There are no staff assigned to my Department who are dedicated solely to ‘cyber security protocols’ and there are no immediate plans to recruit such a specialist.
One element of the Head of ICT’s role in my Department is ‘Implementing technologies relevant to the security and protection of data within the Department’s ICT Systems and Infrastructure ’. This is done in conjunction with the core ICT team assigned to the Department which includes a Cyber Security Responder who is currently seconded to my Department from the National Cyber Security Centre. The remit of my Department's ICT team is significantly broader than the area of cyber security.
As necessitated by particular projects, the core ICT team is often supplemented with external resources who have specialised expertise in the rapidly evolving and expanding field of cyber security and information security.
A Risk Register of potential attempts at security breaches is maintained and if deemed necessary by the core ICT team, can be made available to the National Cyber Security Centre or to my Department’s external partners for further inspection and action.
My Department works closely with and has ongoing contact with the Computer Security Incident Response Team in the National Cyber Security Centre who provide regular guidance and advice relating to current internet security alerts and threats. Prevention and mitigation measures recommended by the Response Team are reviewed as soon as they are received and they are appropriately actioned.
The response to cyber threats continues to be a whole-of-Government challenge with the Department of Communications, Climate Action and Environment leading on the development of a new National Cyber Security Strategy. A public consultation took place recently on the development of the new Strategy which will seek to take account of heightened threats, new responsibilities, and the need to develop new skills and wider engagement internationally.