NSW Cyber Security Review 2020

2020 was a year of extraordinary strength and flexibility. For the majority of us, Covid-19 significantly changed the way we live and work; in NSW, and around the globe. With the rise of a remote workforce, cybercriminals took this opportunity to capitalize on the changing global environment and focus on attacks that targeted this changing environment.

The cyber threat issue is continually developing, and we should continually monitor this changing issue and rapidly adjust and react. Over this previous year, we’ve seen an impressive expansion in security awareness and working of ability. Network protection is anything but a ‘set and forget’ and we should keep on endeavoring to keep up and improve our abilities to get ready for a more digitized future and a changing threat issue.

Toward the beginning of the COVID-19 pandemic, we saw an enormous move in phishing attacks. A few Australian organizations were affected by attacks consistently and are proceeding to happen. These attacks will keep on getting more modern.

In the last year, the emerging Threat issue has been driven by four factors: the types of threats actors or adversaries, the changing business environment, the changing technology landscape, and our regulatory requirements. Using insights from our intelligence and response team, we discovered a number of key threat actor groups targeting the NSW Government.

It has been widely reported that NSW Government’s maturity is low. We are not alone in this; even the Commonwealth Government has reported low maturity. In 2020, Cyber Security NSW worked towards uplifting this maturity in partnership with all NSW Government agencies. NSW Government has now allocated $240 million to uplifting cyber security across NSW Government.

Cyber Security Strategy

The NSW Government announced the development of a comprehensive, sector-wide cyber security strategy this year. The 2021 NSW Cyber Security Strategy will replace the NSW Cyber Security Strategy and the NSW Cyber Security Industry Development Strategy combining both into one overarching cyber security strategy for NSW. The strategy will aim to outline the key strategic objectives, guiding principles, and high-level focus areas that the NSW Government will use to align existing and future programs of work.

Approximately 90 strategy submissions were provided by industry partners and cyber security experts. In conjunction with the Australian Strategic Policy Institute (ASPI), we facilitated several focus group meetings with the NSW Government and experts that provided submissions to review common themes among submissions. The Strategy is currently under development and is set to be released in 2021.