Friday, January 15, 2021
  • Setup menu at Appearance » Menus and assign menu to Top Bar Navigation
Advertisement
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News
No Result
View All Result
NikolaNews
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News
No Result
View All Result
NikolaNews
No Result
View All Result
Home Internet Security

Geoscience Australia to be Top 4 compliant after discovery of unknown rogue file

March 22, 2019
in Internet Security
RSA Security Conference: The race to plug a $6 trillion security hole
586
SHARES
3.3k
VIEWS
Share on FacebookShare on Twitter

The Joint Committee of Public Accounts and Audit on Thursday heard that Geoscience Australia had an executable file found on its system back in 2017 that had been sitting there for “some months”.

The file was found by the Australian Signals Directorate (ASD) at the time, with Geoscience Australia CEO Dr James Johnson saying it was the only instance he was aware of that constituted a cyber incident.

You might also like

Xiaomi added to US list of alleged Communist Chinese military companies

Security software maker Tufin soars on raised Q4 outlook

Cisco says it won’t patch 74 security bugs in older RV routers that reached EOL

“We have had executable files found within our system — on one occasion I am aware of — whereby it was found and it had been resident within our system for some months,” he said. “It hadn’t actually developed into a major problem and it was identified for us by the ASD and we acted accordingly to rectify that.”

While Johnson could not give an exact timeline, he said it was in “approximately 2017”, and conceded there was a lag between when it was placed and when it was identified.

“Where we have identified something on our network that we are unsure about, we engage with the [Australian Cyber Security Centre] fairly quickly and also with our service provider for ICT services,” added Trent Rawlings, who in addition to being Geoscience Australia’s chief operating officer is also in charge of cybersecurity.

“We’re certainly increasing the maturity in that area of our monitoring and response capability, but certainly there has been nothing to date that has caused significant impact to our organisation that we’re aware of.”

In a report on cyber resilience from the Australian National Audit Office (ANAO) that was published a year after the executable file was found, Geoscience Australia was labelled as lacking where the Australian government’s Top 4 mitigation strategies were concerned.

In early 2017, the Top 4 was expanded to the Essential Eight.

Following the ANAO probe, Geoscience Australia agreed to up its security posture, with Johnson telling the committee on Thursday that his agency would be compliant with the Top 4 come June 30, 2019.

“We agreed with the ANAO findings and have implemented a security improvement program to address those findings and to meet our compliance obligations, and improve overall governance and management of cybersecurity,” he said.

“We are well more cyber resilient than at the time of the audit last year.”

The security program, Johnson explained, will implement the Top 4 cyber mitigation strategies on essential systems — user work stations, emails systems, and authentication systems — as priorities, and “enhance governance and support arrangements to ensure their effective operation”.

Johnson admitted that cybersecurity was not previously a priority for the government agency.

“As an organisation that openly shares the majority of its information, Geoscience Australia has historically placed a higher priority on supporting scientific endeavours than cybersecurity. This was based on the presumption that a cyber threat seriously impacting on the organisation was low,” he said.

“The importance of and reliance on ICT systems has increased rapidly and has changed the risk profile of the organisation, we are therefore changing our practices.”

While Geoscience Australia makes almost all of the information it holds publicly available, there is still the potential for the personal information of staff to be breached, for the IP of other scientific organisations it engages with to be targeted, or that Geoscience Australia is itself used as a conduit into other government entities that have a higher level of security classification.

In addition to Geoscience Australia being compliant with the Top 4 in the coming months, Johnson told the committee it has also implemented a handful of tangible measures, such as reducing the number of staff with administrator access, trialling and procuring a whitelisting solution, and implementing an awareness raising campaign within the organisation.

The ANAO probed two other Commonwealth entities in addition to Geoscience Australia in its June 2018 report: Treasury and the National Archives of Australia. It found Treasury was compliant and National Archives, like Geoscience Australia, was lacking.

At the time, ANAO said it had found only four government entities compliant with the Top 4 requirement when it was made mandatory in April 2013, from the 14 organisations it had examined.

RELATED COVERAGE

Credit: Source link

Previous Post

Bias Variance Trade Off - Data Science Central

Next Post

How Artificial Intelligence is Already Changing Medicine

Related Posts

Xiaomi added to US list of alleged Communist Chinese military companies
Internet Security

Xiaomi added to US list of alleged Communist Chinese military companies

January 15, 2021
Security software maker Tufin soars on raised Q4 outlook
Internet Security

Security software maker Tufin soars on raised Q4 outlook

January 15, 2021
Cisco says it won’t patch 74 security bugs in older RV routers that reached EOL
Internet Security

Cisco says it won’t patch 74 security bugs in older RV routers that reached EOL

January 15, 2021
Switching to Signal? Turn on these settings now for greater privacy and security
Internet Security

Switching to Signal? Turn on these settings now for greater privacy and security

January 14, 2021
Scam-as-a-Service operation made more than $6.5 million in 2020
Internet Security

Scam-as-a-Service operation made more than $6.5 million in 2020

January 14, 2021
Next Post
How Artificial Intelligence is Already Changing Medicine

How Artificial Intelligence is Already Changing Medicine

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Recommended

Plasticity in Deep Learning: Dynamic Adaptations for AI Self-Driving Cars

Plasticity in Deep Learning: Dynamic Adaptations for AI Self-Driving Cars

January 6, 2019
Microsoft, Google Use Artificial Intelligence to Fight Hackers

Microsoft, Google Use Artificial Intelligence to Fight Hackers

January 6, 2019

Categories

  • Artificial Intelligence
  • Big Data
  • Blockchain
  • Crypto News
  • Data Science
  • Digital Marketing
  • Internet Privacy
  • Internet Security
  • Learn to Code
  • Machine Learning
  • Marketing Technology
  • Neural Networks
  • Technology Companies

Don't miss it

Chief Data Scientist Seen as Bridging CTO to Business Managers 
Artificial Intelligence

Chief Data Scientist Seen as Bridging CTO to Business Managers 

January 15, 2021
Data Science and Machine Learning Service Market size and Key Trends in terms of volume and value 2020-2025
Machine Learning

Data Science and Machine Learning Service Market size and Key Trends in terms of volume and value 2020-2025

January 15, 2021
Xiaomi added to US list of alleged Communist Chinese military companies
Internet Security

Xiaomi added to US list of alleged Communist Chinese military companies

January 15, 2021
Best AI Papers of 2020 Broach GPT-3 Large Language Model Concerns 
Artificial Intelligence

Best AI Papers of 2020 Broach GPT-3 Large Language Model Concerns 

January 15, 2021
CERC plans to embrace AI, machine learning to improve functioning
Machine Learning

CERC plans to embrace AI, machine learning to improve functioning

January 15, 2021
SEO Question: Is Backlinking Dead?
Marketing Technology

SEO Question: Is Backlinking Dead?

January 15, 2021
NikolaNews

NikolaNews.com is an online News Portal which aims to share news about blockchain, AI, Big Data, and Data Privacy and more!

What’s New Here?

  • Chief Data Scientist Seen as Bridging CTO to Business Managers  January 15, 2021
  • Data Science and Machine Learning Service Market size and Key Trends in terms of volume and value 2020-2025 January 15, 2021
  • Xiaomi added to US list of alleged Communist Chinese military companies January 15, 2021
  • Best AI Papers of 2020 Broach GPT-3 Large Language Model Concerns  January 15, 2021

Subscribe to get more!

© 2019 NikolaNews.com - Global Tech Updates

No Result
View All Result
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News

© 2019 NikolaNews.com - Global Tech Updates