“All government agencies take their cyber security responsibilities very seriously” according to the Department of Home Affairs Secretary Mike Pezzullo during Senate Estimates.
Last year, only one government agency was found by the Australian National Audit Office to be in compliance with mandated cyber security standards.
It was not the Department of Home Affairs.
In fact, the Department formerly known as Immigration and Border Protection failed to meet mandated cyber security standards – not once, but twice – despite assurances to the Joint Committee of Public Accounts and Audit that it would be compliant in 2016 after the first damning audit in 2014.
The Immigration-turned-Home Affairs Minister is now responsible for Australia’s cyber security policy. So what is he doing to ensure his own Department is up to scratch?
Perhaps Peter Dutton can begin by answering questions he failed to respond to during Budget Estimates in May last year.
Can Dutton guarantee the biometric and sensitive personal information of travellers is not at risk?
Can Dutton guarantee his Department will finally be cyber resilient after the next audit?
Cyber security is everyone’s responsibility and government agencies should be the standard from which others in the community measure themselves.
Dutton now has unprecedented powers over Australia’s domestic security agencies – he must explain what he’s doing to improve the cyber resilience of the Department of Home Affairs and every other government agency.