8 June 2012

95% of ACT Government IT systems without the required System Security Plan

| johnboy
Join the conversation
9
matrix

The Auditor-General’s report on Whole-of-Government Information and Communication Technology Security Management and Services paints a generally rosy picture of the ACT Government’s IT security.

But It worries us that attacks defended headlines the conclusions:

The protection of the ACT Government network is robust. Shared Services ICT Security Section’s security regime has successfully defended against over one million attempts to access the ACT Government’s network in the nine month period to 31 March 2012

The router on your home network from Dick Smith probably defended a similar number of “attempts” in the last year.

The problem with IT security is it’s not the attacks you can see that you need to worry about. Indeed in military info-war exercises easily defeated and clumsy intrusion attempts are frequently used as a distraction from the real attack. (this is itself a failing of the tight windows of exercises a real world attack might well prefer complete stealth at an unexpected hour)

More worrying is this bit at the end of the conclusions.

Despite it being a requirement, only 5% of the ACT Government’s 1025 information management systems have a system security plan; and even fewer, some 2.24% have a threat and risk assessment. The reasons for this were not able to be ascertained. This is an issue that needs to be addressed.

Hand held devices, known as ‘portable platforms’ that can access the ACT

Government networks and the internet are proliferating. New or amended policies to govern the use of new technologies are required as a matter of priority.

The ACT Government does not have an electronic records management system. The need for such a system is likely to increase.

[Photo by Patrick Hoesly CC BY 2.0]

Join the conversation

9
All Comments
  • All Comments
  • Website Comments
LatestOldest
steveu4:00 pm 09 Jun 12

Duffbowl said :

$15k/system for a TRA? You’re getting ripped off.

Im sure they are.

Reply
Duffbowl12:14 pm 09 Jun 12

steveu said :

Cue an expensive consultancy to knock up cookie cutter TRA (Threat and Risk Assessment) papers (apx $15K per system) and policy documents for these systems.

$15k/system for a TRA? You’re getting ripped off.

Reply
Deref11:58 am 09 Jun 12

The people who work in IT Security in ACT gubmint are very smart and very competent.

Unfortunately they don’t make the decisions.

Reply
switch9:54 am 09 Jun 12

steveu said :

You could assume from this that they have spent their money on the technical systems themselves, instead of having some public servant draft up pieces of paper that people ignore…

Most of the technically able people I work with who need to get things done NOW have long since given up on the 6+ week process it seems to take for approval of the simplest things and use their own private solutions.

Reply
steveu8:23 am 09 Jun 12

You could assume from this that they have spent their money on the technical systems themselves, instead of having some public servant draft up pieces of paper that people ignore could be a good thing. Surprising given the number of Chiefs/Project managers doing their micro political dances around the few little Indians (techos) at IntACT.

Cue an expensive consultancy to knock up cookie cutter TRA (Threat and Risk Assessment) papers (apx $15K per system) and policy documents for these systems.

Reply
POK6:57 pm 08 Jun 12

The mobile devices thing is probably execs wanting to bring their flashy toys to work. The need to keep within DSD approved guidelines doesn’t apply above a certain level. Just a pity that when the s*** hits the fan its never the guy who wanted to use his iTem that cops it.

Reply
JimCharles12:57 pm 08 Jun 12

How do “portable platforms” access the ACT network?
Are they saying that they have no security policy or standards for mobile device usage within the service itself, or for the general public to access ACT Govt. information? Or both.

Reply
johnboy11:38 am 08 Jun 12

Bluey said :

False. They have one its just not
a) centralised
b) universally used
c) given any thought and/or care.

But they do certainly have licenses for a certain records management system, ive installed it for them all over the place.

well, that would be the all important singular “an”!

Reply
Bluey11:28 am 08 Jun 12

The ACT Government does not have an electronic records management system.

False. They have one its just not
a) centralised
b) universally used
c) given any thought and/or care.

But they do certainly have licenses for a certain records management system, ive installed it for them all over the place.

