. home.aspx



Geoscience Australia takes action after cyber security fail

March 14, 2019 / Justin Hendry

Moves to have all Essential Eight in place by June 2020. Geoscience Australia has kicked off a program of work to implement all the government’s mandatory and non-mandatory cyber security requirements by 2020 after being labelled highly exposed to cyber-attack last year. In June 2018 the Australian National Audit Office (ANAO) found the agency had failed to implement any of the top four cyber mitigation strategies set by the Australian Signals Directorate. Geoscience Australia was assessed as vulnerable, with a high level of exposure and opportunity for external attacks and internal breaches and unauthorised disclosures of information,” the 2018 audit report stated. Application whitelisting was highlighted as particularly poor outcome, with the agency in some instances taking up to 30 days to install critical patches – where the current requirement is 48 hours