Region CanberraRegion IllawarraRegion Riverina
About RegionalPS NewsCape York WeeklyRegion 中文版This is Canberra
28 July 2025

Next-level cyber protection for critical government systems gets underway

| By Chris Johnson
Start the conversation
A cyber graphic flagging a data breach and cyber attack

New measures to help government agencies protect their systems against cyber attacks are rolling out this month. Image: iStock.

New steps are underway to add extra layers of security for private information held by a number of Federal Government agencies, in an effort to combat the rising incidence of cyber attacks.

The priority is to identify the systems most attractive to hackers and therefore more vulnerable to cyber attack attempts.

Several initiatives under the 2023-2030 Australian Cyber Security Strategy, and Commonwealth Cyber Security Uplift Plan, come into effect this month, including the release of the Systems of Government Significance (SoGS) Standard under the Protective Security Policy Framework.

It is the SoGS Standard where the government sees extensive gains can be made in boosting the cyber security of critical systems.

The SoGS Standard aims to deliver a prioritised list of the government’s critical digital functions and systems.

This will be based on the potential for significant consequences to Australia’s economic prosperity, social cohesion or national interest if disrupted.

Declared systems will have additional obligations placed upon them to mitigate risks and lift their cyber security capability.

READ ALSO Parliament gets down to business, targeting dodgy child care providers and a protesting senator

Cyber Security Minister Tony Burke announced the reforms to increase security for government systems, saying they were made necessary in the face of ever-increasing cyber threats and to protect Australia from malicious attacks.

“Australians are increasingly concerned about their digital safety, and the government is stepping up its commitment to keep people safe from cyber threats,” Mr Burke said.

“This program allows us to be more strategic about where we concentrate our efforts and resources into protecting our government’s most sensitive data.”

Through the strategy’s initiatives, all layers of government security are being strengthened and modernised.

The focus is to ensure government systems remain flexible, proactive and prepared to adapt to new challenges.

These measures seek to enhance the cyber security capability of Australian Government agencies to give them the tools required to defend against increasingly sophisticated and daring cyber threats.

Several entities across the federal bureaucracy participated in test cases and collaborated on the development of assessment criteria as part of the development of the SoGS Standard.

The test cases included the Australian Taxation Office (ATO), Australian Border Force (ABF), and the National Blood Authority.

Following the collection of information from these Commonwealth entities, an assessment process will finalise a register of Systems of Government Significance.

ATO chief information officer and chief security officer Mark Sawade said it was vital that the ATO took part in the test cases.

“The safety of taxpayers’ information is of the utmost importance to us and our participation in the pilot is crucial in ensuring that we continue to safeguard our systems and ways of working,” Mr Sawade said.

READ ALSO Complaints against financial institutions top 100,000 for the second year in a row

ABF Deputy Commissioner Tim Fitzgerald said the same applied to his agency.

“The ABF’s mission to protect and manage Australia’s border and ensure the safety and security of all Australians, including against cyber threats, underscored the importance of ABF’s involvement in the pilot for this regime,” he said.

The same goes for the National Blood Authority, which also took part in the pilot and gained insights from the perspective of a small agency with critical data systems.

“Our commitment to maintaining the security and safety of our systems guided the importance of our participation in the test cases run by the Department of Home Affairs,” chief executive officer John Cahill said.

“As a very small agency, the expertise shared enabled us to concentrate our efforts to mitigate cyber incidents.”

Other reforms that will enhance Australian Government cyber security include the 2025 release of the Protective Security Policy Framework, which features a focus on new and emerging technologies and ensures the policy settings are appropriate for the contemporary threat environment.

Also kicking in this month are changes to the Hosting Certification Framework to provide more flexibility and greater enforceability for the Federal Government dealing with key cloud and data centre providers.

Original Article published by Chris Johnson on Region Canberra.

Subscribe to PS News

Sign up now for all your free Public Sector and Defence news, delivered direct to your inbox.
By submitting your email address you are agreeing to Region Group's terms and conditions and privacy policy.

Start the conversation

What's Trending

News

NACC nabs first conviction over corrupt procurement manager

By Chris Johnson
News

The Water Cooler: Comings and goings in the public service

By Andrew McLaughlin
Start the conversation
Lifestyle

The 4WD that makes Toyota and Ford feel soft

By James Coleman
Start the conversation
News

Next-level cyber protection for critical government systems gets underway

By Chris Johnson
Start the conversation
News

Commonwealth urged to act now on office leases to unlock millions in savings

By Dione David
Start the conversation
News

Integrity Commission assisting police investigation into suspected embezzlement in public service

By Claire Fenwicke
Start the conversation

Related Stories

More sanctions imposed against Russians over Medibank Private cyber attack

More sanctions imposed against Russians over Medibank Private cyber attack

13 February 2025 | By Chris Johnson
Start the conversation
New cyber NGO targets capability building, security awareness

New cyber NGO targets capability building, security awareness

10 October 2024 | By Chris Johnson
Start the conversation
Signals Directorate launches cyber security campaign for charities and not-for-profits

Signals Directorate launches cyber security campaign for charities and not-for-profits

22 March 2024 | By Andrew McLaughlin
Start the conversation
Cyber sanctions powers used against Russian over Medibank Private hack

Cyber sanctions powers used against Russian over Medibank Private hack

24 January 2024 | By Chris Johnson
Start the conversation
SMEs a vital link as government gets down to business in bolstering cyber security

SMEs a vital link as government gets down to business in bolstering cyber security

8 July 2024 | By Chris Johnson
Start the conversation
The gaps that remain in our cyber security

The gaps that remain in our cyber security

18 March 2024 | By Gary Waters
Start the conversation
Compromised account complaints skyrocket at ATO

Compromised account complaints skyrocket at ATO

10 March 2025 | By Chris Johnson
Start the conversation
Lay of the Land, quishing, and non-profits – Cyber Threat Report reveals evolving cybercrime techniques

Lay of the Land, quishing, and non-profits – Cyber Threat Report reveals evolving cybercrime techniques

26 November 2024 | By Andrew McLaughlin
Start the conversation
New boss of the Australian Cyber Security Centre named

New boss of the Australian Cyber Security Centre named

13 January 2025 | By Chris Johnson
Start the conversation

Be among the first to get all the Public Sector and Defence news and views that matter.

Subscribe now and receive the latest news, delivered free to your inbox.

By submitting your email address you are agreeing to Region Group's terms and conditions and privacy policy.