The NSW government-wide cyber security office will grow from around 25 to 100 staff, allowing it to assist small agencies and councils with their IT security needs for the first time.
Customer Service Minister Victor Dominello announced the significant expansion of the state’s central cyber office, Cyber Security NSW, on Wednesday.
It follows the government’s $240 million investment in cyber security over the next three years to secure systems, deploy new technologies and increase the government’s cyber workforce.
Dominello said $60 million of this would be used to create an army of cyber experts in the office, building on the last significant funding for Cyber Security NSW provided in 2018.
iTnews understands around 75 new positions will be created through the funding injection.
“The $60 million is not only a four-fold increase in spending on cyber security but allows Cyber Security NSW to quadruple the size of its team in the battle against cyber crime,” Dominello said.
“Cyber Security NSW will train the next generation of cyber security experts and ensure there is a cross-government coordinated response, including advance threat intelligence sharing, cyber security training and capability development.”
“This will further ensure NSW has world-class cyber security infrastructure to protect the government services of the future.”
Cyber Security NSW is responsible for the government’s cyber security policy, lifting cyber hygiene across agencies and working with emergency management to ensure cyber readiness.
It also operates the government's new cyber security vulnerability management centre in Bathurst, which will provide increased awareness of vulnerabilities in internet-facing services and assets.
But the increase in staff will also allow Cyber Security NSW, which sits in the Department of Customer Service, to extend support to small agencies and councils, boosting the state’s cyber defences.
Acting chief cyber security officer and executive director Charlotte Wood said “it is important to increase capability across the whole of the state”.
“Councils provide us all with important online services and we must ensure the capability of councils is increasing at the same time as NSW government’s capability is increasing,” she said.
Earlier this month, the NSW parliament opened a cyber security inquiry following a series of cyber attacks that reportedly prompted Prime Minister Scott Morrison’s cyber security warning to the nation in June.
The inquiry will also consider the government's cyber security policy, which mandates that agencies implemented the Australian Signals Directorate's essential eight controls.
However, as the NSW auditor revealed last year, the majority of agencies reported low levels of compliance with the essential eight, leading the auditor to warn that cyber resilience needs “urgent attention”.
Cyber Security NSW is currently in the process of developing the state’s next cyber security strategy, which is slated for release in September.