• Resources, Advisories and Tools

    A Handy Guide to get you started

    Cyber security and development of a simple Information Security Management System or framework should be business-as-usual. Use this handy guide to make a start and then check out the other resources on this web site. Aim at the high risk information assets first. Talk to ServiceNet, they may able to help.

    A Handy Guide to get you started.

    Approved Government Suppliers

    Please refer to Contracts WA for an approved list of suppliers to the WA Government for CS 14998 Information Security Management Services. The site includes the buyers guide, pricing and Health Check/Self Assessment. Contracts WA – Information Security Management Services.

    Australian Cyber Security Centre (ACSC) - Defence Signals Directorate

    On 27 November 2014 the new Australian Cyber Security Centre (ACSC) was formally opened creating a hub for greater collaboration and information sharing to ensure that Australian networks are amongst the hardest in the world to compromise. The Australian Signals Directorate of the Australian Government Department of Defence cyber security mandate and responsibilities are committed to and focussed on assisting agencies in ensuring the security and resilience of their information and ICT systems.

    The ACSC brings together existing cyber security capabilities across the Australian Government into a single location at:  https://www.acsc.gov.au/  Australian government agencies can also contact the Australian Signals Directorate (ASD). ASD is the Commonwealth authority on the security of information and can provide advice and assistance to federal and state authorities on matters relating the confidentiality, security and integrity of information.   For more information visit http://www.asd.gov.au/ or contact ASD at: http://www.asd.gov.au/contact.htm.

    The Defence Signals Directorate (DSD) Onsecure website is a members-only website for Australian Government, State Government and Local Government personnel only. It is an authoritative and valuable source of security resources, cyber security advisories, publications and an online incident reporting system. Cyber security advisories posted on this website are from the Department of Defence ACSC and CERT Australia. Publications include DSD’s PROTECT publications as well as other useful technical guidelines. Agencies are strongly encouraged to apply for membership to avail themselves of these valuable resources available at no cost. Agencies wishing to apply for a membership account should go to OnSecure - security resource and incident reporting system.

    AusCERT

    AusCERT is a not-for-profit  group based at the University of Queensland and helps to prevent, detect, respond to and mitigate cyber and internet based attacks. that provides daily technical risk and vulnerability information used by system administrators to evaluate the threat to their ICT environment and mitigate those risks.

    Government Procurement maintains membership of AusCERT on behalf of the Western Australian Government,  and provides a centralised service for the distribution of computer security alerts, bulletins and advisories to agencies.  Agencies wanting to be included in the distribution of alerts and bulletins can contact Cyber Security Team for more information.

    Risk Management and Business Continuity Guidelines

    RiskCover has produced guidelines to assist agencies in developing and implementing effective Risk Management  and business continuity processes.

    These guidelines, and information about RiskCover’s risk management reporting tool (RiskBase), are available at https://www.icwa.wa.gov.au/riskcover/risk-management.

    Cyber Security Health Check

    Cyber Security Health Check and statement of Applicability Self Assessment tools are currently under review by the OGCIO.   The following information may be utilised in the interim.

    As a business-driven risk-based approach to cyber security, decisions need to be recorded on how risks have been addressed to provide an adequate level of assurance to the business that cyber security controls and protection mechanisms are in place, being used and effective. The risk assessment process and arising documentation underpins the entire information security process and its importance cannot be understated.

    The Cyber Security Health Check and Statement of Applicability Self Assessment provide a summary of decisions concerning the treatment of risks identified within an agency. It is based on AS/NZS ISO/IEC 27001:2006 with additional controls relating to wireless networks and Defence Signals Directorate top four strategies to mitigate targeted cyber intrusions. Justifying exclusions provides a cross-check that no controls have been inadvertently omitted.

    It is not intended that completion of this self-assessment is conducted on a 'once off' basis to determine alignment with the standards. This tool should be part of a continual improvement cycle requiring agencies to reconsider protection measures and assure themselves that these measures are still relevant, being applied, effective, communicated and understood by all relevant parties including suppliers to Government. It provides an opportunity to remove measures that are no longer applicable or relevant, or to modify existing measures taken to protect information assets in light of contemporary or emerging threats. 

    Cyber Security Health Check / Statement of Applicability Self Assessment

    Incident Response Plan and Forensic Plan

    Two technical guides - Incident Response Plan and Forensic Plan prepared by Government Procurement to assist agencies in preparing for and responding to computer security incidents are currently under review by the OGCIO.
    The Incident Response Plan is a technical guide to aid in preparing for, detecting and responding to computer security incidents. It documents the steps agencies may take to effectively and efficiently prepare for and manage computer security incidents should they occur.

    Agencies should use this plan to produce their own tailored Incident Response Plan, and include agency-specific information (such as contact lists, network diagrams etc).

    The Forensic Plan is a companion document to the Incident Response Plan, and is a technical guide to aid in the preservation of digital evidence following a computer security incident.

    These plans are not public documents and are only available to Western Australian Government agencies. Please contact Cyber Security for details.   Please contact Cyber Security for details and to request your copy of the plans.

    Wireless Network Security Position Papers – CEO and Technical

    These papers – Wireless Network Security Position Paper – CEOs and Wireless Network Security Position Paper – Technical were developed in response to the Auditor General's Second Public Sector Performance Report 2007, Report 3 – April 2007 which can be found at: https://audit.wa.gov.au/wp-content/uploads/2013/05/report2007_03.pdf
    Their purpose is to raise awareness of security risks posed by wireless computer networks and to provide agencies with guidance for establishing secure wireless networks.  These papers are currently under review by the office of the GCIO.

    The CEO paper provides some high-level guidance for establishing secure wireless networks. The Technical paper provides more detailed guidance on the management, operational and technical issues and recommendations for the secure deployment of wireless local area networks to agencies’ management and technical staff.  These papers target security for Wireless Local Area Networks (WLANs) using the standard typically used to install WLANs in Western Australian Government agencies (IEEE 802.11).

    Other wireless technologies are outside the scope of this paper, however for completeness some general information is also provided on IrDA and Bluetooth. Recommendations for using external networks, such as public Internet access points (‘hot spots’), are also outside the scope of these papers.

    Inter-Agency Information Security Management Group

    The Inter-Agency Information Security Management Group (IAISMG) is a forum for agencies to pursue matters, and share information, relating to cyber security issues that have an impact at an agency and whole-of-government level. The group meets approximately every six weeks and currently has representatives from more than twenty agencies. The group also has an email list-server that is used to share experiences and information and provide a means for individual agencies to find out what other agencies are doing about a particular matter.  To find out more about the group and the ways in which an agency can participate, contact the Cyber Security Team.

    Incident Response

    Government Procurement can assist agencies in responding to cyber security incidents by providing an initial point of contact for the public sector in dealing with cyber security incidents and by assisting in the escalating the incident to other organisations where applicable e.g. Police, Commonwealth Defence Signals Directorate and incident reporting.

    General Advice Further information

    Government Procurement can assist agencies by providing an initial point of contact for advice on current and emerging issues in relation to cyber security.

    For all advice and support queries contact the Cyber Security Team.