Select Page

Audit: Dozens of NSW councils still without basic cyber security controls, audit finds | iTnews

Audit: Dozens of NSW councils still without basic cyber security controls, audit finds | iTnews

Australian Audit Fail May 28 2021

Dozens of NSW councils still without basic cyber security controls, audit finds

Poor management of cyber security at 58 of the state’s 128 local councils, nine county councils and 13 joint organisations

NSW Audit Office Report: Report on Local Government 2020
Reported in: Audit: Dozens of NSW councils still without basic cyber security controls, audit finds | iTnews
Read more Audit Reports

More than a third of local councils across NSW are still without basic internal controls and governance arrangements for cyber security, the state’s auditor-general has revealed. Highlighted in the report:

  • Bellingen Shire Council was singled out in the report for its lack of a cyber risk framework and policy (a repeat finding), as was Maitland City Council for having gaps in its cyber security controls.
  • Newcastle City Councils was similarly found to have no formal IT policies and procedures for cyber security, as well as access management and incident management.
  • Maitland City Council and Newcastle City Council were also found to have no cyber security awareness program.

While the result is an improvement on last year, when 80 percent of councils were found to have no formal cyber security policy, the audit highlights the ongoing struggle to address IT security risks.
09/10/2020 Audit: NSW govt blasted for failing councils on cyber security | iTnews

The audit notes that while there is no requirement for councils to comply with the NSW government’s cyber policy, “councils may find it useful to refer to the policy for further guidance”.

About The Author

Steven Kirby

I provide independent and practical consultancy services through raising awareness and fostering the energy for change that delivers improved business management of information security governance, risk and compliance.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Please follow the Source link to the original article to support the content owner. We only provide a brief summary with metadata to assist in categorisation.

More Australian News

Privacy Commissioner completes preliminary inquiries into Qantas 2025 data incident

The Australian Privacy Commissioner has published a report of the OAIC’s preliminary inquiries into the 2025 Qantas Airways Limited (Qantas) data … [...]

Privacy reform and responsible data behaviour for NFPs

For not-for-profits (NFP), trust is built not only on mission, but on how personal information is handled. As privacy expectations rise and AI … [...]

Is your board ready for a cyber crisis? The GC's role in making it a priority

Directors are now expected to oversee cyber risk, but many still struggle with what effective oversight looks like. Here’s how GCs can make the … [...]

Partnered Health confirms dozens of clinics potentially compromised by cyber attack

Australian GP network says patient healthcare data, including Medicare and DVA numbers, was accessed after a “malicious actor accessed some of our … [...]

How a timing system error brought down Telstra's network | ABC NEWS

Telstra is facing fresh scrutiny after confirming that a software error caused a nationwide outage. Technology reporter Cameron Wilson explains how a failure in the network's timekeeping system disrupted Telstra's [...]

AI agents are becoming the enterprise's most privileged users. And most organisations don't know it yet

AI agents are rapidly becoming a staple of the enterprise identity landscape. Yet, many organisations are deploying them faster than they can govern … [...]

Mobile telcos cautious on expanding emergency comms beyond voice

Australia’s top mobile carriers have cautiously supported expanding emergency communications beyond voice calls but warned that it will require … [...]

JB Hi-Fi Group finds new cyber security leader

JB Hi-Fi Group has appointed Kanchana Devi as its head of group cyber security following the departure of Daniel Eastley in April. Devi announced her … [...]

Australia to establish government AI office

Australia will create an office ⁠at ⁠the heart of government to manage the development of AI standards, seeking to balance the need to attract … [...]

Data breach! Lifeline Australia confirms staff data compromised following hacking claims

The threat actor, known as 2019, offers employee and volunteer staff data on a hacking forum, while Lifeline says some data is “doctored to include … [...]

Scam alert: Fake purchase callback scams

What's happening Scammers are sending fake messages that say you bought something you didn’t buy and tells you to call a phone number to stop or … [...]

Shares
Share This

Discover more from Australian Cyber Aware

Subscribe now to keep reading and get access to the full archive.

Continue reading