The head of the Australian Cyber Security Centre says the ASD is bringing the full weight of its technical prowess and expertise to support and strengthen the government’s IT program.
Shortcomings in government cyber security and recent disruption in the office of the National Cyber Security Coordinator were highlighted on Tuesday as the government announced it had used its cyber sanction powers for the first time against a man linked to last year’s Medibank Private attack.
Cyber security minister Clare O’Neil admitted Commonwealth cyber security isn’t where it needs to be.
“The Australian Government is a very large organisation,” she told a media confernence.
“Our security is not where it needs to be, and this is going to be a big focus of our efforts this year.”
She described the Medibank attack, in which almost 10 million records were stolen, as “the single most devastating cyber attack that we have experienced as a nation”, and said protecting government networks from a similar breach is a priority.
Abigail Bradshaw, Deputy Director-General of the Australian Signals Directorate and Head of the ACSC, said the ASD will leverage extra resources made available via REDSPICE funding to step up government security.
“That means more technical capability for visibility of sensitive government networks”, Ms Bradshaw told a media conference.
“It means more teams working with government officials to uplift their networks and to implement the sort of expertise that needs to reside in every government department to make those networks secure.”
Ms O’Neil said uplifting Commonwealth cyber security will be ‘a big focus of our efforts this year’, with the APS and government to face similar requirements to business to prevent a future Medibank style breach.
We impose plenty of cyber requirements on major Australian organisations, but no one holds more sensitive data about our citizens than the Australian government.Clare O’Neil
“We impose plenty of cyber requirements on major Australian organisations, but no one holds more sensitive data about our citizens than the Australian government,” she told a media conference.
“So this is a core prong of the nation’s new Cyber Security Strategy, and for the first time the Australian Government will start to impose on government departments and (agencies) the same requirements that we put on business.”
Cyber security coordinator’s work ‘not delayed’
The new Cyber Security Coordinator will play a key role in this, Ms Bradshaw said.
She denied the work of the office had been been disrupted by recent changes.
Department of Home Affairs Deputy Secretary of Cyber and Infrastructure Security Hamish Hansford is currently acting in the position after the inaugural Cyber Security Coordinator, Air Marshal Darren Goldie was recalled to Defence last November less than five months after being appointed, to deal with a workplace matter.
“The Cyber Coordinator has a dedicated team that sits beneath that position within the Department of Home Affairs, the position is well‑resourced for the job that’s available,” Ms Bradshaw said.
Comment below to have your say on this story.
If you have a news story or tip-off, get in touch at email@example.com.
Sign up to the Government News newsletter