Govt urged to end reliance on ‘inadequate’ cyber self-assessments


Brandon How
Reporter

“Persistent optimism bias” in cybersecurity reporting by Commonwealth entities is muddying government oversight of the issues, with a parliamentary committee now calling for self-assessments to be subject to an external assurance process.

A Joint Committee of Public Accounts and Audit report, released on Thursday afternoon, called on the government to consider implementing “an assurance regime on agencies’ self-reporting to government on the cybersecurity aspects of the Protective Security Policy Framework (PSPF)”.

If not applied across the board, then the assurance process should apply on a risk basis to provide government a more accurate description of cybersecurity capabilities across non-corporate Commonwealth entities.

Do you know more? Contact James Riley via Email.

Leave a Comment