• Skip to primary navigation
  • Skip to main content
  • Skip to footer
Logo of Agilient Security Consultants, Australia

Agilient Security Consultants Australia

Cybersecurity & Risk Management Specialists

Menu
  • Home
  • Industries
      • Aviation
      • Defence & Defence Industry
      • Government
      • Health & Hospitals
      • Corrections and Detention
      • Maritime
      • Aged Care Facilities
      • Mining, Oil & Gas
      • Public Venues & Events
      • Rail
      • Research and Education Industry
      • Telecommunications
      • Utilities
    • advice-colleagues-communication-newIndustries
  • Services
      • Cybersecurity
      • Protective Security
      • Business Resilience
      • Building Security Consultants
      • Security Audits
      • Pandemic Planning
      • Electronic Security
      • IT Disaster Recovery Plan
      • Security Consultants
      • CCTV and Security Cameras
      • Duress Alarms
      • Security Risk Assessment Consultants
      • Managed Security Service Provider
      • Protection against Vehicles as a Weapon
    • training-1Services
  • Solutions
    • banner-menuUnisys Solutions
    • CTO-Blog-110619-Header-GraphicLookingGlass Solutions
    • menu-bg-2Dell Technologies (RSA) Solutions
    • Sightline-Visualization-menuSightline Solutions
  • Resources
    • menumanagers-dealing-customer-agreTraining
    • working-together-newJoin The Tribe
    • Webinars_3-1.jpgUpcoming and Past Events
    • hacking-detected-shutterstock_newResources
  • Articles
  • About
    • About Us
      We are an Australian owned and operated security company specialising in risk, cybersecurity, protective security, crisis and business continuity management services.
    • frequently-asked-questions-smallFAQ’s
    • bg-menu-government-institutionsConsultant Registration
  • Contact Us
Contact Us

Concern For Cybersecurity Across Government Agencies

You are here: Home / General / Concern For Cybersecurity Across Government Agencies

“The baseline adoption of the Essential Eight across the Australian Government still requires further improvement to meet the rapidly-evolving cyber security threat environment”.

The Commonwealth Cyber Security Posture in 2019 – Report to Parliament, March 2020

itNews recently reported that the Australian Signals Directorate’s (ASD) first cybersecurity posture report to Parliament this year highlights that more than 70% of government agencies are struggling to fully implement mandatory security controls.

The Federal Government has a list of eight essential strategies for baseline cyber security, of which the ASD’s top four mandatory mitigation strategies for Non-Corporate Commonwealth Entities (NCCEs) have been in place for the past seven years. The aim of these strategies is to avoid the majority of cyber threats.

The ASD report reveals that 73% of NCCE’s reported either “ad hoc” (13%) or “developing” (60%) levels of maturity in their 2018-19 protective security policy framework (PSPF) reporting. “Ad hoc” is the lowest score and indicates “partial or basic implementation and management” of the top four strategies. While a “developing” rating is better than “ad hoc”, it is still below the baseline maturity level for the relevant entities. Only 2% of NCCEs considered themselves “embedded” and “excelling at implementation of better practice guidance”.

The final PSPF report before the scheme changed in 2019 revealed that almost 40% of agencies had not fully-implemented the top four strategies. It also indicated that compliance with the top four had improved by only 3% between 2015-16 and 2017-18.

The report cites information from the Australian Cyber Security Centre’s cyber security survey, which shows that 50% of agencies had “progressed from partly to mostly aligned with the essential eight strategy on user application hardening” between 2018 and 2019.

More than 30% of agencies have also progressed from “partly” to “mostly aligned” with strategies around multi-factor authentication and configuring Microsoft Office macros. However, the ASD said that further improvement is required to mitigate risks from the rapidly evolving cyber threat environment. This includes 25 agencies that were assessed in the ASD’s uplift program in the wake of the state-sponsored cyber-attack against Parliament House.

The ASD concludes that “levels of cyber security maturity vary across the Australian Government. While the cyber security posture of Commonwealth entities continues to improve, entities remain vulnerable to cyber threats. Additional work is required for Commonwealth entities to reach a mature and resilient cyber security posture that meets the evolving threat environment”.

Agilient is one of Australia’s leading security consultancies, with extensive experience in assisting government agencies address complex, high-priority cyber challenges. Our IT security experts are readily available to assist you in implementing the Essential Eight mandatory cyber-risk mitigation strategies. Contact us today to discuss your organisation’s security requirements.

Author: Phillipa Lee

Tweet
Share

General ASD,  Australian government,  Australian Parliament,  Australian Signals Directorate,  cyber resilience,  cyber threat,  cybersecurity,  government,  PSPF

Looking for a security partner? Get in touch with Agilient.

Looking for practical and cost-effective security and risk solutions for your government department, agency or company? Speak with Australia’s leading senior security, risk and resilience experts.


Looking for a pandemic planning partner? Get in touch with Agilient.

Looking for practical and cost-effective risk management solutions for your government department, agency or company? Speak with Australia’s leading senior risk and emergency management experts.



Footer

Agilient is a proud member of

Ai Group Defence Council
Australian Industry & Defence Network
Australian Security Industry Association
Sydney Aerospace & Defence Interest Group

Company and Licensing Details:

ABN: 37 157 911 441
NSW Security Master Licence # 410783087
ACT Security Master Licence # 17502184
Vic Security Registration # 878-460-40S
Qld Security Firm Licence # 3834422

Join The Tribe

Sign up to receive our regular Agilient newsletter including the latest security, risk and resilience updates

Sign up now

Copyright © 2022 Agilient – Level 14, 275 Alfred St, North Sydney NSW 2060 Australia – 1300 341 692