Government offers cyber security ‘health checks’ for top 100 Aussie businesses
Keeps its national cyber security strategy promise By Holly Morgan (ARN) 09 November, 2016 14:21 http://www.arnnet.com.au/article/609903/govt-offers-cyber-security-health-checks-top-100-aussie-businesses/ The federal government is set to offer voluntary cyber-security ‘health checks’ for Australia’s top 100 ASX-listed companies, in partnership with the Australian Securities and Investments Commission (ASIC). A voluntary survey, The ASX 100 Cyber Health Check, was promised in the government’s $230 million Cyber Security Strategy, to gauge cyber security “awareness, capability and preparedness” among Australia’s big businesses. The appraisal process, based on the UK’s Cyber Governance Health Check for the FTSE 350 features an online questionnaire and an examination by Australia’s big four audit firms KPMG, EY, PwC and Deloitte. https://www.gov.uk/government/publications/cyber-governance-health-check-201516 Responses are anonymous and all participating companies will be given a confidential report gauging their progress, upon the assessment completion in mid-December. In March next year, a public report exploring the trends emerging from the data will be released. “The ASX 100 cyber health check has brought together government, regulators, and industry on an issue of critical importance to Australian business and the millions of investors who hold shares in Australian companies,” ASX group executive, Amanda Harkness, said in a statement. “The better-informed boards become, the more effectively they can assess their cyber security risks and opportunities, including identifying areas where improvement is required. Participation will reassure shareholders and the broader community that boards are actively engaged in addressing cyber issues.” According to the government’s Cyber Security Strategy, similar cyber security health checks will be open to other public and private companies, customised appropriately for organisation size and sector. The ASX 100 Cyber Health Check was developed by the Australian Securities Exchange, with the Australian Securities and Investments Commission, the Attorney-General’s Department and private firms KPMG, PwC, Deloitte and EY. The ASX 100 Cyber Health Check proposal follows findings of a study by the Australian National University’s National Security College (NSC) and Macquarie Telecom Group that found just 29 per cent of private sector business respondents would report cyber attack if they lost client data. http://www.arnnet.com.au/article/609605/govt-departments-weakest-links-national-cyber-security-defences/ Meanwhile, only 21 per cent of respondents cited legal obligations as a reason to report an attack, the report found. Sent: Saturday, November 5, 2016 6:54 PM Subject: [LINK] Cyber Security Strategy (Twitter Quote) Gai Brodtmann @GaiBrodtmannMP 23 hours ago Cyber Security Strategy has been out for 6 months 2 weeks. What has the Turnbull Government done? Written a letter. MEDIA RELEASE GAI BRODTMANN MP SHADOW ASSISTANT MINISTER FOR CYBER SECURITY AND DEFENCE MEMBER FOR CANBERRA APART FROM A LETTER, STILL NO ACTION ON CYBER SECURITY It's been six months and two weeks since the release of the Turnbull Government's Cyber Security Strategy. Despite being warned malicious actors could develop the means for a serious cyber attack on Australia within the life of this Parliament, what has the Turnbull Government done? They haven't appointed a Cyber Ambassador. They haven‘t spent the $2.7 million they allocated for this position in the 2016-17 Budget. They haven't relocated the Australian Cyber Security Centre. They haven't published the international engagement strategy. They haven't established the Joint Cyber Threat Sharing Centres. Instead, the Minister Assisting announced he will write a letter to Cabinet Ministers asking them to get their government agency heads to take "cyber security very seriously." In 2013. the Australian National Audit Office reviewed seven government agencies and found "the selected agencies had not yet achieved full compliance with the top four mitigation strategies mandated by the Australian Government in 2013." Government agencies were also reminded of this shortfall six months and two weeks ago in the Turnbull Government's own strategy. How can we expect our government agency heads to take cyber security "very seriously" when the Turnbull Government spends 18 months developing a strategy and six months and two weeks ignoring it. The true test of the Turnbull Government's commitment to cyber security was never going to be in the design of the Cyber Security Strategy, but in the implementation. It's spent six months and two weeks failing that test. FRIDAY, 4 NOVEMBER 2016. MEDIA CONTACT: VICTORIA ROBERTSON 0421 210 411 (End Quote) Cheers Stephen _______________________________________________ Link mailing list [email protected] http://mailman.anu.edu.au/mailman/listinfo/link _______________________________________________ Link mailing list [email protected] http://mailman.anu.edu.au/mailman/listinfo/link
