Govt to tell agency chiefs to fix cyber security

The Turnbull government has promised to press agency chiefs to shore up their IT security after a report found government departments were the "weak link" in the country's national defences.

Research commissioned by Macquarie Telecom and undertaken by the National Security College found management and boards of government agencies and mid-size businesses were falling "dangerously short" in cyber security management and awareness.

The NSC surveyed 22 government agencies and 36 medium-sized businesses, finding "widespread weaknesses" in security practices and understanding.

It found almost half of the boards it surveyed "rarely or never" discussed cyber security, and 30 percent "never" received reports on cyber security threats to their business. Only 21 percent said they would report a data breach, even if they were legally required to.

Similarly, 41 percent of surveyed government agency leadership teams considered their awareness and understanding of cyber security "inadequate", the report found.

Agency heads rarely reviewed cyber security risks, and none of those surveyed reported doing so monthly, according to the research.

In launching the report, cyber minister Dan Tehan said the government would contact department heads to urge them to improve their security awareness and management.

"What I'll be doing is writing to all cabinet ministers asking them to point out to their departmental and agency heads the need for them to take cyber security very seriously," he told the ABC.

"[I will stress] the need for them to make sure that there is reporting occuring at senior levels of the executive and that there is someone responsibile at senior levels of the executive for cyber security."

The report found while 84 percent of surveyed agencies had a role dedicated to cyber security, only 64 percent of those positions sat on the executive team or board.