SA govt targets rising cyber incidents in new strategy

The South Australian government has given itself 12 months to reduce the number of IT security incidents suffered by agencies as part of its new cyber security strategic plan.

The Department of the Premier and Cabinet quietly released the three-year strategy on Thursday, with the intention of strengthening the state's cyber security posture. 

SA's first-ever chief information security officer David Goodman has been working since last April to create a whole-of-government approach to cyber security, and provide clear lines of accountability.

The strategy outlines an ambitious work program - the vast majority of which is planned for the next 12 months - to tackle a rising number of cyber security incidents reported across government, which climbed from 319 in 2014 to 1098 in 2017.

It hopes to reduce the "number and impact of security incidents related to online and digital delivery of services by 2019", and have "full mandatory integration of security considerations" by 2020.

"Given the South Australian government’s critical role in service delivery, it is imperative that state infrastructure, digital assets and citizen information are adequately safeguarded against the ever-increasing incidence of cybercrime and espionage," the plan states.

The government has already established a whole-of-government cyber security governance sub-committee, and plans to immediately undertake an independent government-wide cyber security assessment to develop baseline metrics for cyber security.

It is also eyeing a review of current cyber security polices as well as its top 10 cyber resilience and preparedness objectives by June.

“With most agencies connected to a single network, an incident in one agency has the potential to rapidly affect all agencies, putting citizens services at risk,” the plan states.

“Fortifying internal policies and practices will help address this vulnerability.” 

The government will establish a cyber security operations centre by June 2019, while continuing to develop its ‘watch desk’ facility, which provides “timely and accurate cyber threat and intelligence information”.

It will create a ‘marketplace’ or ‘kiosk’ to achieve savings in the procurement of essential cyber security tools/services, and develop an external/internal vulnerability scanning and assessment capability by 2020.

A government-wide approach for the management of contractual cyber security risks will similarly be developed, while cyber risks are integrated within wide enterprise risk management processes.

The strategy also aims to boost cyber security skills within the public sector to ensure it can properly respond to significant cyber security incidents.

Programs such as a cyber security professional career path for government will also be established in partnership with academia and industry.

Regular cyber crisis planning, preparedness and response exercises will also be undertaken by government.