New South Wales to implement sector-wide cybersecurity strategy

With the federal government earlier on Tuesday earmarking AU$1.35 billion to boost the nation’s cyber capabilities, the New South Wales government has announced its intentions to stand up a sector-wide cybersecurity strategy.

The state government is hoping to develop a “comprehensive, sector-wide cybersecurity strategy” and is calling for industry submissions to help shape it.

“The 2020 NSW Cyber Security Strategy will ensure the NSW government continues to provide secure, trusted, and resilient services in an ever-changing and developing environment,” Minister for Customer Service Victor Dominello said.

“The new strategy will be delivered through an integrated approach to prevent and respond to cyber security threats and safeguard our information, assets, services, businesses, and citizens.”

The state government’s existing strategy, a mere 20 pages long, was published in late 2018 and took a whole-of-government view on how to manage risk, borrowing the framework laid out by the National Institute of Standards and Technology (NIST).

The new strategy will supersede the 2018 document and combine actions under the existing NSW Cyber Industry Development Strategy.

“The 2020 NSW Cyber Security Strategy will address the cyber workforce and skills gaps that are vital in attracting business investment and creating innovation jobs,” Dominello said, noting also that in a “post COVID-19 environment”, it’s important for the state government to maximise its existing capabilities and develop local cyber talent.

“It will support innovation and growth of the NSW cyber industry and cement NSW as the leading state for cybersecurity in the Asia-Pacific region.”

The plan to create a new security document follows the state earlier this month making a AU$240 million commitment to improve NSW’s cybersecurity capabilities, including investments towards protecting existing systems, deploying new technologies, and increasing the cyber workforce

Under that commitment, Dominello announced standing up a cybersecurity vulnerability management centre in Bathurst, 200kms west of Sydney.

To be operated by Cyber Security NSW, the centre will be responsible for detecting, scanning, and managing online vulnerabilities and data across departments and agencies when operations commence in July. 

The establishment of the centre is part of the NSW government’s AU$1.6 billion Digital Restart Fund that is touted to make the state the “digital state of the southern hemisphere”.

Dominello said cybersecurity will also be a vital part of the technology community at Tech Central, a new Sydney Innovation and Technology Precinct in the CBD slated for completion in 2025.

A focus on cybersecurity follows Service NSW in April falling victim to a phishing attack. The email accounts of 47 Service NSW Staff members were illegally accessed, with the emails containing customer information.

Offering further detail, a spokesperson for Service NSW told ZDNet earlier this month that an investigation into the matter was still ongoing.

“The analysis into the attack on Service NSW staff email accounts is ongoing and the specialist teams are working through complexities including ensuring the data remains secure during the review,” they said.

Also this month, the state government experienced a power outage at one of its data centres in Silverwater, west of Sydney, resulting in many state health and customer service functions reverting to manual processes.

Meanwhile, the federal government will soon launch Australia’s delayed 2020 cybersecurity strategy. The country’s current strategy was launched in April 2016, with a AU$230 million kitty.

MORE FROM NSW