Home / Cybersecurity / Geoscience Australia pledges to improve cyber security – Computerworld Australia

Geoscience Australia pledges to improve cyber security – Computerworld Australia

Geoscience Australia says it has developed a new strategy to implement key cyber security mitigation strategies.

The organisation said its ‘Security Improvement Program’ (SIP) is internally funded and scheduled for completion in June 2020. That program includes application whitelisting, a focus on application and OS patching, and restricting administrative privileges on its systems — which together comprise the ‘Top 4’ mandatory security measures developed by the Australian Signals Directorate (ASD).

In addition Geoscience Australia had said it will take a “risk based approach” and employ an ASD-developed maturity model when it comes to implementing the other measures that together with the Top 4 comprise the so-called ‘Essential Eight’ (locking down Microsoft Office macro settings, user application hardening, implementing multi-factor authentication, and daily backups of critical information).
The efforts to strengthen the agency’s security posture followed an audit released in mid-2018 that concluded Geoscience Australia was “vulnerable to cyber attacks” and had failed to implement any of the ASD’s Top 4.

The Top 4 have, in theory, been mandatory for Commonwealth entities since April 2013. According to the ASD, the strategies are capable of preventing 85 per cent of the security incidents it responds to.

The Geoscience Australia SIP also covers vulnerability management, governance and architecture, people and culture, and technical controls.


Source link

About admin

Check Also

Cybersecurity Company Can Offer Discounted Services to Campaigns, FEC Rules – Security Today

Cybersecurity Company Can Offer Discounted Services to Campaigns, FEC Rules A California-based company has been …

Leave a Reply