Western Australia’s Office of the Auditor General (OAG) has made six recommendations to state government agencies after it was found six agencies had previously been the target of malware campaigns.
According to the OAG, the six agencies probed — which included the Department of the Attorney General, Department of Mines and Petroleum, Department of Transport, Main Roads Western Australia, and the Office of the Government Chief Information Officer (OGCIO) — were under constant threat, which it said highlighted the need for improved central governance arrangements to identify, warn of, and prevent attacks.
In its report [PDF], Malware in the WA State Government, the OAG said as a result of the audit, it made “detailed recommendations” to each agency that came under the microscope. The explicit details were not published, but instead, the OAG offered up the broader six recommendations it made, which included an in-depth assessment of the risk to the agency malware poses, improving any controls the OAG identified as ineffective, and that each agency consider additional controls to better secure its networks, systems, and data against malware.
“The government spends AU$1 to AU$2 billion on IT and this needs to be strongly managed to ensure we deliver the best value to West Australians,” the premier said at the time. “Nunis has the right combination of professional skills and practical experience, with a fundamental understanding of the private and public sectors and how to negotiate and deliver large IT projects.”