The federal opposition has raised concerns with the lack of transparency from Commonwealth entities where cybersecurity is concerned.
During a hearing held by the Joint Committee on Public Accounts and Audit on Tuesday, representatives from the Australian National Audit Office (ANAO) were probed on the reasons why Commonwealth entities are continually performing low in audits of cybersecurity resilience.
Poking holes in the current reporting requirements, and highlighting a lack of accountability when Commonwealth entities come up short, Shadow Assistant Minister for Cyber Security Tim Watts said the cybersecurity of Commonwealth entities is poor, and that no one seems to be held accountable for it.
He said the entities in question are still being asked to “mark their own homework” with little external oversight.
ANAO was asked why the Protective Security Policy Framework is not mandatory for all Commonwealth entities, and why, given they’re called the Essential Eight, only the Top Four is looked at.
“It’s not uncommon within the Commonwealth public sector…
