惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

B
Blog RSS Feed
Spread Privacy
Spread Privacy
T
Threatpost
C
Cisco Blogs
P
Palo Alto Networks Blog
AI
AI
Cyberwarzone
Cyberwarzone
NISL@THU
NISL@THU
P
Privacy & Cybersecurity Law Blog
G
GRAHAM CLULEY
Simon Willison's Weblog
Simon Willison's Weblog
T
Tor Project blog
Latest news
Latest news
AWS News Blog
AWS News Blog
D
Docker
S
SegmentFault 最新的问题
博客园 - 聂微东
WordPress大学
WordPress大学
Vercel News
Vercel News
S
Securelist
爱范儿
爱范儿
J
Java Code Geeks
Know Your Adversary
Know Your Adversary
S
Schneier on Security
Hugging Face - Blog
Hugging Face - Blog
F
Fortinet All Blogs
Last Week in AI
Last Week in AI
D
DataBreaches.Net
宝玉的分享
宝玉的分享
D
Darknet – Hacking Tools, Hacker News & Cyber Security
MongoDB | Blog
MongoDB | Blog
Engineering at Meta
Engineering at Meta
K
Kaspersky official blog
美团技术团队
博客园 - 叶小钗
阮一峰的网络日志
阮一峰的网络日志
量子位
博客园_首页
Attack and Defense Labs
Attack and Defense Labs
S
Secure Thoughts
Google Online Security Blog
Google Online Security Blog
Application and Cybersecurity Blog
Application and Cybersecurity Blog
Threat Intelligence Blog | Flashpoint
Threat Intelligence Blog | Flashpoint
腾讯CDC
T
Threat Research - Cisco Blogs
雷峰网
雷峰网
有赞技术团队
有赞技术团队
www.infosecurity-magazine.com
www.infosecurity-magazine.com
P
Privacy International News Feed
S
Security Affairs

Government

Qld government announces new digital project governance bodies Child protection advocates call for faster action on digital duty of care laws Cyber resilience a key plank of new Nakamal Agreement between Vanuatu and Australia ACMA targets SMS scams, emergency services, and telco protections in 2026–27 compliance agenda Exclusive: Pauline Hanson’s One Nation party quietly deletes Labor hacking claims Privacy Commissioner rules Medmate and Monash IVF breached privacy law through tracking pixels Australian government, Microsoft sign agreement strengthening cyber security Tony Burke announces ‘new program of work’ under Horizon 2 of the Australian Cyber Security Strategy AFCA to become Australia’s central scams complaints body under new prevention framework Pentagon’s new Department of Defense Cyber Defense Command could be a good model for Australia Be counted: Australia’s next census faces cyber security shortcomings Aussie government proposes automatic reimbursement for scam losses below $3,000 Op-Ed: Australia’s cyber law is stuck in the past – the Slay Review is our chance to fix it ACCC welcomes another year of funding for the National Anti-Scam Centre Budget 2026: Expectations around AI, SMB resilience, and national defence Australia strengthens cyber defence in multinational operation New Zealand announces new sanctions against Russian cyber actors, online support platforms Op-Ed: Australia’s next budget must treat cyber resilience as essential infrastructure Australian government establishes new Cyber Incident Review Board US Department of War launches cyber-focused apprenticeship program Australian government stands up new ‘tripartite forum’ to tackle AI challenges in the workforce Australian Army research paper advocates for Australian national cyber reserve force, volunteer cyber organisations ADF strengthens skills as Cyber Command marks 2 years of operation Op-Ed: Australia inspired the EU’s online age restrictions, now it’s time for us to learn from them Latitude Financial faces $3.96m fine over spam law breaches Kid stuff: Roblox to introduce safety improvements following Aus government warnings Report: Aussie youth increasingly turning to AI for mental health advice First draft of Children’s Online Privacy Code made public Kids’ stuff: OAIC releases exposure draft of Children’s Online Privacy Code Aussie telco consumer code to be replaced in favour of ‘stronger protections’ Government proposes 5 changes to SOCI Act in overhaul of ministerial directions powers Cyber, defence cooperation key plank of new EU–Australia partnership Q&A: ‘Just be mindful that people are interested in you,’ says Sarah Sloan Trump releases US National Cyber Strategy CISO for Department of Health and Aged Care retires FIIG Fined: Federal Court orders $2.5M penalty for cyber security failures US CISA in a bad way as a new acting head is appointed Who is on the frontline when it comes to AI policymaking in Australia? Australian government unveils 5-year deal with Microsoft to lock in pricing and support AI adoption Australia, Samoa sign memorandum of understanding on cyber cooperation
Australia’s Department of Parliamentary Services has only “partly effective” cyber security stature, audit finds
David Hollingworth · 2026-06-15 · via Government

DPS says it will “address critical cyber, information security and operational resilience risks” in wake of ANAO review.

Australia’s Department of Parliamentary Services has only “partly effective” cyber security stature, audit finds

The Department of Parliamentary Services has said it agrees with all the findings of and recommendations made following a recent cyber security audit by the Australian National Audit Office.

According to the ANAO, previous audits had found gaps in identity management, and the office felt an ongoing assessment was necessary given emerging risks.

You’re out of free articles for this month

To continue reading the rest of this article, please log in.

What this audit found was more than a little alarming. The ANAO found that despite DPS managing more than 10,000 end-user devices used by almost 5,000 users, seven strategies out of the Essential Eight were “Implemented below the standard required”.

“The Essential Eight cyber security strategies were not fully implemented in accordance with the requirements of the Protective Security Policy Framework,” the ANAO said in its findings, which were published on June 11.

“The department was relying on compensating controls without adequate coverage of all systems and risk management of identified vulnerabilities.”

Despite the department establishing proper governance processes, the effectiveness of the DPS’s risk assessment, acceptance and communication was found to be lacking.

Similarly, the ANAO found an outdated policy framework and a limited ability to adequately “apply controls and governance for some of the users it supports”.

Part of the issue, the ANAO said, was the DPS’s varied user base, which includes Parliamentarians, their staff, and other entities.

“The differing business and security requirements of these user groups were not reflected in the department’s IT environment. DPS experienced significant turnover in ICT staff in the previous 18 months,” the ANAO said.

“Some technology platforms supporting key business functions require risk-managed operation due to lifecycle constraints, and inventories of key information, assets and risks were outdated.”

The ANAO recommended that the DPS review its governance and risk assessment processes and develop a risk-based program to uplift its security posture to achieve compliance with the government’s Protective Security Policy Framework.

The DPS has agreed to all recommendations.

“DPS is committed to working collaboratively with partners across the Parliament and government to strengthen cyber security practices through a program of continuous improvement,” Jaala Hunchcliffe, Secretary of the DPS, said in a letter of response to the audit.

“This will further support strengthening of systems and processes in alignment with Australian Government standards through embedding Information Security Manual controls and progressing actions to increase our maturity level with the Australian Signals Directorate’s Essential Eight Security Model.”

You can read the full results of the audit here.

Cyber DailyWant to see more stories from trusted news sources?
Make Cyber Daily a preferred news source on Google.

David Hollingworth

David Hollingworth has been writing about technology for over 20 years, and has worked for a range of print and online titles in his career. He is enjoying getting to grips with cyber security, especially when it lets him talk about Lego.