and rated as “cyber resilient”.

While the National Archives were found to be non-compliant with the mitigation strategies, they nevertheless had sound ICT general controls, proving a level of cyber resilience without the essential internal resilience, the report stated. 

The harshest rebuke was left for Geoscience Australia, with the report finding it was “not compliant with the Top Four mitigation strategies and did not have sound ICT general controls”, leaving itself particularly vulnerable to cyber-attacks. 

“Until the National Archives and Geoscience Australia achieve compliance with the mandatory strategies, it is inappropriate to consider that a positive cyber resilience culture is in place,” the audit said.

Each of the surveyed departments has agreed to recommendations made by ANAO to improve respective department cyber resilience. 

 

Related Stories

Dept of Education appoints new tech chief
Girvan previously served as Acting Program Manager for Technology and Security at the Australian... Read More
WA Gov delivers much-needed funding boost for digital transformation
The much welcome funding boost will give the ODG enough fuel to support its operations beyond the... Read More
Govt sets sights on a blockchain-ready future
The Government has offered a modest $100,000 to support the national blockchain strategy which it... Read More
An Interview with Audrey Tang, Digital Minister, Taiwan Government
One of the more recent players in the Taiwan Government's spectacular emergence as an eGov leader... Read More

Comments