Audit: NSW unis facing significant cyber risks | Technology Decisions

Audit: NSW unis facing significant cyber risks | Technology Decisions

Australian Information Security Audit Report June 12 2019

NSW unis facing significant cyber risks

Reported in: Technology Decisions

Universities across NSW are exposed to cyber attacks due to significant deficiencies in IT internal controls, an audit has found.

An audit of 10 universities conducted by the state’s Auditor General also found that three universities are still developing a strategy to safeguard against cybersecurity risks, and two have yet to establish a recovery plan following a cyber attack.

According to the report, 51 of the 99 internal control deficiencies identified in the audit are related to IT, and these deficiencies can represent significant vulnerabilities for the universities.

No university had implemented all of the Australian Cyber Security Centre’s Essential Eight threat mitigation strategies. Most universities have adopted measures including regularly patching operating systems (10 universities), restricting and reviewing administrative privileges (nine), checking and applying security patches (eight) and conducting daily backups (seven), and disabling or restricting Office macro settings (six).

About The Author

Steven Kirby

I provide independent and practical consultancy services through raising awareness and fostering the energy for change that delivers improved business management of information security governance, risk and compliance.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

More Australian News

Click on the image for more

Dad's Password
Shares
Share This