The Opposition-Alliance is calling on the McGowan Government to stop turning a blind eye to cyber-security after a damning audit exposed multiple failures across a number of agencies.
Shadow Innovation and ICT Minister Dr David Honey said the Auditor General’s Office Information Systems Audit uncovered 13 cases where cyber-security deficiencies were so significant the relevant agency’s records could not be trusted.
“Alarmingly, the number of agencies falling into this category has doubled since last year,” Dr Honey said.
“In addition to these cases, the report found almost 9 out of 10 agencies failed to meet the required standard for Endpoint Security, falling dangerous short of the cyber-security standards.
“It appears that the McGowan Government has learnt nothing since the major cyber-security risks identified by the Auditor General in her review of the Safety WA App in May last year.
“It is also extremely disappointing that half the cyber-security weaknesses (282) identified in this report were identified in the same audit completed last year.
“The McGowan Government is not taking cyber-security threats seriously enough and there are serious risks of future cyber attacks on government agencies, compromising their work and potentially the release of people’s personal information.”
The audit also found almost 8 out of 10 agencies failed to meet the required standard for Access Management which relates to preventing unauthorised log-ins, multi-factor user identification and strong passwords.
“These failures have allowed an insider to change a colleague’s password to enable access to business information and in another case, allowed staff to continue to use the log-in of a senior staff member three years after that person left the agency.
“These are not trivial matters and it’s clear the McGowan Government needs to step-up and take the issue of cyber-security much more seriously.
“We cannot see a repeat of similar findings in another year’s time.