Home Affairs Minister Clare O'Neil says Australia is waking from a slumber when it comes to cyber security, as it grapples with a series of attacks on companies and the shocking release of private customer information to the dark web.
Subscribe now for unlimited access.
$0/
(min cost $0)
or signup to continue reading
Her comments ring true, drawing attention to the complacency of Australian companies that made them vulnerable to the sort of breaches that are now wreaking havoc.
Hackers spied the weaknesses in the systems where they broke and entered, and now customers of those companies are paying.
While it's accurate of Minister O'Neil to describe this naivety and ignorance, it's only helpful if it prompts other sectors to learn from the cyber breaches.
For years, the risks to cybersecurity have seemed largely abstract and far away for Australians, and many organisations deferred serious action.
That era has ended with the hacks targeting Optus, Medibank and others.
The government is making a lot of noise in response to the hacks, condemning hackers in Russia and announcing crack teams to disrupt their activity.
Its actions so far, such as moving to increase penalties for companies hit by breaches, and reviewing privacy laws, are welcome.
There is still a lot to do if Australia is to shield itself from more attacks.
Until it does, the nation appears poised to sustain more disruptive hack attacks, in one form or another.
The federal government would do well to start by getting its own house in order.
For years, audits have found serious shortcomings in the public service's own cybersecurity measures.
That's inexcusable for federal agencies, and it does nothing to bolster the government's credibility when it criticises private industry for its own failures and weaknesses.
The catalogue of shortcomings is long.
The Auditor-General in March last year reported a number of government departments had "ad hoc" cyber security systems, despite malicious cyber activity being a "significant" government threat.
Its report revealed the concerning state of cyber security management by 14 government entities, including federal departments, which had left them exposed to serious threats and data breaches.
Among the worst offenders were the Education and Health departments along with the Australian Trade and Investment Commission.
The Auditor-General also admonished agencies involved in national security, such as the Home Affairs and Attorney-General's departments, and the Australian Signals Directorate, for failing to support the entities in strengthening their cyber security.
For a long time, there hasn't been much in the way of consequences for the agencies that fail to comply.
The government could show it's serious about the issue by making the bureaucracy more accountable for such failures.
Otherwise, as recent events show, it's the Australian public that suffers.
Our journalists work hard to provide local, up-to-date news to the community. This is how you can continue to access our trusted content:
- Bookmark www.examiner.com.au
- Make sure you are signed up for our breaking and regular headlines newsletters
- Follow us on Twitter: @examineronline
- Follow us on Instagram: @examineronline
- Follow us on Google News: The Examiner