Cyber attacks on the state’s critical infrastructure could result in closures of the state’s rail, water supply, electricity networks, and ports. Closure of key infrastructure would disrupt trade and a range of services, resulting in economic losses for the state and inconvenience for the public.
Given the potential threat to critical infrastructure sectors, the Australia Cyber Security Centre (ACSC) strongly encouraged Australian organisations to review its advice and investigate their networks for signs of potential malicious activity.
This audit will examine whether relevant entities are effectively managing their critical infrastructure cyber security risks, including whether they:
- understand and assess the extent to which their information assets and organisational processes are exposed to cyber security risks
- design and implement effective information controls to mitigate identified cyber security risks.
It may also consider whether these entities are meeting their reporting obligations relating to cyber security management under the Security of Critical Infrastructure Act 2018 (Cth).
- Department of Customer Services, Open Data and Small and Family Business
- selected public sector entities, including government owned corporations.