Cybersecurity improvements recommended

THE Joint Committee of Public Accounts and Audit report has found that much work remains for cybersecurity compliance and cyber resilience to be achieved across the Commonwealth.

The inquiry focused on the Auditor-General’s cybersecurity follow-up audit.

The Committee was most concerned to find that the Australian Taxation Office and Department of Immigration and Border Protection were still not compliant with the Government’s mandatory mitigation strategies, despite the Government setting a target date to achieve compliance by 30 June 2014.

The report makes 10 recommendations aimed at strengthening the cybersecurity posture of Government entities, including making it mandatory for all Commonwealth entities to:

• comply with the Essential Eight cybersecurity strategies;
• join the Internet Gateway Reduction Program; and
• participate in the Australian Signals Directorate’s annual cybersecurity survey.

The Committee also recommended that both the Attorney-General’s Department and Australian Signals Directorate report annually to the Parliament on the Commonwealth’s cybersecurity posture.

Committee Chair Senator Dean Smith said cybersecurity should be a top priority for all Government entities.

“Achieving compliance with the mandatory cyber mitigation strategies is one way entities improve their cyber resilience and mitigate cyber-incidents, alongside good governance and a strong culture of prioritising cybersecurity within the context of entity-wide strategic objectives.”

Interested members of the public may wish to track the committee via the website. 

ends