WA govt CIO office given stronger cyber mandate

The WA government’s CIO office will pick up a stronger cyber security remit to address poor public sector infosec practices highlighted in a series of damning audits.

At a budget estimates hearing last week Department of Premier and Cabinet (DPC) director general Darren Foster said the office would be given a “specific [cyber security] mandate” as part of its upcoming realignment.

“The intention is that this office will morph into an entity that has a stronger cyber security focus,” he said.

“This picks up issues that were identified in the service priority review – the need to have greater attention to issues such as cyber security and data sharing.”

He said the purpose of the office has primarily revolved around the procurement of ICT since being created by the former Barnett government in 2015.

This month’s state budget revealed that the office would be transferred from the Department of Finance to DPC from July 1 this year.

At the time the government said this would provide “a stronger mandate for the government’s digital transformation and ensure that ICT performance, data sharing and cyber security are strengthened”.

Foster said placing focus on cyber security was in response to “regular reports over a number of years by the auditor general about the need to strengthen cyber security across the sector”.

The most recent audit report showed agencies continue to struggle with the same common information system weakness "year after year", including poor password management and unpatched systems.

The state’s first IT minister David Kelly told iTnews in August that cyber security would be one of the first issues the government would look to address.