The Victorian government has launched a new five-year cyber strategy that will see over AU$50 million be allocated towards bolstering the state’s cybersecurity resilience.
The cyber strategy [PDF] will focus on three core missions that government has described as providing safe and reliable delivery of government services, creating a cyber safe place, and creating a “vibrant” cyber economy.
The strategy will be implemented through the state’s chief information security officer (CISO) releasing annual mission delivery plans that outline specific activities associated with the three core missions. The CISO will develop this plan in consultation with relevant stakeholders across government, industry, and the community.
The CISO will also publish an annual statement on the progress of activities against each of the three core missions.
While the first annual mission delivery plan is yet to be released, Minister for Government Services Danny Pearson said the first year of the cyber strategy will see government specifically focus on strengthening security for government online services and communications.
It will also provide more opportunities to grow the state’s local cybersecurity talent, Pearson said.
As part of the mission of improving the delivery of government services, the actions to be rolled out by government will entail creating an IT asset management guideline that is in line with Victorian Protective Data Security Framework requirements; decommissioning unused services currently active on vic.gov.au domains; and establishing a whole-of-government third-party risk program.
It also includes deploying a status monitoring program and simple procurement process that both follow Essential Eight guidelines; working with the National Cyber Security Committee to standardise government third-party supplier security frameworks; and building various guidelines and cyber education programs aimed at improving the resilience of government’s critical services.
For the mission of making Victoria more cyber safe, the state government will establish a Victoria Police Cybercrime Strategy to boost Victoria Police capability and a new expert advisory panel focused on understanding cybercrime risks. The advisory panel will report to government on opportunities to enhance cybercrime messaging and education programs as well as potential legislative reform for helping police combat cybercrime, the strategy outlines.
Government will also develop an annual cyber exercise program in partnership with Victoria’s critical infrastructure owners and operators as part of the strategy’s second mission.
The third mission, creating a “vibrant” cyber economy, will see the Victorian government allocate investment towards growing local cyber capability, create internship and training programs in the cyber sector, and establish an expert advisory panel to provide insight on cyber capability uplift opportunities and digital economic growth.
The new cyber strategy builds on Victoria’s AU$196 million plan, announced late last year, to centralise and simplify the state’s IT services.