Cyber-attacks are one of the greatest threats to both Australia’s national security and our democracy, including at the local government level.
To be properly prepared for cyber-attacks and defend against data breaches, Australian councils urgently need government support.
Recent local government surveys in New South Wales and Western Australia found councils could significantly improve their management of cyber risks and response to potential cyber threats.
ALGA President Councillor Linda Scott said these findings demonstrated the need for federal, state and territory governments to support local government by assessing the sector’s cyber maturity and readiness to defend attacks.
“Cyber-security is increasingly becoming an issue for all levels of government. Australia’s 537 local governments are particularly exposed as we collect and hold a significant amount of sensitive information,” Cr Scott said.
“We are calling on the Federal Government to support us to assess the risks and opportunities across all councils in Australia and develop a consistent approach for improving our sector’s cyber-security capacity.
“Cyber-attacks are mostly from overseas and from national actors or government-sanctioned criminals, making cyber security a national security and federal government issue.”
As part of its pre-Budget 2023-24 submission, ALGA has called on the Government to:
- Provide $10 million to scope local government’s preparedness to deal with cyber-attacks and data breaches; and
- Appoint a dedicated local government Chief Information Security Officer (CISO) in the Australian Cyber Security Centre within the Australian Signals Directorate.
Cr Scott said: “Without federal support, there’s a danger of local government being further exposed to data breaches, and community-based data being compromised.”
Background information/Case study*
Some of the opportunities available for improving local government cyber security include improving multi-factor authentication, improved permissions controls, planning for responses to major data breaches, dedicated training for councils in councils, and better securing information held on old and redundant software and hardware.
* The Sunshine Coast has become a national leader for innovation in cyber security and was recently selected to host the new Critical Infrastructure – Information Sharing and Analysis Centre (CI-ISAC) – https://www.sunshinecoast.qld.gov.au/news/coast-is-now-home-to-national-body-to-combat-cyber-crime