The Attorney-General's Department (AGD) has cleared the air on the claims of cybersecurity being their responsibility as they say it's a duty for agencies. Despite being in charge of cyber security policies, rules, and monitoring strict compliance across the boards, the Department of Defence and ADG stated that cybersecurity is in the hands of the Commonwealth bodies and any questions or inquiries should be directed to them.
In a meeting with the Joint Committee on Audits on Cybersecurity working resilience of the Commonwealth bodies, federal opposition bodies pointed many lapses and shortcomings of the Commonwealth bodies in delivering reports and a lack of accountability.
The Australian National Audit Office (ANAO) was also faced the heat when asked why the Price Security Policy Framework (PSPF) was yet to be made compulsory for all the Commonwealth bodies, and why attention is placed only on the Top Four when it is called the Essential Eight.
Check Out: The Best VPN Deals Of June 2020
A year ago, ANAO cyber-resilience audits discovered that barely 29% of audited agencies complied with the Top Four, while 60% of departmental self-assessments were seen to be non-compliant. This, a Minister for Cyber Security termed an inaccurate self-assessment. From the evidence of the audits, conclusion drawn was that the standard and structure used in working wasn't efficient enough to regulate their stance firmly.
Mainly, the AGD is in charge of fixing and setting protective security policy guidance and information security through the Price Security Policy Framework (PSPF). Giving a submission in PDF format to the committee after the hearing, AGD said Cybersecurity is an essential priority for the government.
On a final note, ADG said that while they regularly engage with Commonwealth bodies to provide assistance and Cyber security, individual bodies are solely responsible for the protection and security of their own information and network.