Cyber Risk – Australia’s Top Ranked Risk in 2018
Recently, it has been reported that Australian government, community and business considers cyber risk our top ranked risk. Globally this is seen as the second biggest risk for international governments, business and local companies.
The most common concerns that come to mind is:-
- Personal data theft (consider the 143 million Equifax consumers, of which I was one) in 2017 who data was hacked and stolen
- Data loss from employee error or safety breach (filing cabinets aside, data sticks are notorious for losing information whether corrupted or misplaced)
- Malware and virus system hijacking or data corruption (and those awful ransom messages to unlock your computer or network)
- Hacking (remember WikiLeaks – Julian Assange) It doesn’t get bigger than that – YET!
The article below provides insight into steps you might take to inform your organisation on prevention and protection from cyber risk.
Also provided for your consideration and comment is an Example Council draft Information Governance Framework document. The intention of this document is to provide clarity to governance requirements for good management of information assets, that include:
- Systems Procurement, Management, De-Commissioning
- IT Infrastructure Procurement, Management, De-Commissioning
- Contract and service relationships including:-
- Records and Privacy Assessment and Compliance
- Data Management
- People and knowledge retention (tacit knowledge management converted to explicit knowledge)
- Legislative Compliance, performance assessment and reporting
- Forward Planning
Combined with the Records Management Compliance Framework documents developed with eAssure in 2017, we have a tool to guide our planning, management, and placing of time and resources.
Whole of Government Digital Records Platform Furore
In May 2017 the government announced a decision to implement a Whole-of-Government Digital Records Platform (the Platform). The Platform will automate the records management function taking into consideration user needs and technological advancements.
The project is being led by the Department of Finance, in consultation with the National Archives of Australia. Planning for the Platform is underway, and will continue over the next three years. Roll out of the Platform is due to commence in 2020 following a pilot phase.
The aims of the Platform are directly aligned with the Digital Continuity 2020 Policy and agencies should continue to work towards these targets.
As part of this work, the Government agreed to a Digital Records Investment Moratorium. The moratorium will be in place until 30 June 2019, with the possibility of extension, following a review of the pilot phase. The moratorium aims to prevent agencies entering into arrangements that are incompatible with the technical and business objectives of the Platform in order to protect the Government’s investment and ensure that economies of scale can be reached as early as possible.
Non-corporate Commonwealth agencies are subject to the moratorium when considering contracts for new capital investment or operational expenditure for digital records capability or non-essential upgrades to versions already in use by agencies. Agreement must be sought from the Secretary of Finance for new investment in digital records capability.
Recently an article appeared within Linked In asking for a review of the decision that locks out all but one of the many service providers and vendors who attended the initial briefing. Concern regarding the impact of such a long reaching decision to the social welfare of these small businesses and those they employ and the long term development of the technology sector within our country is voiced within the article. For more information on the background to this decision and the recent outcry check the following links.
Members, technology and workforce experts have proclaimed that we are now in the Age of the 4th Industrial Revolution.
We records management professional can be hit hard or embrace a fantastic opportunity. To learn more about what this means for us socially, in work and beyond this link provides a great insight.
Also in the April 2018 news…
Derek Madden, General Manager Corporate Services for Cardinia Shire Council writes…
Elsewhere data security and access continues to make headlines.
Please send your articles to Ruth Edge at firstname.lastname@example.org to share with your fellow MAV LGIG members.