Budget 2017: Government creates new Cyber Security Office
The government will spend $10.7 million over four years to create a Cyber Security Advisory Office (CSAO).
The CSAO will sit within the Digital Transformation Agency and “provide strengthened central governance and assurance for cyber security and broader project vulnerability across government,” budget documents state.
The CSAO “will work with agencies to ensure they are appropriately managing the risks of cyber and other digital vulnerabilities on digital services.”
The government said that the creation of the new office is based on the review conducted by the Prime Minister’s Special Advisor on Cyber Security, Alastair MacGibbon, of the events surrounding the 2016 Census.
The Census website was pulled offline after a series of distributed denial of service attacks (DDoS). The security preparations of the Australian Bureau of Statistics and its lead contractor for the eCensus, IBM, were subject to a significant amount of criticism in the wake of the debacle.
MacGibbon’s report recommended that the DTA work in partnership with the Australian Signals Directorate and the Department of Finance to develop a proposal for a cyber security shared services “digital security consulting organisation”.
“This would ensure security is integral to all new online service delivery proposals and facilitate partnering between agencies to draw on cyber security expertise in larger agencies with more mature capabilities,” the report stated.
“There is no single, comprehensive source of truth to which agencies can turn to understand whole-of-government standards to which they or their vendors must or should comply, including procurement rules, technology requirements, and cyber- and data-security,” the report argued.
“For this reason, a central point of advice and governance should be established to assist agencies with the early stages of their digital initiatives.”