My office has been reporting on the issue of cybersecurity for over a decade. Now, hardly a day goes by when the issue is not reported in the media. Australia’s preeminent cybersecurity organisation, the Australian Signals Directorate, cannot be clearer about this threat – attacks are becoming more frequent, more sophisticated and more dangerous.
This report assessed how well 6 state agencies are handling the threat from one type of cybersecurity threat – malware. Malware is a blanket term used to describe all kinds of harmful or undesirable computer programs. Computer viruses, worms, and Trojans are all types of malware. Malware is used to steal files and sensitive information, disrupt operations, and destroy data.
The audit found that all the agencies were under constant threat. In the report we comment on the types of incidents we saw and the agency controls that were used to defend against the attacks. Unfortunately, the controls were not always effective in preventing or detecting infection.
The audit highlighted the need for improved central governance arrangements to identify, warn of and prevent attacks. In my view, this would help address existing vulnerabilities.