How to protect the Australian public sector from cyber threats

When working with public sector agencies on cybersecurity, responsibility is proportionate to the amount of data which could potentially be compromised. Ensuring the safety of citizen’s data, as well as the uninterrupted delivery of services, requires a comprehensive and up-to-date understanding of cyber threats. In this article I will discuss the risks as well as the best practice measures Atos can help deliver in the public sector to provide citizen-centric services.

Identifying the risk

Understandably, protection against cybercrime attacks has become one of the highest priorities within the public sector, as there has been a 13% increase in these attacks in the last financial year. The Australian Cyber Security Centre reported over 67,000 attacks, over 25% of which threatened Australia’s critical infrastructure, with the total cost of cybercrime in Australia in the last financial year reaching a record high of $33 billion. Spread across agencies and jurisdictions, a state government needs to apply a cybersecurity plan which can offer protection on many different fronts, retaining trust from citizens, while also allowing easy access for users across platforms.

Remaining vigilant and resilient

The threat of ransomware attacks against public sector agencies in Australia is mounting. What we know about ransomware attacks is that they prey on monocultures and legacy systems. This means they have the potential to wreak havoc on established government organisations with a large, generalist IT system. Recent history has also shown that once hackers are able to find a small vulnerability, then they can get behind the defences of an organisation and access an entire system. As more devices are being used, as public service employees are working from home through the pandemic, and citizens are attempting to access their data remotely, the risk of compromise is increased.

“Spread across agencies and jurisdictions, a state government needs to apply a cybersecurity plan which can offer protection on many different fronts, retaining trust from citizens, while also allowing easy access for users across platforms.”

What Atos has been able to achieve through recent data migration projects for state governments in Australia is security at scale. Migrating existing infrastructure and applications to the cloud means a more comprehensive protection against cybercrime, because the cloud technology is constantly being monitored and updated. Once migrated, the systems are far more resilient against attack because of this ability to tweak security measures based upon threats as they are reported.

Taking affirmative actions

In departments like Health and Defence, the security of data and protection from cyber threats can be a matter of life and death. Services provided by the public sector are ultimately for the benefit of all citizens, so while migrating infrastructure to the cloud can increase protection against cybercrime by improving processes, there are also simple, affirmative actions that can be taken by citizens, and by governments to prevent cyber-attacks.

  1. People – educating staff and citizens in password safety, the identification of unauthorised or suspicious communication and how to exercise caution when sharing personal information.
  2. Processes – migration of existing infrastructure to a monitored and resilient cloud service, measures such as multi-factor identification, security questions, automatic lockouts and built-in alert systems which contact the provider when suspicious activity is detected.
  3. Policy – robust legislation in place at a state and federal level regarding the storage of personal data.

While this balance between security and ease of access is driven by market forces in the private sector, providing secure and accessible services in the public sector comes from a responsibility to citizens. Atos is committed to supporting this duty of care to citizens by providing the most agile and secure cloud technology to government agencies.

[1] ACSC Annual Cyber Threat Report 2020-21

By Murray Neville,
Program Executive, Western Australia

Posted: October 18 2021

 

Topics

  • Cybersecurity
  • Cloud
  • Digital transformation

Share this blog article


About Murray Neville
Program Executive, Western Australia
Murray is Atos’ Program Executive on public sector projects in Australia. His 30 years of experience in the ICT industry has seen him become an expert in public sector infrastructure transformations.

Follow or contact Murray