9 November 2021

New cyber security solution to counter threats to the ACT public service

| Ian Bushnell
Join the conversation
Michael Harris

Auditor-General Michael Harris urged agencies to speed up work to secure their computer systems. Photo: Supplied.

The ACT Government is beefing up its defences against potential cyber-attack with a new three-year contract for a cyber incident response solution.

The Chief Minister, Treasury and Economic Development Directorate has contracted Canberra-based specialist cyber security company DGplex to provide a cyber incident response solution that will enhance the government’s ability to detect and respond to cyber threats and protect its information assets.

The system will oversee government services such as cloud platforms, and through modern capabilities, including artificial intelligence, it will augment and improve the current ability to detect and respond effectively to cyber threats.

The $2.3 million contract comes in the wake of audit reports last year that found the government was falling short on cyber security and was vulnerable to hacking, fraud and the loss of data.

Last month’s Budget also allocated $10 million over four years to establish a new Cyber Security Centre to improve its resilience to potential cyber-attacks and better protect the government ICT network.

In 2019, a cyber attack stole thousands of public servants’ contact details.

According to the contract, the solution should mean broader support for capturing security information from applications, infrastructure and cloud systems, providing richer information such as understanding the difference between a personal or work-based device, location of access, or type of account being used.

It should also save time and resources for already stretched staff, sorting benign events from higher-risk incidents with far greater accuracy and prioritisation.

When a high-risk activity is detected, an automatic response should deliver corrective actions in near real-time to reduce its impact.

DGplex will be required to provide quarterly reports detailing breaches and actions taken to remedy them and prevent them from recurring, and a summary of the usage and growth patterns to forecast possible future costs.

It will also have to provide a road map and planning for better functionality each quarter, including any guidance the government may need.

Last year, the ACT Audit Office reviewed government agency controls over its computer systems as part of its annual financial audits and identified weaknesses in how they are operated and administered, and urged agencies to speed up work to secure them.

Auditor-General Michael Harris said these weaknesses exposed the ACT Government’s systems and data to higher than necessary risks which could lead to errors and fraud, unauthorised access to sensitive information, cyber security attacks, loss of critical data, and the inability to promptly recover systems in the event of a significant disruption or disaster.

He said the weaknesses related to how user access to the ACT Government network and applications is managed; the take-up of application whitelisting, a technique used to only allow authorised applications to operate on systems; and the monitoring of appropriate user activity.

In a separate report, Mr Harris also found that the government’s cybersecurity policy was lacking, with low data security awareness among staff.

Join the conversation

All Comments
  • All Comments
  • Website Comments
privatepublic5:57 pm 09 Nov 21

This type of security has been in place within the Federal Government since the early 2000’s either inhouse and or service provisioned. Makes me wonder that most of the ACT GOV ICT should have been outsourced years ago without the assistance of unions ACT.

When they are talking a 10 Million Cyber Security Centre, this appears to be low money wise. The ACT GOV is paying peanuts and they will receive trained monkeys at the 10 Million rate. Outsourcing with a reputable company with an ASIO T4 cleared SOC (Baseline and NV1 possibly NV2) at 10 Million a year in the initial phase would be more appropriate.

A normal SOC without the administration and design experts with leased co-located hardware and software would require a team of three personnel per shift on a 12 hour rotational shift. Eight hour shift cost more, hence the requirement would would be a team of 12 or more. Average SOC mid to senior techs in the private world are paid anywhere within the range of 120-180+ k.

The math do not add up, staff turnover may end up being high as I cannot see the ACTAPS paying any shift tech more than a ASO6 wage plus shift allowance and extra annual leave. Once they are trained up, off they go…

Agree with you regarding 10 million being a drop in the ocean for what ACT really need.

Disagree strongly regarding what the Federal Government has in place.

The ANAO has been reporting ongoing cyber security shortcomings across Federal departments over the last few years. The bulk of them haven’t implemented the essential eight yet and their budgets dwarf what the ACT can spend.

Daily Digest

Want the best Canberra news delivered daily? Every day we package the most popular Riotact stories and send them straight to your inbox. Sign-up now for trusted local news that will never be behind a paywall.

By submitting your email address you are agreeing to Region Group's terms and conditions and privacy policy.