• Ward Off ‘Cyber Insecurity’

    Cyber attacks on Government data and systems continue to be a risk to agencies.

    The Auditor General reported in June 2012 that ‘cyber security for government agencies has improved’, but that ‘agencies remained vulnerable’ to cyber threats.

    In 2012, the Department of Finance’s (Finance) ServiceNet received and processed 1,626 cyber security notifications, which included virus and malware alerts.

    To help agencies protect their data, Finance has an Information Security Management Services Common Use Arrangement (CUA) in place. The CUA is mandatory state-wide and offers agencies a Pick and Buy arrangement. As maximum prices are listed, agencies are encouraged to seek quotes to find the best supplier that meets their needs.

    Agencies' cyber security requirements must meet the ISO 2700 1/2/5 standards. To help determine whether your security framework is up to scratch, Finance has established a Cyber Security Healthcheck tool.

    For agencies that need help to meet the required standards, there is a list of nine
    pre-qualified suppliers who can assist across four categories of services:

    Consultancy and Advisory: To assist in developing suitable Information Security Management Systems or frameworks consistent with ISO 27001/2/5 standards.

    Auditing and Compliance: To assess the effectiveness of Information Security Management systems and to monitor compliance with ISO 27001/2/5 standards. 

    Training and Awareness: To raise awareness of cyber security, risk management, business continuity management, disaster recovery and personnel security.

    Testing Services: To assess and test for vulnerabilities and weaknesses.

    Use the Buyers Guide online to help assist you with the CUA and Healthcheck tool.

     

    Published date: 25 June 2013