Agencies and departments in the throes of machinery of government changes – and there are more than a few – have been declared a potential cyber weak spot by the Australian Cyber Security Centre, which wants more attention paid to how data and access privileges are transferred.
In a wake-up call to change makers across the public sector, Australia’s cyber security watchdog has warned that bureaucrats must pay better attention to holes that can open-up when IT security postures are blended because of “assumptions about the quality and completeness of security controls”.
“Adversaries target organisations undergoing major organisational change because they know the disruption makes it easier for social engineering attacks,” the ACSC’s new guide to mergers and MoGs cautions.
The guide is equally applicable to corporates merging.
“Staff inside an organisation undergoing major organisational change will need to quickly form effective relationships with a new set of colleagues, often while operating with significant uncertainty and time pressures,” the ACSC’s guide says.
It’s a legitimate fear, given the raft of highly sensitive shake-ups…
