Australia’s Cyber and Infrastructure Security Centre has issued a reminder that it is the final week of the reporting period for the Critical Infrastructure Risk Management Program (CIRMP) annual report for the 2023-24 Australian financial year.
The agency says that of August 31, 2024, it had received 53 annual reports from eight different sectors covering 137 assets. They expect an influx of submissions towards the end of September.
The energy and health sectors have provided most of the annual reports at this stage. Mandatory risk management program (RMP) annual report submissions by sector are as follows: energy (47%), health (19%), data storage or processing (15%), transport (7%), water (6%), communications (2%), financial (2%), and food and grocery (2%).
“The information we have received about security frameworks and cyber security frameworks that are in use by industry is helping to inform government’s understanding about frameworks in use by industry, and industry maturity against those frameworks,” a CISC statement reads. “Currently, the most used cyber security framework is the 2020-21 AESCSF Framework Core, followed by the Essential Eight Maturity…
