Skip to main content

Progress Report

  • 2016
    • August
      • Action #11
        Action

        Establish Cyber Security Strategy Group to facilitate a cross-industry strategic approach and an intelligence sharing mechanism.

      • Action #12
        Action

        Establish formal channels and mechanisms to engage with Australian Government cyber security services and strategic planning.

    • September
      • Action #17
        Action

        Establish and maintain a Victorian Government information sharing and incident response service comprising of contract arrangements and appropriate onsite service providers.

  • 2017
    • September
      • Action #1
        Action

        Appoint a Victorian Government Chief Information Security Officer and establish a cyber security office.

      • Action #2
        Action

        Develop and present a quarterly cyber security briefing and status report to the Victorian Secretaries Board and the State Crisis and Resilience Committee.

      • Action #7
        Action

        Establish an ICS/SCADA cyber security working group reporting ultimately to the State Crisis and Resilience Council that will develop and implement a three year multi-agency cyber security exercising program to build resilience, readiness and capability.

      • Action #8
        Action

        Describe cyber security desired target state.

      • Action #18
        Action

        Determine and establish whole-of-government subscriptions for internet security and information security services.

    • October
      • Action #4
        Action

        Finalise implementation of cyber emergency governance arrangements, including the creation of a cyber security group reporting ultimately to the State Crisis and Resilience Committee.

      • Action #16
        Action

        Work with CERT to align with the National Cyber Security Exercise Program initiative stemming from Australia’s Cyber Security Strategy.

    • November
      • Action #5
        Action

        Establish an initial baseline of cyber security status, including identifying high value information assets and infrastructure, followed by an annual cyber resilience benchmark report and status of progress against strategy delivery.

      • Action #20
        Action

        Undertake an assessment and issue guidance in relation to the Government’s obligations as a customer when consuming cloud services in a shared security model.

    • December
      • Action #3
        Action

        Develop and operate a communication and engagement program for cyber security awareness within the government.

      • Action #14
        Action

        Identify high inherent risk in small and medium sized entities (in conjunction with VMIA) so that services can be targeted.

  • 2018
    • February
      • Action #19
        Action

        Develop an integrated and federated Security Operations Centre model and implementation plan.

    • March
      • Action #6
        Action

        Identify and promote common cyber security services that can be accessed and shared.

      • Action #15
        Action

        Establish (with VMIA) a cyber capability uplift program including cyber security training, educational events, programs, and seminars.

      • Action #22
        Action

        Commence implementation of the cyber security capability recommendations released as part of the IT Capability Uplift Plan and developed under the Victorian Government IT Strategy.

      • Action #23
        Action

        Develop a workforce plan to attract, develop and retain specialist cyber security skills.

    • April
      • Action #21
        Action

        Develop and pilot a small and medium organisation cyber security operational model.

    • June
      • Action #9
        Action

        Undertake cyber security operational health check.

      • Action #13
        Action

        Establish a procurement panel to access private sector cyber services.

  • 2019
    • March
      • Action #10
        Action

        Undertake desktop target state review (timing meshes with Action 8).
        Every 18 months.