Cybersecurity is the current buzzword across the Australian Public Service with heightened awareness over the threat of data breaches ramping up protective measures.
But while APS leaders are cautioning all agencies to be vigilant, the risk factor is escalating.
A lack of data expertise in the public sector is causing alarm, with some agency heads expecting the worst is yet to come.
The renewed push over cybersecurity follows the recent data attack on Optus affecting millions of Australians.
But there had already been a number of serious cyber attacks on federal government departments.
Most have been unsuccessful due to active monitoring, but data breaches have been detected across numerous agencies.
However, recent findings from the ExtraHop Cyber Confidence Index Asia Pacific Report 2022 revealed most organisations (private and public) breached by ransomware had not publicly disclosed the attacks.
ExtraHop’s Rohan Langdon said organisational leaders were becoming more accountable for data breaches and needed to be better educated in cybersecurity risks.
“High levels of fear around the security implications of legacy environments, and the very real threat of multiple breaches a year, is a reminder of just how quickly cybersecurity postures can become outdated and vulnerable,” he said.
“Defenders need tools that can track attacker activity across cloud, on-premises, and remote environments so they can identify and stop an attack before it can compromise [the organisation].”
For the public service, the fear is real and growing.
“It has the potential to get a little out of control,” one senior APS boss told Region.
“There is a real risk of a major incident occurring. Part of the problem is we don’t have enough specialists to deal with the growing threats.”
Another APS contact said finding people to fill data specialist roles was a “significant problem” for the sector.
“Data specialists don’t really exist in Canberra and they don’t want to come to Canberra,” the contact said.
Department of Finance Secretary Jenny Wilkinson told public servants last week that cybersecurity had to be an elevated priority to match the elevated risk.
“Cybersecurity is essential. It’s not optional,” she said.
“[The Optus incident] is a reminder that we need to not just have the governance in place, but also actually be using different methods to robustly test our systems.
“We have to be clear: you can never remove all the risks.”
International cooperation over cybersecurity is also improving, as friendly countries explore ways of tackling the threat together.
Prime Minister Anthony Albanese has this week discussed the issue with his Singapore counterpart Lee Hsien Loong.
It was also a noted feature of the recent AUKUS anniversary where Mr Albanese said Australia, the United Kingdom and the United States had made “significant strides” in cooperation over cyber threats from unfriendly actors.
Taiwan has been lobbying for other nations to take note of its example in dealing with cyber crimes, asking Interpol to embrace it and learn from its lessons.
In a recent speech, Taiwan’s Criminal Investigation Bureau commissioner Hsi-ho Li said transnational crime often involved multiple countries and areas, which could hinder investigations.
“In the post-pandemic world, criminal tactics will continue to evolve and new methods will emerge. In investigating new forms of criminal activity, experience is invaluable,” he said.
“Taiwan is willing to share its experience in solving crimes. Today, telecommunications and cyber fraud are conducted across borders and transnational crime rings are organised and departmentalised.
“This poses a challenge to the sovereignty of nations and undermines livelihoods, economies, and law and order. Taiwan is keen to exchange intelligence with partners and assist other countries in staving off threats from overseas and combating organised crime within their borders.”