iTnews

Victoria unveils new cyber incident management plan

By Matt Johnston on Aug 2, 2019 12:16PM
Victoria unveils new cyber incident management plan

Details public sector response to incidents.

The Victorian Department of Premier and Cabinet has released a new cyber incident management plan (CIMP) to coordinate the public service’s response to the 1900 cyber attacks it faces each day.

Chief information security officer, John O’Driscoll, said these attacks come from a mix of state actors, cyber criminals, political ‘hacktivists’, and “online vandals” at a rate of about one attempted attack every 45 seconds.

The new CIMP, as part of the state’s broader cyber incident management framework, supports government agencies’ existing response plans and connects them with Victoria’s inter-jurisdictional emergency management arrangements, O'Driscoll said.

The plan defines four categories of cyber event based on severity:

  • Cyber Event – suspected or unsuccessful attempt to compromise with no business impact
  • Cyber Incident – compromise with minor impact
  • Significant Cyber Incident – compromise with limited or major impact
  • Cyber Emergency – serious or exceptional compromise with community consequences.

It also outlines organisations’ obligations in response to an incident and defines protocols for intelligence and information sharing.

However, the department said the CIMP does not replace an organisation’s existing infosec plans, policies or procedures.

“Rather, you should update existing documents to align with the CIMP,” the department said.

It applies to all of the state’s public sector bodies, however, local governments are exempt (although strongly encouraged to apply the plan anyway).

Under the plan, organisations are required to prepare for a cyber attack by:

  • Creating their own cyber incident response plans
  • Establishing a cyber incident management team
  • Practicing responses to cyber incidents with the incident management team.

Whole-of-government responses to cyber incidents will be managed by the by the Cyber Incident Response Service (CIRS) with the Department of Premier and Cabinet, which is also available to help out other organisations manage their own cyber incidents.

The department said 90 percent of government organisations experienced a cyber incident between 2017 and 2018, most of which centred around phishing attempts and malware.

Three quarters of the Victorian public service also reported some level of system or service disruption from cyber incidents during the same period.

Got a news tip for our journalists? Share it with us anonymously here.
Copyright © iTnews.com.au . All rights reserved.
Tags:
cimp ciso governmentit security state government strategy victoria

Partner Content

COVID-19 has increased the price of used IT gear
Partner Content COVID-19 has increased the price of used IT gear
What is Chaos Engineering? The art of breaking things purposefully
Partner Content What is Chaos Engineering? The art of breaking things purposefully
Four reasons to upgrade your business to fibre internet
Partner Content Four reasons to upgrade your business to fibre internet
The push to move Teams users to cloud telephony
Sponsored Content The push to move Teams users to cloud telephony

Sponsored Whitepapers

Forrester's Asia Pacific Predictions 2021 Guide
Forrester's Asia Pacific Predictions 2021 Guide
Adopting a Next-Generation Data Security Approach
Adopting a Next-Generation Data Security Approach
How to be a SOAR winner
How to be a SOAR winner
3 steps to a well-rounded cybersecurity plan
3 steps to a well-rounded cybersecurity plan
Learn IT Service Management (ITSM) best practises
Learn IT Service Management (ITSM) best practises

Events

  • [Watch] Fulfilling the Promise of SD-WAN
  • On-Demand Webinar: How Poly and Microsoft are Embracing Future Work Environments
  • Live Event: A Paperless Business
  • Corporate Risk and Fraud Detection - How to protect payments from fraud, featuring fireside chat with Bank of New Zealand
  • Ceridian INSIGHTS - Experience the future of HR - Virtual Event
By Matt Johnston
Aug 2 2019
12:16PM
0 Comments

Related Articles

  • Victoria Health creates CISO role
  • Ministers push to keep digital ID systems uniform
  • Victorian Electoral Commission overhauls cyber for future capability
  • Three states complete national face matching database upload
Share on Twitter Share on Facebook Share on LinkedIn Share on Whatsapp Email A Friend

Most Read Articles

NBN Co reveals first locations with an FTTN upgrade path to full fibre

NBN Co reveals first locations with an FTTN upgrade path to full fibre
Toll Group still mopping up after ransomware attacks

Toll Group still mopping up after ransomware attacks
SpaceX pegs initial Starlink internet price at US$99 per month

SpaceX pegs initial Starlink internet price at US$99 per month
NBN Co sets a low bar to qualify for a full-fibre upgrade

NBN Co sets a low bar to qualify for a full-fibre upgrade
You must be a registered member of iTnews to post a comment.
Log In | Register
All rights reserved. This material may not be published, broadcast, rewritten or redistributed in any form without prior authorisation.
Your use of this website constitutes acceptance of nextmedia's Privacy Policy and Terms & Conditions.