iTnews

Political parties to get cyber subsidy for electoral databases

By Justin Hendry on Jul 10, 2018 6:50AM
Political parties to get cyber subsidy for electoral databases

Govt wants ASD top 4 in place.

Australia’s four major political parties have been granted $300,000 to shore-up their systems following Russia's alleged cyber interference in the 2016 US election.

The funding will be made available to the parties in the form of voter information protection grants that will be administered by the Department of Finance over the second half of 2018.

The Liberal, Nationals, Labor and Greens parties will use the grants to “improve security of their constituent management systems and associated data, including information pertaining to the electoral rolls and voter information”.

The funding follows a series of briefings on the security threat to Australia’s elections between Australian Signals Directorate (ASD) and party leaders in early 2017.

The briefings were called for by Prime Minister Malcolm Turnbull in the wake of widespread accusations of Russia meddling in the US national vote.

"You can have flaws in the hardware that provide vulnerabilities, flaws in the software, and as I often say is the biggest vulnerability is the warmware, the humans making mistake, or taking information as Edward Snowden did," Turnbull said at the time.

He also pointed to the ASD’s “very good” cyber principles as a means to “practise good cyber hygiene”.

The government has since been considering whether to give the political parties additional resource to defend against cyber intrusion on a needs basis, according the Australian Financial Review.

Each party will receive up to $75,000 to help work towards implementing either ASD’s top 4 or essential eight cyber mitigation strategies “to at least maturity level 3”.

However there is an expectation that “the top 4 should only be implemented if implementation of the essential eight is not feasible”.

The essential eight are now considered the baseline for cyber security by the ASD, but there is acknowledgement that this can be difficult “depend[ing] on the scale of IT infrastructure and security challenges faced”.

Funding is expected to be spent on security assessments or technical investigations into the cyber security posture of systems or health checks against the top four or essential eight, rather than third party commercial software solutions.

Political parties, unlike government agencies, currently aren't required to implement the top four. They’re also not covered by the Privacy Act.

This is despite systems like the Liberal party's Feedback database - or newer i360 campaign monitoring tool - and Labor's Campaign Central software increasingly being used to target voters and reduce the legwork for campaign volunteers.

These systems hold basic personal data from electoral roles like names, addresses, and phone numbers, as well as other information sourced by the party such as data scraped from social media.

The Australian Electoral Commission is also in the process of examining its core electoral systems to identify any vulnerabilities ahead of the next federal election.

Got a news tip for our journalists? Share it with us anonymously here.
Copyright © iTnews.com.au . All rights reserved.
Tags:
aec asd election security strategy

Partner Content

Setting a path to self-funded mainframe-to-cloud modernisation with Micro Focus
Promoted Content Setting a path to self-funded mainframe-to-cloud modernisation with Micro Focus
Why companies fail at picking cloud modernisation partners
Promoted Content Why companies fail at picking cloud modernisation partners
Tackling cybersecurity in 2021
Partner Content Tackling cybersecurity in 2021
Shut the door on ransomware
Promoted Content Shut the door on ransomware

Sponsored Whitepapers

Move beyond passwords
Move beyond passwords
The top 5 tech trends to deliver business outcomes
The top 5 tech trends to deliver business outcomes
10 reasons why businesses need to invest in cloud security training
10 reasons why businesses need to invest in cloud security training
Your guide to application security solutions
Your guide to application security solutions
State of Software Security: Open Source Edition
State of Software Security: Open Source Edition

Events

  • On-Demand Webinar: How Poly and Microsoft are Embracing Future Work Environments
  • [iTnews and Micro Focus] Navigating the cloud modernisation minefield
By Justin Hendry
Jul 10 2018
6:50AM
0 Comments

Related Articles

  • AEC preps election IT systems overhaul for market
  • Govt bankrolls election systems rebuild
  • Govt has never considered a bug bounty program, says ASD
  • Electoral systems evade cyber-attack during federal poll
Share on Twitter Share on Facebook Share on LinkedIn Share on Whatsapp Email A Friend

Most Read Articles

TPG Telecom to start enticing NBN customers to move

TPG Telecom to start enticing NBN customers to move

Infosys scores another $40m for Centrelink payments engine build

Infosys scores another $40m for Centrelink payments engine build

Telstra InfraCo opens up telco's own fibre network

Telstra InfraCo opens up telco's own fibre network

Transport for NSW data stolen in Accellion breach

Transport for NSW data stolen in Accellion breach

You must be a registered member of iTnews to post a comment.
Log In | Register
All rights reserved. This material may not be published, broadcast, rewritten or redistributed in any form without prior authorisation.
Your use of this website constitutes acceptance of nextmedia's Privacy Policy and Terms & Conditions.