Director Security Management and Assurance
Department of Justice and Regulation VIC
9:00 AM Managing Third Party Risks through Cyber Security Solution Provider Examination and Coordination
The ‘Digital Delivery of Government Services’ published on 27 June highlights that The Committee are not convinced that departments are fully cognisant of the risks they were taking on the contractual arrangements that lead to outages and online security failures respectively. Due to difficulties in regulating private cyber security solution providers, departments are finding it challenging to achieve cyber control, consistency, and meeting legislation standards. Due to these challenges as well as the pressure of budget this workshop will cover:
- The fundamentals of aligning cyber solution providers with the pace of organisations and their evolving digital system landscapes
- Implementing consistency through consolidated approaches in cyber security system implantation as well as processes and culture
- Examination, selection and cooperation strategies with cyber security third party suppliers
- Evaluating central metrics and achieving value for money for cyber security objectives
The 2017 Threat Report by the Australian Cyber Security Centre (ACSC) has highlighted a 15% increase in identified cyber security incidents. Cyber attacks with malicious intent are difficult to completely elude and have been an increasingly frequent threat and burden to the public sector. In this session Jacinta Thomson discusses the key management and response approaches to a variety of common digital breach scenarios.
- Creating awareness about threats with efficient mass-communication: Adhering to the Data Breach Notification Legislation.
- How departments should be trained to react internally to a breach and capably implementing strategies quickly to prevent data loss.
- Reflecting and analysing incidents to implement improvements for future strategies.