McGowan Government to address cyber security neglect

Wednesday, 28 June 2017

• ​Revised Digital Security Policy for WA public sector launched
• New policy falls in line with international ICT security standards
• For eight years, the previous government failed to address weaknesses in IT systems

The McGowan Labor Government has launched a revised whole-of-government Digital Security Policy for the Western Australian public sector.

Premier Mark McGowan this week wrote to all Ministers to request they speak with their departments and discuss implementation of this updated policy as an issue of high priority.

The updated policy, developed by the Office of the Government Chief Information Officer, is supported by guidance and tools that will help public sector agencies protect themselves against cyber threats.

It requires agencies to continuously improve their security practices and aligns with an internationally established standard for creating Information Security Management Systems (ISO 27001).

The updated policy follows eight annual Auditor General reports which found weaknesses in government agencies' ICT practices. For more information, visit https://audit.wa.gov.au

Comments attributed to Innovation and ICT Minister Dave Kelly:

"The McGowan Labor Government understands the rising threat cyber security attacks pose to the public sector and community, and are working with government agencies to address them.

"For eight years, the previous Liberal National Government failed to address damming Auditor General reports which demonstrated many government agencies had insufficient security governance and procedures.

"In May 2017, the 'WannaCry' malware outbreak affected an estimated 200,000 computers across 150 countries worldwide.  As we release this policy today, there has been another major cyber security attack from the 'Petya' ransomware, affecting businesses and governments around the world.

"So far this morning there have been no known successful attacks on the WA Government, but it is still early.

"WA avoided a serious breach last time, and the security updates put in place by government agencies should also protect against this new 'Petya' ransomware.

"These ongoing attacks demonstrate the seriousness of the situation and the importance of ensuring WA Government agencies are on the front foot in preventing successful attacks.

"We are committed to building a capable public sector that manages risk and delivers benefits."