Reply

What's Trending

Community1

Calling all heavy lifters: the Bookfair needs you

Linny Hawkins3 hours ago

oh dear and here I thought we could pack all of our things and be ready for the move... gunna have… View

Join the conversation
Opinion21

Dental should be covered by Medicare, and that's the tooth

Jorge Alex6 hours ago

Lynn Stape everything in moderation View

Lynn Stape6 hours ago

Jorge Alex actually over brushing and over flossing causes it's own problems re dental... just… View

Lynn Stape6 hours ago

👍 agreed... as an oldie I would like to see younger generations not have to struggle with this… View

Join the conversation
Lifestyle2

It's seven years since Norman Sanders' ashes set sail from the South Coast. Where is he now?

billyates19557 hours ago

Happy Trip, Captain Norman. View

John Holmes1 day ago

Great story. RIP Norman View

Join the conversation
Sport3

Wanniassa High hockey hopeful sets sights on the Brisbane Olympics

Scott Lowe3 hours ago

Such a talent for hockey act View

Amy Fletcher Trotman3 hours ago

Brilliant!! ❤️🙌🏻 View

Rebecca Hohnberg3 hours ago

So talented, you’re gonna smash it baby! View

Join the conversation
News

New documentary: SAS soldiers on why they feel betrayed after risking their lives for their country

By Oliver Jacques
42
Courts & Crime

Prominent Canberra doctor refused bail over alleged abuse of four women

By Albert McKnight
News

Last chance to see the brightest comet of the year for at least 100,000 years

By James Coleman
4
Food & Wine

This bakery wants you to try its croissants for free, every day of the year

By Hannah Sparks
Start the conversation
News

Get ready: Start date revealed for Light Rail Stage 2A construction

By Ian Bushnell
32
News

Canberra's little dragons are making a big comeback

By James Coleman
4

Featured Properties

Zango Logo

Today's Poll

How has your experience with MyWay+ been?

View Results

Loading ... Loading ...
Explore 'Probing the Polls'

Featured Businesses

Mortgage Brokers

Clarity Home Loans

A passionate team of Canberrans helping other Canberrans secure their home loans. No frills, no commissions, no brainer.

Find out more

Electricians

True Connection Electrical

Since 2014, True Connection Electrical have been servicing residential and small commercial clients with reliable, trustworthy and top-quality electrical work.

Find out more

Lawyers

BDN Lawyers

BDN has provided legal services to to Canberra, Queanbeyan and the region for over 160 years.

Find out more

Community Club

Canberra Southern Cross Club

We're proud to give you a place where friends and family can come together for good food and great entertainment.

Find out more

Lawyers

MV Law

Through a spirit of entrepreneurialism, collaboration, and future-forward thinking, MV Law have earned an industry-leading reputation.

Find out more

Insurance Brokers

allinsure

Allinsure has been a trusted insurance advisory to thousands of Australian business owners for almost 20 years.

Find out more

Lawyers

Kamy Saeedi Law

When you need a criminal or commercial lawyer, you don’t want to take any chances. You want someone in your corner that you can trust like your life depends on it - because it does.

Find out more

Professional Services

RSM

We share skills, insight and resources, as well as a client-centric approach that's based on a deep understanding of your business.

Find out more
View the best of Canberra

What's On

Round 14 WNBL: UC Capitals v Sydney Flames
View all upcoming events

Related Stories

ACT Government cyber security breach suspected to originate in China

ACT Government cyber security breach suspected to originate in China

18 June 2023 | By Lizzie Waymouth
1
Personal details and ACT government information potentially accessed in cyber security breach

Personal details and ACT government information potentially accessed in cyber security breach

8 June 2023 | By Claire Fenwicke
1
New cyber NGO targets capability building, security awareness

New cyber NGO targets capability building, security awareness

10 October 2024 | By Chris Johnson
Start the conversation
ACT confirms 'no definitive evidence' information was removed or misused in cyber security breach

ACT confirms 'no definitive evidence' information was removed or misused in cyber security breach

29 June 2023 | By Lizzie Waymouth
1
ACT Government's 30 per cent tree canopy goal in trouble, audit finds

ACT Government's 30 per cent tree canopy goal in trouble, audit finds

23 February 2024 | By Ian Bushnell
35
Security efforts now extend far beyond agencies directly involved in national intelligence, says PMC boss

Security efforts now extend far beyond agencies directly involved in national intelligence, says PMC boss

16 April 2024 | By Chris Johnson
Start the conversation

Daily Digest

Want the best Canberra news delivered daily? Every day we package the most popular Riotact stories and send them straight to your inbox. Sign-up now for trusted local news that will never be behind a paywall.

By submitting your email address you are agreeing to Region Group's terms and conditions and privacy policy.